Privacy & GDPR
We have assessed our systems and policy in accordance with the new GDPR regulations coming into force on May 25th 2018.
Further details of this policy are listed below.
Forum: The email address and IP address of all posts are recorded only to aid in enforcing the terms & conditions of the forum which has been agreed on registration. You agree that “Bristol Gardens Health Spa Forum” have the right to remove, edit, move or close any topic at any time should we see fit. As a user you agree to any information you have entered, being securely stored in the phpBB database which we as administrators have accessed to. While this information will not be disclosed to any third party without your consent, neither “Bristol Gardens Health Spa” nor phpBB shall be held responsible for any hacking attempt that may lead to the data being compromised. Passwords are not saved and no PII information is collected by us. We do not collect or store any posts for any reason. The forum platform phpBB is GDPR compliant under EU law. If you signed up to the forum before the GDPR rules were introduced you may wish to look again at the phpBB site for their own updates. If you wish to have your account deleted please email us with your username and linked email address and we will delete your posts and membership.
Email addresses: If you contact us via our website, forum or direct email. We keep the email on our servers until they time out or we are asked to delete them. We do not use any of the information stored for marketing purposes and the emails are not disclosed to a third party. They are purely used to correspond with you in relation to the contact you make with us.
Links to other website: Our website contains links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
At reception: When entering BGHS you will be asked to give a first name and initial of surname. This information is taken to identify you whilst in the building. For example: to confirm your locker key number and to confirm and identify who you are for security and to communicate with or contact you whilst in BGHS. This information is not available to third parties and is not kept by us for any longer than is necessary to comply with legal requirements regarding financial transactions.
Paying by card: Card Receipts and statements will display the name BGHS instead of Bristol Gardens Health Spa. BGHS complies with PCI DSS regulations. Your card details will not be passed on to 3rd parties unless legally required to do so. We do not hold PII linking anyone to any card receipt. All receipts are stored securely and destroyed in accordance to with regulations in the recommended time frame.
Making Bookings: In order to book massage appointments prior to arrival in the building, you will need to leave a contact telephone number. This number will only be used to contact you, either to confirm your appointment or make you aware of any changes to the appointment that is necessary. This number is not kept on file unless an appointment is missed and we have not been informed within an hour of its start time. We may then use the number to build a securely stored record of customers that have failed to arrive, in order to prevent advance bookings in the future. No information will be given to third parties unless legally required to do so.
Medical information: We may need to keep a record of any medical information that you have informed us about, that could affect your visit to BGHS. This will be kept in confidence and only be used for the purpose of providing safer conditions for your visit. We are required to fill in an accident report for every incident that has resulted in medical attention needing to be received no matter how small. This report and any information given to us is kept securely and in confidence and only disclosed if requested to do so by our insurance company or any parties working on their behalf or if legally required to do so.
Breaking The Rules: We reserve the right to retain any information necessary that we have collected from you to identify you in the future should you break any of our rules, particularly if this results in a ban or needing to call the police. This will include details of your description and any visually identifying marks that we can note. If we have PII information such as phone number or address we will store this securely under GDPR rules. This information will stay on record permanently within our company unless we are legally required to share it or delete it.
Recording equipment: We do not allow or use any visual or audio recording equipment in the building.