The Real Birth Company (“we”) promises to respect any personal data you share with us and keep it safe. We aim to be clear when we collect your data and not to do anything you wouldn’t reasonably expect.
In May 2018, in accordance with the General Data Protection Regulations (GDPR), we will only send communications to those that have explicitly stated that they are happy for us to do so, via their preferred channel(s) (email, SMS, phone or post).
We collect information in the following ways:
You may give us your information in order to register to use our Real Birth Workshop Online, purchase our products or communicate with us. Sometimes when you purchase products from us, your information is collected by our sister organisation 27 Web Management, but we are responsible for your data at all times.
Depending on your settings or the privacy policies for social media and messaging services like Facebook, WhatsApp or Twitter, you might give us from those accounts or services.
Like most websites, we use “cookies” to help us make our site and the way you use it, better. Cookies mean that a website will remember you. They’re small text files that sites transfer to your computer, phone or tablet. They make interacting with a website faster and easier, for example by automatically filling your name and address in text fields.
In addition, the type of device you’re using to access our website or workshop and the settings on that device may provide us with information about your device, including what type of device it is, what specific device you have, what operating system you’re using, your device manufacturer or operating system provider will have more details about what information your device makes available to us.
When you register with the Real Birth Workshop, you are asked to provide the following information:
We collect the above information to analyse the trends and usage of the workshop and to review our product to better respond to the needs of our users.
We will use your data to:
We will always ensure the data we collect is adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed and only collect personal data we actually need for our specified purposes. The company periodically reviews the data it holds and deletes anything we do not need.
Should the purpose of our data collection change we will inform all users by email of the proposed changes thereby giving them the opportunity to opt out and where appropriate reobtain their consent.
We collect and manage information from workshop users who are under 16, as they may be parents to be who wish to use our workshop. We aim to manage it in a way which is appropriate to the age of the child. Where possible and appropriate we will seek consent from a parent or guardian before collecting information about those under 16.
We do not sell or share personal details to third parties for the purposes of marketing
When you contact us to enquire about our products, about commissioning opportunities or provide feedback or make a complaint we will collect your contact details which will be kept on a secure internal CRM sales system. This enables us to record your enquiry and log our response to resolve your issue.
To minimize the risk of loss, accidental or intentional destruction or theft of personal data all data held by the Company is encrypted during transit using SHA Hashing and is hosted on an NHS approved server, so we are unable to identify individual users using The Real Birth Workshop. All personal data in storage on our server is protected by 2 factor authorisation.
We undertake regular reviews of who has access to the information we hold, this ensures that your information is only accessible by appropriately trained staff.
Data collected by the company will not be shared or processed for any other reason than outlined in this document. We will only ever share your data in other circumstances, if we have obtained your explicit and informed consent.
Should there be a personal data breach the company will assess whether the breach of security leads to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed. Data breaches vary in severity and as such not all personal breaches that fall within the above definition need to be reported. Where the impact of a breach represents a high risk to the rights and freedoms of individuals those individuals will be advised immediately, and the breach reported to the ICO within 72 hours from point of discovery. If the breach does not fall within the above definition and does not represent a high risk the breach will be formally documented and the justification for the decision recorded.
The company administrator can delete your data from our phpMyAdmin system upon email or written request. The data will be deleted from the system immediately and cannot be recovered by any users or Real Birth Company employees after this point. Data which has been deleted cannot be recovered at any time. Sufficient warning is given to the system administrator before they permanently delete anything
We will continue to hold personal data on our system for six months after the expected due date at which point the company administrator will permanently delete all records from the system
If our organisation closes, we are required by law to delete all personal and sensitive contact information for all our contacts.
We would really appreciate it if you could let us know if your email details change, by sending an email to firstname.lastname@example.org
Using the Real Birth Workshop may subject you to potential risks including, but not limited to the following.
Malicious human (interference)
Accidental human interference
Sensitive data exposure
Prolonged screen time
Voluntary/Involuntary loss of password
Unpatched or Poorly Configured Devices
Use the The Real Birth Online Workshop at your own risk.
The Real Birth Company is not liable for any injuries, losses or damages that occur through use and access of The Real Birth Online Workshop.
To communicate with our Data Protection Officer, registered midwife Zoe Wright, please send an email with data protection in the subject heading to the following address: email@example.com or write to: Zoe Wright, The Real Birth Company, The Old Magistrates Court, Gaol Street, Hereford, HR1 2HU
To communicate with our Clinical Safety Officer, registered midwife Zoe Wright, please send an email with clinical safety in the subject heading to the following address: firstname.lastname@example.org or write to: Zoe Wright, The Real Birth Company, The Old Magistrates Court, Gaol Street, Hereford, HR1 2HU
You have the right to ask us to stop processing your personal data, and we will immediately do so.
You have a right to ask for a copy of the information we hold about you.
You have the right to ask for your data to be deleted.
You have the right to rectify your personal data.
You have the right to object to use of your personal data.
You have the right to the portability of your personal data.
You have the right to withdraw consent.
We will respond to any data requests within 1 month.
If you have any questions or concerns, contact us on 01432 345534 or email us email@example.com. Please be aware if you want to access information, we will need to prove who you are, you will need to send proof of identity before we release any personal data. Please contact us to be guided on where to send this.
If you have any questions, comments or suggestions, please let us know by emailing us at firstname.lastname@example.org