Introduction
Welcome to Watoto Play Limited’s (“Our Company”) privacy policy. We know that you do care on how information about you is used and shared.
Our Company is wholly committed to protecting and respecting the privacy of all our therapists, clients, customers, partners and the end users of our services and website.
Our Company’s privacy policy will inform you how we collect, use, maintain and disclose information collected from users of our website – mycctoolkit.com (“Our Website”).
Important information about our policies
This privacy policy aims to give you information on how Our Company collects and processes your personal data through your use of Our Website, including any data you may provide (about yourself of a third party) through Our Website when you sign up as a wp-signup.phped user.
This privacy policy together with:
and any other documents referred to in the Terms of Service and/or the Terms of Use Policy sets out the basis on which any personal data Our Company collects from you, or that you provide to Our Company, whether through Our Website or when you use our Services will be processed by us.
It is necessary that you read our privacy policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data. This is so that you are fully aware of how and why we are using your data. Our privacy policy supplements other notices and privacy policies and is not intended to override them.
Children’s Privacy
This site is not intended for minors and we do not knowingly collect or solicit personal information from anyone under the age of 13. Therapist members of Our Website may submit information of children, subject to the conditions described below.
Changes to the privacy policy, and your duty to inform us of changes
We keep our privacy policy under regular review. We reserve the right to make changes to our privacy policy from time to time to acknowledge:
Accordingly, we suggest that you regularly check this page to ensure that you continue to be comfortable with the measures that we are taking to protect your privacy.
This policy was last updated on 20th January 2022.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Our Company as controller
Except as described below in this privacy policy, Our Company will be the controller and responsible for your personal data. Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
As controller, Our Company determines the purposes for which and the manner in your personal data is, or is to be, processed.
In this policy we describe the types of processing we may undertake with respect to your personal data.
The kind of information we may hold
As controller, we do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
We may also hold personal data submitted by our customers of their clients (“Client Data”). We will hold this Client Data as processor, and the relevant customer will be
the controller. The terms applicable to Client Data are described below in the section, The Customer as Data Controller, the Company as Data Processor.
How is your personal data collected?
We use different methods to collect data from and about you including through:
How we will use personal data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by email.
Promotional offers from us
We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).
You will receive marketing communications from us if you have requested information from us or purchased services from us and you have not opted out of receiving that marketing.
Third-party marketing
As a general rule we do not share your personal data with any third party for marketing purposes. However if we do in the future we will get your express opt-in consent before we share your personal data with any third party for marketing purposes.
Opting out: You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you.
Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of service purchase or other transaction.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Disclosures of your personal data
We may share your personal data with the parties set out below for the purposes set out in the table above.
· service providers acting as processors based provide IT, hosting and system administration services;
· professional advisers including lawyers, bankers, auditors and insurers based in who provide consultancy, banking, legal, insurance and accounting service;
· HM Revenue & Customs, regulators and other authorities who require reporting of processing activities in certain circumstances;
· Payment service providers, including Stripe (https://stripe.com/);
· Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy;
· Other third parties:
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use
your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Where the Company will store personal data
We may hold personal information in electronic databases, such as our customer relationship management system. We take all reasonable steps to keep any personal information we hold about you (and any Client Data you submit) secure. All information which is provided to, or collected by, Our Company is:
Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. Your data is encrypted on our servers during transit and at rest.
Passwords and Security
Where we have given you (or where you have chosen) a password which enables you to access your account, you are responsible for keeping this password confidential. Our Company asks you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although the Company will do its best to protect your personal data, the Company cannot guarantee the security of your data transmitted via Our Website; any transmission is at your own risk.
Once Our Company has received your information, Our Company will use strict procedures and security features to try to prevent unauthorised access.
Security Best Practices
To assist with the security of your personal data you should:
How long Our Company will use personal data?
Our Company will retain your personal data for:
We may retain Customer Data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
Your rights as a data subject
Under certain circumstances, if you are an individual in respect of whom Our Company processes Personal Data, you have the following rights. Please note that this is a summary of your rights. If you wish to understand your rights in detail you should read the relevant laws of your country, guidance and regulations for a fuller explanation.
You have the right to:
No fee usually required: You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
What we may need from you: We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond: We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Withdrawal of consent
In any cases where the legal basis for our processing of your Personal Data is consent, you have the right to withdraw that consent at any time. Such withdrawal will not affect the lawfulness of any processing before you withdraw consent.
If you fail to provide personal information
If you, the Customer, fail to provide certain information when requested, Our Company may not be able to perform the Services and any contract we have entered into with you or we may be prevented from complying with our legal obligations. In which case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
Third Party Links
The Website may, from time to time, contain links to and from the websites, plug-ins and applications of our partner networks, advertisers and affiliates. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. Please note that we do not control these third-party websites, which may have their own privacy policies, and that we are not responsible for their privacy statements.
When you leave Our Website, we encourage you to read the policy statement of every website you visit.
You are the controller of Client Data
Where you input Client Data to Our Website, which may be collected, stored and processed as a result of your use of the services, you will be the controller of the Client Data. Our Company will be a processor only. In cases where you are collecting, storing and processing Patient or client Data you will determine the purposes for which and the manner in which that Client Data is, or is to be processed.
You will also be responsible for:
Your Client Data is to be distinguished from Customer Data which Our Company has collected from you (our Customer). For example, you may have agreed to our collection, use, transfer and storage of Customer Data (including data of your staff) for Our Company’s own business purposes including administration of contractual arrangements, sales and marketing.
Conditions for Processing
You will ensure that you have all necessary appropriate consents and notices in place to enable lawful transfer of the Client Data to Our Company and/or lawful collection of the Client Data by Our Company on your behalf for the duration and purposes of the services we provide to you.
Our Company shall, in relation to any Client Data processed in connection with the performance by Our Company of the services we provide to you:
Applicable Laws with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;
You acknowledge that Our Company uses various third-party suppliers to provide functionality within Our Website for your optional use to deliver and send text and email messages. You accept that such use will be in accordance with the third-party suppliers’ terms and conditions and their respective privacy policies.
You will ensure that you have obtained consent from any individual, or other authority, to share that individual’s Client’s Data via these communications.
Our Company confirms that it will notify you if it proposes to enter into any agreements with any third-party processor. In such cases, a written agreement with the third party processor will be entered into incorporating terms which are substantially similar to those set out in this privacy policy for processing by that third party.
You hereby consent to the following third party processors processing Client Data as part of our service.
At any time on not less than 28 days’ notice, Our Company may revise this part of the privacy policy by replacing it with any applicable controller to processor standard clauses or similar terms forming part of an applicable certification scheme (which shall apply when this policy is updated).
Our Company is not liable in respect of any Client Data which is controlled by you in breach of the Applicable Laws or outside the scope of the permissions granted to you by your client.
Client Data
Client Data, which may be personal data you enter and save into Our Website about your clients when using Our Website and our services. It may also be personal data your client enters and save’s directly into a Client Account. The personal data entered may include, but is not limited to:
and other information necessary for the operation of our services and/or Our Website.
This Client Data may be supplied by you when you:
This Client Data may be processed by us for the purposes of:
Our Processing of Client Data
The legal basis for this processing is:
We will assist you in any audit of our processing of Client Data, on your reasonable written notice and at reasonable times.
Duration of Processing
Where we are the processor, Our Company will only process Client Data in accordance with the conditions for processing set out in this policy.
We shall only process Client Data while our contract with you is continuing and shall cease such processing:
Following completion of the services we may retain the Client Data for a maximum period of 45 days from the date the Services end, unless you instruct us otherwise.
Contact
Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to [email protected].
If you have any questions or have a complaint about this privacy policy please let us know us immediately.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).
We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance at: [email protected]
My CC Toolkit © Owned by Watoto Play Ltd. U.K Reg. No: 13150637
There was a problem reporting this post.
Please confirm you want to block this member.
You will no longer be able to:
Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.