At GRACE-full Running we respect your privacy and are committed to protecting it. We provide this Data Protection Policy to inform you of our privacy policy and practices including how information is collected online and how that information is used. 

For the purpose of the Data Protection Act 1998 (the Act), the data controller is GRACE-full Running, 2 Brookside Cottage, Baslow, Derbyshire, DE45 1SR

Information we may collect from you 

We may collect and process the following data about you: 

· Information that you provide by filling in forms on GRACE-full Running’s website: www.gracefullrunning.com. 

· If you contact us we may keep a record of that correspondence 

· Details of any actions or transactions you carry out through the site 

· Details of your visits to the site and the resources that you access

· We may ask you to complete surveys that we use for research purposes, although you do not have to respond to them 

- Payment card details are stored securely in your Stripe account. Only employed and background checked staff will have access to these details and will only use them to process payments for services tendered.

We will not collect any personal data about individuals, except where it is specifically and knowingly provided by them. Examples of such information are: 

· Your name 

· Your mobile telephone number 

· Your postal address 

· Your email address 

· Your health status 

The information collected will only be used to send you the information you have requested, for the purposes for which the information was sent and to provide information that may be useful to you. 

We may share non-personal aggregate statistics (group) data about our site visitors' traffic patterns with partners or other parties. However, we do not sell or share any information about individual users. 

IP Addresses and Cookies 

We may collect information about your computer, including where available your IP address, operating system and browser type, for administration and for internal business purposes. This is statistical data about our users’ browsing actions and patterns and does not identify any individual. 

For the same reason, we may obtain information about your general internet usage by using a Cookie file. Cookies are pieces of information that are stored on your computer's hard drive by your web browser. Cookies can make the web more useful by storing information about your preferences on particular sites, thus enabling website owners to provide more useful features for their users. Most browsers accept cookies automatically, but you can alter the settings of your browser to prevent automatic acceptance. If you choose not to receive cookies you may not be able to access or take full advantage of the website. We use cookies for two reasons: to help us track usage patterns in order to improve and manage the website; and to record preferences in order to personalise your visit. On revisiting this website our computer server will recognise the cookie, giving us information about your last visit. This does not recognise you as an individual, but only the computer that is being used to view the site. By using this website you consent to our use of Cookies.

 

Uses made of the Information 

 We use information held about you in the following ways: 

· To ensure that content from our site is presented in the most effective manner for you and for your computer. 

· To provide you with information, products or services that you request from us. 

· To carry out our obligations arising from any contracts entered into between you and us. 

· To allow you to participate in interactive features of our service, when you choose to do so. 

· To notify you about changes to our services or any relevant incidents that occur whilst using our services. 

 Your Rights 

 In addition to the company's own security safeguards, your personal data is protected in the UK by the Act, which GRACE-full Running fully complies with. This covers the storage and disclosure of any information you have provided, and the prevention of unauthorised access to such information. This provides amongst other things that the data we hold about you should be processed lawfully and fairly. It should be accurate, relevant and not excessive. The information should be kept up to date and not retained for longer than is necessary. It should be kept securely to prevent unauthorised access by other people. You have the right to see what is held about you and can correct any inaccuracies online or by contacting us. You may object to the processing of your data based on legitimate interests. You have a right to request we ‘block’ or suppress processing of your personal data. You may request to obtain and reuse your data. You have the right not to be subject to automated decision-making including profiling.

 Disclosure of your Information 

We may disclose your information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. 

We may disclose your information to third parties: 

 

Access to Information 

The Act gives individuals the right to access information held about them. Your right of access can be exercised under the Act. 

 Policy Changes 

 Any changes to our privacy policy will be posted on this page 

 

Security

 GRACE-full Running treats all the data held with the utmost care and security. Any details you give will remain completely confidential except to the extent that they are required to be disclosed by law, regulation or any governmental or competent regulatory authority. 

 Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. 

 Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. 

 All payment are processed through Stripe or Thinkific Payments. All payment details are securely stored in an online payment provider that has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. Only employed and background checked staff will have access to customers’ payment details and two factor authentication is required for all transactions. All customers will be informed of charges being made and any errors in payments will be immediately rectified. 

 

 Social media

We use social media to help promote our offerings. We seek approval prior to using images and tag people in the photos where appropriate. We immediately remove any pictures that have mistakenly been posted.

 

 Data Retention

 We keep your personal information only as long as is necessary for the purpose for which it was collected and to meet regulatory or legislative requirements. Personal information will be securely disposed of when it is no longer required. Customer are free to unsubscribe from any emails or websites at any time.

 

Cyber Security

 All devices used for the purpose of business are protected as follows:

Laptop: Up-to-date McAffee anti-virus software plus inbuilt Microsoft anti-virus protection

Mobile phone: McAffee anti-virus software and Google password protection

 Feedback and Complaints 

 If you have questions or comments about this Privacy Policy, please contact us at [email protected]