The OCA Privacy Notice & Cookies Policy

23rd October 2018

Here at The Osteopathic Centre for Animals (the OCA) we take your privacy seriously, and will only use your personal information to manage our relationship with you, to provide you with information and services you have requested from us.

This document covers:

The types of information we collect about you
How we collect and use it
Who we might share it with
The steps we`ll take to make sure it stays private and secure
Your rights regarding your information

More information

For more details about anything covered in this overview, please do contact us by phone or email.

Who we are

When we say "we", we mean the OCA, which is a registered company in England & Wales, company number 08937254, registered address Orchard House, Portway, Wantage, Oxfordshire, OX12 9BU, who is the "data controller" for the information in this overview.

The information we collect

We collect information about you from different places, including:

Directly from you.
From website cookies (see separate Cookie`s policy)

We will only collect your information in line with relevant regulations and laws, and this may relate to any of our services you ask us to provide, or any data we may have held in the past.

You are responsible for making sure you give us accurate and up-to-date information. If you provide information for another person, you`ll need to tell them how to find this Privacy Notice and make sure they agree to us using their information for the purposes set out within it.

Why we`ll keep your information

We will retain your details for three specific reasons:-

Where we legally have to keep your details: we have a legal obligation to keep invoice records for our business, to comply with HMRC tax and compliance requirements. This requires that we keep copies of invoices and receipts. We will only keep the details you see on any invoices we send you for these purposes, along with a record of transactions within our finance and accounting software.
For legitimate interests: this is where it will help us to identify you when you contact us again, or for us to contact you proactively, for example to let you know about a course follow-up or new course we`re offering. This data will include any phone numbers, email addresses and postal addresses you have provided us with.
For sending you email newsletters: where you have specifically signed-up to one or more of our newsletters, usually via MailChimp, for us to contact you proactively with news and information which you`ve requested.

How we`ll use your information

We`ll use it to provide any information and services you`ve requested, including to send you any email newsletters you`ve specifically requested, and to contact you on occasion about any specific new service which we feel you would directly benefit from.

We`ll only use your information where we`re allowed to by law e.g. carrying out an agreement we have with you, fulfilling a legal obligation, because we have a legitimate business interest or where you specifically agree to it.

Who we can share your information with

We will never share your information with other companies or individuals without your permission to do so. However we will share your information where we have a legal obligation to do so e.g. with the police and other legal authorities, or with HMRC where we have a legal compliance obligation to do so, and with any legal regulatory or insurance provider should the need arise.

When you sign up for a training course which is validated by The University College of Osteopathy (The UCO), with your agreement we will share your contact details with them to initiate your relationship with them. Any information which you then provide to them is covered by The UCO`s own Privacy Policies, which are available on their website (The UCO website).

How long we`ll keep your information

We`ll keep your information until you ask us to remove it, for the purposes of communicating with you. This enables us to provide you with better response and support, and/or post-training support, should this be required. You can of course request us to remove your data from our systems at any time, with the exclusion of data which we are required to keep for legal purposes (e.g. invoices, receipts etc. for HMRC regulatory purposes.) You will also need to request removal of your data from The UCO`s records by contacting them directly, as we do not have direct control of the data they store.

How we`ll store your information

The information we keep may be stored initially on paper when it is captured from you, but is then transfered onto industry-leading 3rd party cloud-based storage and systems, all of which comply with ISO27001 or similar security standards. Your information will never be shared with any company other than as part of storing our data for us in the most secure and safe manner, with the exception The UCO (see "Who we can share your information with" section). We will never share or sell your data to any other company, for any other purpose, including for marketing.

We may also keep local copies of your information on local devices (phone, laptop, computer etc.) All of these are secured with complex password and/or biometric authentication systems, as provided by Microsoft Windows, Apple OS, or Apple iOS.

The only rare exception to the above is where we`ve specifically gained your permission to do so, for a specific purpose, or have a legal obligation to share your details.

Transferring your information overseas

Your information will never be directly transferred overseas, however it may potentially be stored on third-party servers which are hosted in overseas territories, over which we do not have direct control. These third-party companies will always hold ISO27001, CyberEssentials or other leading industry security certifications for their systems and processes, to ensure appropriate security for your data.

Your rights

You have a number of rights relating to your information e.g. to see what we hold, to ask us to share it with another party, ask us to update incorrect or incomplete details, to object to or restrict processing of it, to make a complaint etc.

Should you wish us to remove any of your information, or have any other issues, simply contact us by phone, email or post and we will be happy to remove them (other than where we have a legal obligation to keep them) within 30 working days, and we`ll confirm with you directly once it`s been done, and provide details of any data we have a legal obligation to keep. If you have a concern about how we are handling your information, please do contact us in the first instance. You also have the right to raise your concerns with the Information Commissioners Office (ICO), by following their procedures, which can be found at www.ico.org.uk.

Changes to our Privacy Notice

We keep our privacy notice under regular review and we will place any updates on this web page. This privacy notice was last updated on 23rd October 2018.