Skip to content Skip to footer
Mobile massage near you | Blissful Serenity

Privacy Policy

Close
1. Introduction 

Respecting and maintaining the privacy of our clients using our website and our premises is of primary importance to us. We will only collect data about you to maintain our obligations and your rights under the Law.

This Privacy Policy explains how we, Blissful Serenity (website url address: https://mobilemassagenearyou.com) protect the privacy of personal information

We are a UK based business operating as a sole trader, providing massage therapies to help you to relax and unwind. Please read this Privacy Policy, providing consent to the document in order to have permission to use our services.

We have tried to make this Privacy Policy as easy to read as possible. After all, it is your information and you deserve to know what we do to protect it, and all the rights you have. If there is anything you are not sure of though, please contact us at massage@mobilemassagenearyou.com, and we will be happy to answer any questions you may have.

Richard Hodgson t/a Blissful Serenity is the data controller and is responsible for your personal data in this privacy notice.

Our full details are:

Full name of legal entity: Richard Hodgson t/a Blissful Serenity

Telephone number: +44 7786 965631

This privacy policy may change as the law changes, or we change web host or the systems required to operate our business and website. You will be notified if any significant changes have to be implemented that might affect the data we collect and the manner in which we will use it. 

Last updated: 6 September, 2024

2. Definitions 

We use a number of different terms in this policy. To make sure it’s clear what we are talking about, here are some definitions:

  • Personal Data means data about a living individual that allows them to be identified from that data. It may be provided directly by a user or indirectly by a user about their client (for example, a therapist entering data about their patient). 
  • Usage Data is data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
  • Cookies are small pieces of data stored on a User’s device.
  • Data Processor means the person or entity that processes data on behalf of a data controller. According to GDPR and for the purposes of this policy, Simply Book Me, our booking system provider, is considered to be a data processor.
  • Data Controller means a person or entity who determines the purposes for which, and the manner in which, any personal data is, or are to be processed. We will store personal data about our clients in our Simply Book Me. 
  • Sub Processors (or Service Providers) means a person or entity who processes the data on behalf of the Data Controller. We may use various Service Providers in order to process data more effectively.
  • User (also referred to as our Customer) is the individual using our Service either directly or indirectly. The User is also referred to as the Data Subject and is any individual who can be identified via the Personal Data.
3. Data Collected
Data Storage Location

Our website is hosted at hostinger.co.uk, a company operating their services across 10 data centres, located around the globe. All personal data is processed by them in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”). For more information on their privacy policy, please contact them at gdpr@hostinger.com

Registration Data

If you register on our website booking page to create your own account with us, to book massage therapy sessions, we store your email address and any additional personal information added to your user profile. You can see, or request to have your personal information deleted at any time. Our website administrators can also see and edit this information.

Personal data

This can include sensitive information such as health records, and may include, but is not limited to: name, email address, telephone numbers,
address, credit card details (if retained for future purchases, at your request), personal preferences, condition and treatment details.

We collect data about you through a variety of different methods including:

Direct interactions: Client data is collected when completing forms on our site; or when communicating with us by Whatsapp, phone calls and email.

This will include activities such as:

  • Booking a services or purchasing product.
  • Creating an account on our website.
  • Subscribing to our newsletter or signing up to marketing promotions.
Testimonials/reviews

On some occasions anonymised personal data will be retained when a client has provided a testimonial for use on the organisation’s website. When data is non-identifiable GDPR law is no longer applicable.

Technical Data

We collect this data by using cookies, server logs and similar technologies.

Technical Data may include your login data, internet protocol address, browser type and version, browser plug-in types and versions, time zone setting and location, operating system and platform on all the devices you use to access this site. We process this data to analyse your use of our website and other online services, to administer and protect our business and website, to deliver relevant website content and advertisements to you and to understand the effectiveness of our advertising.

Marketing data

Marketing Data may include your preferences in receiving marketing communications from us and our third parties and your communication preferences. We process this data to enable you to take part in our promotions such as free resources and competitions, to deliver relevant website and social media content to you and to measure and understand the effectiveness of our advertising. This information helps us to measure and understand how customers are using our products/services, to develop them and to grow our business through effective marketing.

Comments

When you leave comments on the website we collect the data shown in the comments form, and also the IP address and browser user agent string to help to detect spam.

Contact Forms

Information submitted through our  contact forms on our website and booking portal are sent to our company email, hosted by Hostinger.co.uk.

These submissions are used for both customer service and marketing purposes. The client will have to confirm they accept this, before submitting their message.

4. How do we use your Personal Data

We use your personal information in the following cases:

  • Verification/identification of the user during website usage;

  • To manage and follow up on your bookings

  • Providing healthcare by maintaining client history records;
  • Sending updates to our users with important information to inform them about news/changes;
  • Checking the accounts’ activity in order to prevent fraudulent transactions and ensure the security over our customers’ personal information;
  • Customize the website to make your experience more personal and engaging;
  • To guarantee overall performance and administrative functions run smoothly.
5. Google Analytics

We use Google Analytics on our site for anonymous reporting of site usage so, no personalised data is stored. Google Analytics privacy policy.

If you would like to opt-out of Google Analytics monitoring your behaviour on our website please use this link: Google Analytics Opt-out.

6. Embedded Content

Pages on this site may include embedded content, like YouTube videos, for example. Embedded content from other websites behaves in the exact same way as if you visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content.

Youtube

We use YouTube videos embedded on our site. YouTube has its own cookie and privacy policies over which we have no control. There is no installation of cookies from YouTube and your IP is not sent to a YouTube server until you consent to it.

7. Cookies

This site uses cookies – small text files that are placed on your device to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. Cookies generally exist to make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the help section of your browser.

Necessary Cookies (all site visitors)
  • cfduid: Is used for our CDN CloudFlare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. See more information on privacy here: CloudFlare Privacy Policy.
  • PHPSESSID: To identify your unique session on the website.
Necessary Cookies (Additional for Logged in Customers)
  • wordpress_test_cookie Used by WordPress to ensure cookies are working correctly.

There will be a pop up message stating that this website makes use of cookies. You can either accept this or refuse, in which case, some parts of this website may become inaccessible or not function properly.

8. Who Has Access To Your Data

If you are not a registered client for our site, there is no personal information we can retain or view regarding yourself.

If you are a client with a registered account, your personal information can be accessed by:

  • Our system administrators.
  • Our supporters at Simply Book Me, when they (in order to provide support) need to get information about our client account and access.
9. Third Party Access to Your Data

We don’t share your data with third-parties in a way as to reveal any of your personal information like email, name, etc. The only exceptions to that rule are for partners we have to share limited data with in order to provide the services you expect from us. Please see below:

Stripe

For the purpose of validating and getting your purchase information required to process payment for our massage therapy sessions, using their API to register your validated support data. 

Stripe is a payment gateway which enables us to take payment from all leading credit and debit cards. It adheres to the standards set by PCI-DSS, as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our website and its service providers.

MailerLite

MailerLite provides the email marketing platform we use to handle marketing communications. The data they receive is limited to the data you explicitly provide and consent to being sent, using an opt-in facility.

MailerLite typically records the email address, IP address and timestamp associated with every subscriber or contact who completes and submits the form.

Their data storage centre is located in the European Union and has an information storage security certificate (ISO 27001).

MailerLite has incorporated all the necessary controls and procedures for personal data processing security required by GDPR into their systems.

10. How Long Do We Retain Your Data

When you register on our booking portal, the metadata is retained until you decide to tell us to remove it. We use this data so that we can process and approve your bookings and to send automatic reminders.

If you register on our website, we also store the personal information you provide in your user profile. You can see, edit, or request we delete your personal information at any time by issuing a “subject access request” (SAR), a written request sent to our email address shown at the top of this page.

We will respond to this request within 14 days. Website administrators can also see and edit that information.

Under the General Data Protection and Retention (2018) legislation, regarding how your personal data is processed, all individuals have;

  • the right to be informed;
  • the right of access;
  • the right to rectification;
  • the right to erasure;
  • the right to restrict processing;
  • the right to data portability;
  • the right to object.

We typically hold data for the following time periods:

Contact form entries for six months, analytics records for 2 years;  and customer bookings and health information records for six years.

In the meantime you can ask us, or third parties, to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you; or by emailing us at massage@mobilemassagenearyou.com  at any time.

11. Security Measures

We use the SSL/HTTPS protocol throughout our site. This encrypts our user communications with the servers so that personally identifiable information is not captured/hijacked by third parties without authorisation.

All computers, software applications, website back end and emails are password protected with anti-virus protection plus firewalls utilised to protect your data.

In case of a data breach, system administrators will immediately take all necessary steps to ensure system integrity, contact affected users and will attempt to reset passwords, if required.

12. Third Party Websites

Links may be posted to third party websites on this website. These third party websites are not screened for privacy or security compliance so you release us from any liability for the conduct of these third party websites.

All social media sharing links, either displayed as text links or social media icons do not connect you to any of the associated third parties unless you explicitly click on them.

Please be aware that this Privacy Policy, and any other policies in place, in addition to any amendments, does not create rights enforceable by third parties or require disclosure of any personal information relating to members of the Service or Site. Blissful Serenity bears no responsibility for the information collected or used by any advertiser or third party website. Please review the privacy policy and terms of service for each site you visit through third party links.

13. Data Breach

All personal and sensitive data held by Blissful Serenity is held securely. Electronic data is stored on a password protected computer and password protected mobile phone with thumbnail recognition. This supports the ability to retrieve data in the event of faults. Hardcopy data is scanned and filed electronically before being shredded.

In the case of a data breach we shall comply with the regulations set out under Article 33 of the GDPR – Reporting a Data Breach

14. Release of Your Data for Legal Purposes

At times it may become necessary or desirable to Blissful Serenity, for legal purposes, to release your information in response to a request from a government agency or a private litigant. You agree that we may disclose your information to a third party where we believe, in good faith, that it is desirable to do so for the purposes of a civil action, criminal investigation, or other legal matter.

In the event that we receive a subpoena affecting your privacy, we may elect to notify you to give you an opportunity to file a motion to quash the subpoena, or we may attempt to quash it ourselves, but we are not obligated to do either. We may also proactively report you, and release your information to, third parties where we believe that it is prudent to do so for legal reasons, such as our belief that you have engaged in fraudulent activities. You release us from any damages that may arise from or relate to the release of your information to a request from law enforcement agencies or private litigants.

Any passing on of personal data for legal purposes will only be done in compliance with laws of the country you reside in.

15. Resources

Further information: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/

ICO reg no.

Schedule your annual appointment NEW ➠ SUNDAY OFFICE HOURS Are “smart” glasses right for your child?

10% off your first massage with us