When you trust us with your personal data, we take our responsibility to protect it very seriously. We respect privacy, and your rights to control your personal data. With that in mind, we want to be clear about the data we collect and why.
The prime purpose of collecting your data is to provide you with services ("Services") offered by our website ("Site"), whether that's using our Site to find information, to contact a professional, to advertise your business, or for some other reason. No matter how you use our Site, our aim is to allow you to interact with it as effortlessly as possible.
We do not and will not sell your data to third parties.
Please read this Privacy Notice carefully to understand our views and practices regarding your personal data, and make sure you understand it. Your acceptance of our Privacy Notice is deemed to occur upon your first use of our Site, so if you do not accept and agree with it you must stop using our Site immediately.
Please be aware that our Site and Services may contain links to third party websites that are not covered by this Privacy Notice. Similarly, when you correspond with a Hypnotherapist displayed on our Site, our Privacy Notice will not cover your interactions with them. With that in mind, we ask you to review the privacy statements of other websites and applications, and/or to request this information from the hypnotherapist(s) you choose to contact, to make sure you understand their information practices.
Where we have described any example scenarios, these are provided for reference only and are not exhaustive. Where we refer to "hypnotherapists", this terminology is intended to encompass all of the professionals displayed on our Site regardless of the specific therapeutic approaches or modalities they may actually practise.
On this page
- 1. Who "we" are
- 2. The Site
- 3. The types of personal information we collect
- 4. Cookies
- 5. What do we do with information we collect about you and why
- 6. Where we store your data
- 7. Disclosing your information
- 8. Retaining your personal information
- 9. Your rights
- 10. Links to other sites
- 11. Changes
- 12. How to contact us about this privacy notice
- 13. Complaints
Under the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regards to the processing of personal data and on the free movement of such data - known as General Data Protection Regulation (GDPR) - we need to provide you with certain information about us as a 'data controller'.
We are Memiah Limited ("Memiah", "we", "us" or "our") and you will know us by our brand names:
Life Coach Directory
We're registered in the United Kingdom under company number 05489185, and our registered office and main trading address is situated at Building 3, Riverside Way, Camberley, Surrey GU15 3YL.
Our Data Compliance Manager is Steve White, and they can be contacted at email@example.com.
We are registered with the ICO under registration number Z2071820.
We take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of our users throughout their visiting experience.
When you use or contact our Site, you do so at your own discretion and provide any personal details requested at your own risk. Your personal information is kept private and stored securely until it is no longer required or has no use, as detailed below. Every effort has been made to ensure a safe and secure form to email submission process but we advise users using our forms that you do so at your own risk.
As the party responsible for data processing we ensure that the processed data:
- is processed in accordance with the applicable privacy regulations; and
- is sufficiently protected to not be exposed to persons who should have no access to it by taking technical, contractual and organisational safety measures.
We may collect and process the following data about you:
Information you give us. We collect information you voluntarily provide to us by filling in forms on our Site https://www.hypnotherapy-directory.org.uk (our "Site" or "directory"), by corresponding with us by phone, e-mail, live-chat services, or in other ways. This includes information you provide to us when you contact professionals listed on our Site, subscribe to our Services, or when you report a problem with our Site. The information you give us may include your name, address, e-mail address and phone number. If you are a hypnotherapist applying for membership to our directory, you may also provide us with information such as financial and credit card information, qualifications, insurance, professional body documents, personal description and photograph. Where we take any financial payments from you, these will be done securely and in accordance with industry standards.
Contacting professionals on our site
When you contact a hypnotherapist displayed on our site, you are in control of how much and what type of information you choose to provide to us. Although we only require initial contact information from you, we accept that you may choose to provide us with further information for the benefit of your hypnotherapist which may fall under the classification for sensitive personal information.
Under GDPR explicit consent is required if you ask us to process Special Categories of Personal Data (previously called ‘sensitive personal data') for you, such as information about your mental or physical health, your sexual life or orientation, or your religious or philosophical beliefs. By filling out and using the forms on our Site to contact a hypnotherapist, you agree to us processing your information and providing a copy of it to the hypnotherapist you have selected.
We will not be held responsible for the type or nature of information that you have voluntarily disclosed using the contact methods provided on our Site; however, to ensure that we comply with the requirements of GDPR, we will obtain your explicit consent before we use any such data by asking you to tick a box on the contact form before submitting it. This will mean that you explicitly affirm your agreement to us in collecting and using this information for your benefit.
Information we collect automatically. Whenever you visit our Site we may automatically collect the following information about you:
- technical information. We may, for example, collect information about the type of device you use to access our websites, the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this Site;
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Site (including date and time); pages you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our membership services number.
Information we receive from other sources. We may receive information about you if you use any of the other websites we operate or the other services we provide - for example, if you subscribe to Happiful.com or use the Happiful mobile app, we may receive information about related Hypnotherapy Directory content that you've viewed. If you're a hypnotherapist applying to join Hypnotherapy Directory we may, for example, proactively obtain information about you from any professional body website(s) that you're registered with to help us approve your application more quickly.
Under GDPR we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights. We will only process your personal data if at least one of the following basis applies:
a) you have given consent to the processing of your personal data for one or more specific purposes - for example, by signing up to receive our happiful magazine.
b) processing is necessary for the performance of a contract to which you are a party, or in order to take steps at the request of you prior to entering into a contract - for example, if you apply or start to apply to join our Site as a member.
c) processing is necessary for compliance with a legal obligation to which we are subject;
d) processing is necessary to protect the vital interests of you or of another natural person;
e) processing is in our legitimate interests or those of a third party such as our credit card payment processing, unless these interests are overridden by the fundamental rights and freedoms of the data subject (this will normally be you). For example, we rely on our legitimate interest basis to analyse and improve our Services and the content on our websites and apps, to send you information about our services, and offer you suggestions about similar products and services that might interest you. We can use your personal information in this way because it is in our legitimate interests to provide you with relevant information when appropriate, so that we may look at ways of establishing and extending our relationship with you.
If we receive personal information from another user in the course of providing our Services to you, we expect you to have complete responsibility for making sure that the contents of this Privacy Notice are brought to their attention and you have obtained their consent in the process.
In some instances, it may be appropriate for us to combine your information with other information that we may be holding about you - such as combining your name with your geographic location or your history with us.
If you fail to provide personal data
If you choose not to provide the personal information we request, you can still visit most areas of the Site but you may be unable to access certain options and services. You have the final decision on whether to proceed with any activity that requests personal information.
In some cases, the collection of personal data may be a statutory or contractual requirement, and we will be limited in the services we can provide you if you don't provide your personal data - for example, if you do not provide us with your personal data, you will not be able to apply for or maintain membership of Hypnotherapy Directory. We will let you know how this will affect you at the time.
We use your personal information in order to provide you with the products and services we offer. Here are some examples of some of the ways we may use your data:
Example 1 - Using our Site to contact a hypnotherapist
If you use our Site to contact a hypnotherapist, we only use the personal information you enter into the contact form to produce an email which is sent to the hypnotherapist you've selected. In this scenario, we will not store your data any longer than needed to complete this process, and we will not use it for any future purposes. You will be sent a single email receipt to confirm that your enquiry has been sent and giving you the option to subscribe to our magazine, but this will not be stored on our systems. Our servers record the IP addresses of visitors to our web pages for a short period to enable us to monitor the performance of our websites, but we will generally delete this data as we do not retain it any longer than necessary. We may also store IP addresses in certain database fields to record certain actions.
Example 2 - Signing up to our Site as a professional member
If you are a hypnotherapist applying to join the directory, an existing member of the directory, or if you sign up for Site updates, we will use your personal information to administer the service you've signed up for and to communicate with you - for example, informing you about your account, new services available, security and other types of updates. Likewise, if you correspond with us e.g. by filling out a feedback or form on our Contact Us page, or contacting us via email, telephone or using our Live Chat service, we may use this information to improve our service or to communicate with you as outlined above.
Example 3 - Signing up to Happiful magazine
If you wish to sign up to receive our Happiful magazine (either the free e-magazine or paid printed version), we will use your details to communicate with you when a new magazine is released, and to keep you informed about other news and services that may be of interest to you. We won't pass your details on to any third parties other than where necessary for the delivery of the magazine. We will give you the option to adjust your email preferences or to unsubscribe.
This is a summary of the ways that we may use your personal information. Depending on the way that you use our Site - for example, if you use our Site to email a hypnotherapist as described in Example 1 above - some of these may not apply:
- To present Site content as in the most effective manner for you and your device(s).
- To provide information, products and services that you request, or which we think may interest you.
- To carry out our contracts with you - for instance, if you apply to join our Site, or if you use our contact forms.
- To allow you to use our interactive services if you want to.
- To enable you to subscribe to our Services or publications.
- To tell you about changes to our Services.
- To tell you about other goods and services that might interest you.
- To administer our Site and for internal operations like trouble shooting, data analysis, testing, research, statistical and survey purposes.
- As part of our efforts to keep our Site safe and secure.
- For our legal records, e.g. we have to retain accounting records for at least 6 years.
- For dispute resolution.
- To give us feedback.
If you are already our customer, we will only contact you electronically about things similar to what was previously sold to you. If you are a new customer, you will only be contacted if you agree to it. If you want to be contacted for marketing purposes, please tick the relevant box that you will find on screen when we collect your data.
Generally we do not rely on consent as a legal basis for processing your personal data other than in relation to our marketing communications or sending third party direct marketing communications to you via email or text message. If you don't want us to use your personal data for any of the other reasons set out in this section, you can let us know at any time by contacting us at firstname.lastname@example.org and we will delete your data from our systems. However, you acknowledge this will limit our ability to provide the best possible service to you, and some parts of our service may not be accessible to you as a result.
As already indicated above, with your permission and/or where permitted by law, we may also use your data for marketing purposes which may lead to us contacting you by email and/or telephone with information, news and offers on our Services. We agree that we will not do anything that we have not agreed to under this Privacy Notice, and we will not send you any unsolicited marketing or spam. We will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, as amended in 2004, 2011 and 2015.
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. These staff may be engaged in, among other things, the processing of your payment details and the provision of support services like email communications.
By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Notice. Where such processing takes place, appropriate controls, such as the adoption of agreements containing appropriate standard clauses, are in place to ensure that your information is protected to the same standard as if it were in the UK. We will do what we reasonably can to keep your data secure, and up to date and in accordance with this Privacy Notice.
Data security is of great importance to us, and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected through our Site. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share passwords with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will always do our best to protect your personal data as outlined in this Privacy Notice, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk.
We have put procedures in place to deal with any suspected personal data breach, and will notify you and any applicable regulator of a breach where we are legally required to do so.
We are allowed to disclose your information in the following cases:
- If we want to sell our business, or our company, we can disclose it to the potential buyer.
- If we want to sell or buy any business, or assets, we can disclose your personal data to the potential buyer or seller of such business or assets.
- We can disclose it to other businesses in our group which means our subsidiaries, our ultimate holding company and any subsidiary as defined in Section 1159 of the UK Companies Act 2006.
- We can disclose it if we have a legal obligation to do so, or in order to protect other people's property, safety or rights.
- We can exchange information with others to protect against fraud or credit risks.
- In connection with legal proceedings (including prospective proceedings).
Third parties or publicly available sources
We contract with third parties to supply our Services to you on our behalf. We use a variety of third-party vendors, such as our partners and suppliers for payment processing, search engine facilities, email communications, technical, advertising and marketing. In some cases, these third parties may require access to some or all of your data.
We only share the appropriate level of personal data to enable the supplier to provide their services. Where your data is required to be shared we will take all reasonable steps to ensure it is handled safely and securely and in accordance with our and the suppliers' obligations under GDPR and the law.
For questions about third-party vendors, please send an email to email@example.com.
Contacting professionals on our site
When you fill out a form to contact a hypnotherapist displayed on our site, it is necessary for us to disclose the information you've given us to the hypnotherapist in order to provide the service you've requested. We do not use your data for any other purpose, and we will always do our best to protect your data as outlined in this Privacy Notice.
We will retain your personal information for as long as we deem it necessary to enable you to use the Site, to provide Services to you, to comply with applicable laws (including those regarding document retention), resolve disputes with any parties, and otherwise as necessary to allow us to conduct our business.
We are committed to maintaining confidentiality when you contact our professional members for help; for this reason, when you contact one of our members using the email form linked from their profile, we will delete the information you entered into the form from our system immediately after sending your enquiry and your enquiry receipt.
All personal information we retain will be subject to this Privacy Notice and our internal retention guidelines. We will also retain data in an anonymous form for statistical and analytical purposes, for example, to understand how our users interact with our service. If you have a question about a specific retention period for certain types of personal information we process about you, please send an email to firstname.lastname@example.org.
You can ask us not to use your data for marketing. If you are a member of our Site, you can do this by updating the relevant settings in your Members' Area, or by contacting us at any time at email@example.com. For all other enquiries of this nature, please contact us at firstname.lastname@example.org.
Under the GDPR, you have the right to control how your personal information is used in the following ways:
- You can ask for a copy of your personal data held by us, at no cost to you
- You can ask us to correct any personal information that we hold about you, or inform us about any changes to your personal information
- You can request that your personal data be transferred to another person (data portability)
- You can ask to be informed of what data processing is taking place
- In certain situations, you can ask that we restrict processing of, or object to processing of, your personal data
- In certain situations, you can ask that we delete personal information that we hold about you.
Where we are using your personal information on the basis of your consent, you are entitled to withdraw that consent at any time. Where we process your personal information based on legitimate interest or the public interest, you have the right to object at any time to that use of your personal information.
We rely on you to ensure that your personal information is complete, accurate and up to date. Please do inform us promptly of any changes to or inaccuracies in your personal information by contacting email@example.com. We will respond to your request as soon as possible, but certainly within 30 days.
We are committed to working with you to obtain a fair resolution of any complaint or concern you may have about our use of your personal information. If, however, you believe that we have not been able to assist with your complaint or concern, you may have the right to file a complaint with the UK supervisory authority - details of which are found in section 13 of this policy.
Please note that our terms and conditions and our policies will not apply to other websites that you get to via a link from our Site. We have no control over how your data is collected, stored or used by other websites, and we advise you to check the privacy policies of any such websites before providing any data to them.
Similarly, when you first contact or enter into correspondence with a professional displayed on our site, you will become subject to the privacy terms of that professional. You can request specific details from the hypnotherapist themselves.
This Privacy Notice was last updated on 21st May 2018 to add new provisions to the policy applicable regarding GDPR. If we change our Privacy Notice, we will post the changes on this page. If we decide to, and if we have a valid email address stored for you as outlined in the sections above, we may also email you to let you know about any changes.
Our Data Compliance Manager is in charge of answering questions about this privacy notice or your requests to exercise your rights which are set out below. The Data Compliance Manager may be contacted at Memiah Limited, Building 3, Riverside Way, Camberley, Surrey GU15 3YL, or via email at firstname.lastname@example.org. Our Data Compliance Manager may work in conjunction with our Customer Service/Membership Services team when corresponding with you.
You can contact us using these details for one or more of the following reasons:
- To ask us to fix information about you that is wrong or incomplete, or to delete personal information about you (the so-called "Right to be Forgotten").
- To tell us you no longer agree to, that you object to, or that you wish to restrict us using information about you and ask us to stop.
- To tell us to stop using your personal information to tell you about products or services that may be of interest to you (direct marketing).
- A right of access, namely to ask us to provide you with a copy of all of the personal information that we have about you. To receive this information please write to the Data Protection Team, Memiah Limited, Building 3, Riverside Way, Camberley, Surrey GU15 3YL.
- A "data portability" right, namely to obtain and reuse the information that you have provided to us for your own purposes across different services. You may ask for this information to be provided directly to you or directly to another organisation. We will provide the information in a machine readable format so that another organisation's software can understand that information.
Sometimes we will not be able to stop using your personal information when you ask us to (e.g. where we need to use it because the law requires us to do so or we need to retain the information for regulatory purposes).
In other cases, if we stop using your personal information, we will not be able to provide services to you, such as administering your membership.
We will tell you if we are unable to comply with your request, or how your request might impact you, when you contact us.
We are committed to working with you to obtain a fair resolution of any complaint or concern you may have about our use of your personal information. If you have any concerns about the way in which we are using your personal information, please contact our Data Compliance Manager in the first instance and we will endeavour to resolve your concern. Our Data Compliance Manager can be reached by emailing email@example.com, or by post at the following address:
Data Compliance Manager
Surrey GU15 3YL
Although we encourage you to contact us if you have any concerns, you do also have the right to complain about how we treat your personal information to
the Information Commissioner's Office ("ICO"). The ICO can be contacted at:
ICO website: https://ico.org.uk/global/contact-us/
ICO telephone: 0303 123 1113
ICO textphone: 01625 545860