Privacy Policy
Privacy Policy
Your privacy is paramount to us at WellBe Link, a part of The Innovess Group CIC. We are dedicated to ensuring the confidentiality, security, and responsible handling of your personal information. This Privacy Policy outlines our commitment to safeguarding your data and explains how we collect, use, and protect your information. Please read this policy carefully to understand how we handle your data.
​
1. Information Controller
WellBe Link is registered as a data controller with the Information Commissioner’s Office (ICO) under registration number CSN9091101. We adhere to the UK’s data protection legislation, including the General Data Protection Regulation (GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications (EC Directive) Regulations 2003.
2. How We Collect and Use Your Information
We collect and process personal information to deliver and support our services. This information is used for purposes including, but not limited to:
​
-
Facilitating therapy sessions and training bookings.
-
Communicating appointment times and updates.
-
Providing service-related resources, updates, and training opportunities.
-
Sending helpful resources and guidance.
-
Sharing news, announcements, and events related to your service experience.
Our legal basis for processing personal data is to fulfil contractual obligations or to pursue legitimate interests, ensuring we provide the best service possible.
​
3. Information We Collect
When you engage with WellBe Link, whether for therapy or training, we may collect the following personal information:
-
Contact information: Name, email address, phone number, and address (if required for course materials).
-
Therapy information: Information disclosed during sessions and your personal details form, including name, date of birth, GP contact details, and other essential details.
-
Training information: Data required for training course administration, such as course attendance and progress.
This data is only used for the purposes stated and will never be sold or shared with third parties for sales, marketing, or research.
4. How We Protect Your Data
We use industry-standard security protocols to protect your data. Our security measures include:
-
Encryption of sensitive data.
-
Password-protected email accounts, phones, and laptops.
-
Restricted access to physical and digital records, accessible only by authorized personnel.
-
Antivirus software on devices used to process personal data.
​​
5. Systems We Use
To manage our services, we use secure, third-party systems, all of which are GDPR-compliant:
-
Zanda: A cloud-based client management and service delivery system.
-
Mental Health First Aid England Course Management System: Used to facilitate the delivery and administration of MHFA training courses.
-
Mailchimp: Used to send newsletters, updates, and resources.
-
Gmail: Used for communication purposes in a secure and password-protected environment.
​​
6. How We Share Your Data
In limited circumstances, we may share personal data to fulfil our services and comply with legal obligations. Examples include:
-
Associates and Contractors: We work with qualified associates who are required to have an up-to-date DBS check and adhere to GDPR guidelines.
-
Accountants and Auditors: In specific cases, financial data (such as invoices) may be shared for auditing purposes.
We do not sell your information or share it with third parties for marketing purposes.
​
7. Data Retention
-
Therapy clients: Therapy notes are retained for seven years after therapy ends. These notes are anonymized and securely stored. Your personal details form is destroyed once your therapy concludes.
-
Training clients: Training records may be retained for reporting and regulatory purposes, as required by accrediting bodies or industry standards.
​​
8. Your Rights
Under GDPR, you have the following rights regarding your data:
-
Access: Request a copy of the personal information we hold about you.
-
Correction: Request correction of any inaccurate or incomplete data.
-
Deletion: Request that we delete your personal data in certain circumstances.
-
Restriction: Request that we limit how we process your data.
-
Objection: Object to the processing of your data where we rely on legitimate interests.
To exercise your rights, email admin@wellbelink.co.uk. For further information on your rights, visit www.ico.org.uk/your-data-matters.
​
9. Communications and Marketing
We may send you updates and resources to support the services you have engaged with. This includes:
-
Information about your service.
-
Training updates and opportunities.
-
Helpful resources and guidance.
-
News, announcements, and events related to your service experience.
You can opt-out at any time by clicking the "unsubscribe" link in our emails or by contacting admin@wellbelink.co.uk.
​
10. Website Visitors
By accessing our website, you agree to the collection and use of information as outlined in this policy. Our website uses cookies to improve your browsing experience. We also use Google Analytics to track visitor behaviour, but no personal information is collected through analytics.
​
11. Complaints and Queries
If you have concerns about how we handle your data, contact us at admin@wellbelink.co.uk. You also have the right to file a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk.
​
12. Changes to Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes. The most recent update will always be available on our website.
​
Last Updated: 20/12/2024