Privacy Policy

Our Privacy Policy – effective from 13th May 2018

N.ableD’s mission is to empower vulnerable people with debilitating health conditions or injuries to take back the control of their health and well-being by making long-lasting changes to their current lifestyle and daily routine.

With this website we aim to show you the work we are doing and why, and also protect your privacy and security online.

Our Privacy Policy outlines how we obtain information from you and what we do with it. It also explains the choices you can make to control your privacy during your visit to this website.


1. Information we collect
2. How we use your information
3. Who may receive your information
4. Your privacy choices
5. Data retention & security
6. Cross-border transfers
7. Third-Party Services
8. Policy updates & contacting us
 

In the chart below, we’ve detailed the information we may collect about you, depending on your activities on our website, and how we obtain this information.  
What we collect How we collect it
Your name. We require you to provide a chosen name when you use our Contact Form.
Your email address. We require you to provide an email address when you use our Contact Form.
Your IP address. Your “IP Address” is a designator that is automatically assigned to the computer that you are using by your Internet Service Provider (ISP). An IP Address may be identified and logged automatically in our server log files whenever you use our website and services, along with the time of your visit and the specific page(s) that you visited.
Your telephone number. If you use our ‘Request a Call Back’ form, you will need to provide us with your telephone number. Providing this information is not required if using our ‘Contact Us’ form.
Your city. We use the IP service to suggest your city from your IP address, in order to show you local petitions that may be of interest. You can change this information if it is displayed incorrectly. We do not share your information. Providing a city is required to use the service.
Your country. As mentioned above, we use the IP service to suggest your city from your IP address, in order to show you local petitions that may be of interest. This enables us to determine your country. We do not share your information.
Any other information you voluntarily submit. You have the choice to provide other information to us. For example, if you request to have a telephone consultation with us we will ask you questions over the phone about your current health conditions, whether you are taking prescribed medications to manage these health conditions, what products and services have helped or not helped you to manage these health conditions, general information about your daily routine, as well as your expectations about receiving our service to help us explore together whether our service is the right fit for you. Providing this information is required to use the service as it will help to determine whether our service will add any value to your current regime before we decide to meet you in person for an initial home consultation.
Your unique mobile device ID number if you access our services via a mobile application. When you download and use any mobile applications we develop, we’ll collect your unique device ID and all your account and activity information will be tied to that unique device ID. In addition, we may track and collect app usage data, such as the date and time the app on your device accesses our servers and what information and files have been downloaded to the app.
The name of the browser you use to access nabled.org.uk Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows PC or Mac), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version. Collecting this information helps us build and deliver the best possible version of our website nabled.org.uk to you.
Information collected through cookies as disclosed in our linked Cookies Policy We, and/or our service providers may use cookies, pixel tags (also known as web beacons and clear GIFs), and other similar technologies to understand user activities. Like other websites, nabled.org.uk will not function properly if cookies are not enabled. We use third-party analytics services like Google Analytics provided by Google Inc. (“Google”).  These analytics services may use cookies and similar technologies to analyze how people use our services and provide statistical reports about aggregate user behaviour. Such services may also collect information about website visitors’ use of other websites. Please review our Cookies Policy for detailed information on the cookies we use, and how you can manage these.

Some of the information above reveals your specific identity, or is directly tied to your specific identity, such as your name and email address. Some of this information does not reveal your specific identity, or does not directly relate to you, such as your browser and device information or information collected through cookies. If we ever combine non-personally identifiable information with personally identifiable information, the combined information will be treated by us as personally identifying information and protected accordingly. Our services are not directed to people under the age of eighteen (18), and we do not knowingly collect personal information from them.

  1. How we use your information
Here are the ways we might use your information to provide our services. Our legitimate business interests are explained below, alongside examples of how your information may be used for these purposes.  
Purpose Examples
To fulfil your specific request through the website, such as signing up to our newsletter. o  To allow you to receive our newsletter by email, which you can unsubscribe from at any time by clicking on your preferences at the bottom of the newsletter.
Accomplishing our business purposes. We engage in these activities to manage our contractual relationship with you, to comply with a legal obligation, because we have a legitimate interest, and/or with your consent. o  For data analysis, for example, to improve the efficiency of our services. o  For audits, to verify that our internal processes function as intended and are compliant with legal, regulatory, or contractual requirements. o  For fraud and security monitoring purposes, for example, to detect and prevent cyber-attacks or attempts to commit identity theft. o  For developing new products, features and services. o  For enhancing, improving or modifying our website. o  For identifying usage trends, for example, understanding which parts of our website are of most interest to users. o  For determining the effectiveness of our newsletters. o  For operating and expanding our business activities, for example, understanding which parts of our website are of most interest to our users so we can focus our energies on meeting our users’ interests. o  For legal compliance. In rare circumstances, we may have to use and disclose information we have about our users in order to exercise or protect legal rights or defend against legal claims under applicable law. o  We use cookies detailed in our Cookies Policy to measure and improve our services and develop features and functionalities on our website.
Analysis of personal information for business reporting and providing personalized services. We provide personalized services either with your consent or because we have a legitimate interest. o  We may anonymize, de-identify and/or aggregate information and use such information to better understand and serve our users or for optimization of our marketing and targeting efforts. For example, we may compile statistics to analyse the performance of particular emails.
 
  1. Who may receive your information

Here we outline who will receive your personal information and when this may happens.

  • Our business entities and service providers
  • Our suppliers, subcontractors and business partners (“service providers”):

    We may share information about you with those working within our organisation, such as with directors, subcontractors and employees, on a need to know basis only.  For example, your personal information will only be shared with those specified if they are directly supporting you, e.g. as your Exercise Therapist, Physiotherapist, Nutritional Therapist, Massage Therapist or Yoga Therapist.

    We may share information about you with our service providers who process information to provide services on our behalf. We have contracts with our service providers that prohibit them from sharing the information about you that they collect or receive with anyone else or from using such information for other purposes.

  • Your GP/Health Professional If you request to have an initial face to face consultation with us and you subsequently express your decision to purchase our services, we require a form to be completed by you which is called a ‘Physical Activity Readiness Questionnaire’ (PARQ). This form is 1 page of A4 and requires your Full Name, Date of Birth, Current Age, Full Address, GP Practice Name and Address, your Telephone Number, your Email address and YES/NO answers provided by you to answer specific health questions. This form requires your signature, the date the form is completed and your full name to be entered underneath your signature.  This information provided by you is then passed to your GP practice via FAX for their completion.
  • A transfer of your personal data to your GP or Health Professional requires your explicit permission in writing.

    This above process is required as we cannot provide our service without your GP or health professional consenting that the person requesting our service is medically safe to complete an exercise programme in the home as opposed to in a clinical setting, such as a hospital.

  • Legal &administrative obligations
  • We may use and disclose your personal information as necessary or appropriate, especially when we have a legal obligation or legitimate interest to do so:
    • Fraud prevention: We may use and disclose the information we collect from and about our users as we believe necessary to investigate, prevent, or respond to suspected illegal or fraudulent activity or to protect the safety, privacy, rights, or property of us, our users, or others.
    • Safeguarding your welfare: You agree to your personal information being shared internally within our organisation, such as with directors, officers, members and/or employees, on a need to know basis only. We agree not to disclose any personal information that you may have disclosed to us to any other individual, corporation, or other entity without your prior written consent.  There are circumstances however, when we may need to share your personal information with your local Adult Social Care service if it relates to the safeguarding and promotion of your welfare.  Some examples of situations where it would be necessary for us to share your personal information, after having consulted with you first, include: a disclosure or evidence of physical, sexual, financial or serious emotional abuse or neglect; if suicide is threatened or attempted; a disclosure or evidence of serious self-harm, including drug or alcohol misuse that may be life-threatening; evidence of serious mental illness (e.g. psychosis)
    • Law enforcement purposes: If requested or required by government authorities such as law enforcement authorities, courts, regulators, or otherwise to comply with the law (which may include laws outside your country of residence), we may have to disclose information we have about our customers. We also may use and disclose information collected about you in order to exercise or protect legal rights or defend against legal claims.
    1. Your privacy choices

    If you want, you can ask us for the information we have about you and even ask us to delete it all.

  • Accessing or deleting your information
  • If you would like to request to review, correct, update, suppress, or delete personal information that has been previously provided to us by you, you can contact us using our contact form and ask us to specify what personal information we have about you and to delete certain personal information about you from our records, or request to receive an electronic copy of your personal information for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by applicable law).

    Please let us know what information you would like us to remove from our databases or otherwise let us know what limitations you would like to put on our use of your personal information.  For your protection, we may only implement requests with respect to the personal information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will respond to your requests consistent with applicable law, and we will try to comply with your request as soon as reasonably practicable.

    Please note that we may need to retain certain information about you to complete any transactions that you began prior to your request. There may also be residual information that will remain within our databases and other records, but such residual information will no longer be tied to your identity.

  • Third-party analytics companies & Cookies
  • We have provided details on the cookies we use and instructions for how you can opt out of these in our Cookies Policy.

    1. Data retention & security

    We take a lot of measures to protect your personal information. We seek to use reasonable organizational, technical, and administrative measures to protect your personal information within our organization from loss, misuse, unauthorized access or disclosure, alteration and/or destruction. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify our Data Protection Officer using the contact details listed at the end of this Privacy Policy.

    We will retain your Personal Information for as long as needed or permitted in light of the purposes for which it was obtained. The criteria used to determine our retention periods include the length of time we have an ongoing relationship with you and provide our services to you, our legal obligations or whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).

    1. Cross-border transfers

    Your information may be transferred to countries both inside and outside the European Economic Area (EEA).  This is because our service providers who process information to provide services to us or on our behalf operate in other countries across the world, including the United States.  We have contracts with our service providers that prohibit them from sharing the information about you that they collect or receive with anyone else or from using such information for other purposes.  In certain circumstances, courts, law enforcement agencies, regulatory agencies, or security authorities in those other countries may be entitled to access your personal information.

    Some of the non-European Economic Area countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards, and the full list of these countries is available by clicking the link below:

    https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en

    1. Third-Party Services

    This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third party operating any site or service to which our services link.  Our inclusion of a link on our services does not imply our endorsement of the linked site or service.

    1. Policy updates & contacting us

    This policy may change over time. We have included our contact information below but the best way to get in touch with us is via our ‘Contact Us form’ available via our website.

    The “Effective Date” at the top of this Privacy Policy indicates when it was last revised. Any changes will become effective when we post the revised Privacy Policy on our website.

    We welcome questions, concerns, and feedback about this policy. If you have any suggestions for us, feel free to let us know by contacting us.

    You can also write to the following address: 4 Stirling House, Sunderland Quay, Culpeper Close, Rochester, Kent, ME2 4HN

    In addition, you may contact our Data Protection Officer at nadine@nabled.org.uk

    Please do not include credit card or other sensitive information in your emails or letters to us as email or postal communications are not always secure.

    You may lodge a complaint with a supervisory authority competent for your country or region. Please click here http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm for contact information for such authorities.