logo

Welcome to Wellspring

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.
Working Hours
Monday - Friday 09:00AM - 17:00PM
Saturday - Sunday CLOSED
From Our Gallery
Top

Privacy Policy

  1. General Policy
    1.1 EnvironMentalHealth CIC recognises the legal requirements of the General Data
    Protection Regulation (GDPR) and is committed to safeguarding personal data.
    In particular:
    1.2 Personal data will be processed fairly and lawfully and, in particular, will
    not be processed unless –
    a) at least one of the conditions set out in Section 2 below is met, and
    b) in the case of special category data, at least one of the conditions in Section 3 below is also met.
    1.3 Personal data will be obtained only for one or more specified and lawful purposes, and shall not
    be further processed in any manner
    incompatible with that purpose or those purposes.
    1.4 Personal data will be adequate, relevant and not excessive in relation to the purpose(s) for
    which they are processed.
    1.5 Personal data shall be accurate and, where necessary, kept up to date.
    1.6 Personal data processed for any purpose(s) will not be kept for longer than is necessary.
    1.7 Personal data will be processed in accordance with the rights of data subjects under the
    GDPR.
    1.8 Appropriate technical and organisational measures will be taken against unauthorised or
    unlawful processing of personal data and
    against accidental loss or destruction of, or damage to, personal data.
    1.9 Personal data will not be transferred to a country or territory outside the European Economic
    Area unless that country or territory ensures an adequate level of protection for the rights and
    freedoms of data subjects in relation to the processing of personal data.
  2. Conditions For Processing Personal Data
    2.1 Unless a relevant exemption applies, at least one of the following conditions must be met
    whenever we process personal data:
    a) The individual has consented to the processing of
    their personal data.
    b) The processing is necessary in relation to a contract
    which the individual has entered into; or because the
    individual has asked for something to be done so they
    can enter into a contract.
    c) The processing is necessary because of a legal obligation that applies to you (except an
    obligation imposed by a contract).

DATA PROTECTION POLICY

d) The processing is necessary to protect the individual’s “vital interests”. This condition only
applies in cases of life or death, such as where an individual’s medical history is disclosed to a
hospital’s A&E department treating them after a serious road accident.
e) The processing is necessary for administering justice, or for exercising statutory, governmental,
or other public functions.
f) The processing is in accordance with the “legitimate interests” condition.

  1. Conditions For Processing Special Category Data
    3.1 At least one of the additional conditions listed below must also be met whenever we
    process special category data:
    a) The individual has consented explicitly to the processing of their
    special category data.
    b) The processing is necessary to comply with employment law.
    c) The processing is necessary to protect the vital interests of:
    • the individual (in a case where the individual’s consent cannot be given or
    reasonably obtained), or
    • another person (in a case where the individual’s consent has been unreasonably
    withheld).
    d) The processing is carried out by a not-for-profit organisation and does not involve
    disclosing personal data to a third party, unless the individual consents. Extra limitations
    apply to this condition.
    e) The individual has deliberately made the information public.
    f) The processing is necessary in relation to legal proceedings; for obtaining legal advice; or
    otherwise for establishing, exercising
    or defending legal rights.
    g) The processing is necessary for administering justice, or for exercising statutory or
    governmental functions.
    h) The processing is necessary for medical purposes, and is undertaken by a health
    professional or by someone who is subject to
    an equivalent duty of confidentiality.
    i) The processing is necessary for monitoring equality of opportunity, and is carried out with
    appropriate safeguards for the rights of individuals.
    3.2 In addition to the above conditions – which are all set out in the GDPR itself – regulations set
    out several other conditions for
    processing special category data. Their effect is to permit the processing of special category data
    for a range of other purposes – typically those that are in the substantial public interest, and which
    must necessarily be carried out without the explicit consent of the individual.
    3.3 Examples of such purposes include preventing or detecting crime and protecting the public
    against malpractice or maladministration.

Skip to content