When you trust us with your personal data, we take our responsibility to protect it very seriously
We respect privacy, and your rights to control your personal data. With that in mind, we want to be clear about the data we collect and why.
The prime purpose of collecting your data is to provide you with services (“Services”) offered by our website (“Site”), whether that’s using our Site to read articles, find information, to contact a professional, to advertise your business, or for some other reason. No matter how you use our Site, our aim is to allow you to interact with it as effortlessly as possible.
We do not and will not sell your data to third parties.
Please read this Privacy Notice carefully to understand our views and practices regarding your personal data, and make sure you understand it. Your acceptance of our Privacy Notice is deemed to occur upon your first use of our Site, so if you do not accept and agree with it you must stop using our Site immediately.
Please be aware that our Site and Services may contain links to third party websites that are not covered by this Privacy Notice.
With that in mind, we ask you to review the privacy statements of other websites and applications, and/or to request this information, to make sure you understand their information practices.
1. Who "we" are
Under the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regards to the processing of personal data and on the free movement of such data - known as General Data Protection Regulation (GDPR) - we need to provide you with certain information about us as a 'data controller'.
We are Memiah Limited (“Memiah”, "we", "us" or "our") and you will know us by our brand names:
- Counselling Directory
- Hypnotherapy Directory
- Life Coach Directory
- Nutritionist Resource
- Therapy Directory
- Beauty Resource
- Accountant Directory
We’re registered in the United Kingdom under company number 05489185, and our registered office and main trading address is situated at Building 3, Riverside Way, Camberley, Surrey GU15 3YL. We are registered with the ICO under registration number Z2071820.
Our Data Compliance Manager can be contacted at firstname.lastname@example.org.
2. The Site
We take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of our users throughout their visiting experience.
When you use or contact our Site, you do so at your own discretion and provide any personal details requested at your own risk. Your personal information is kept private and stored securely until it is no longer required or has no use, as detailed below. Every effort has been made to ensure a safe and secure form to email submission process but we advise users using our forms that you do so at your own risk.
As the party responsible for data processing we ensure that the processed data:
- is processed in accordance with the applicable privacy regulations; and
- is sufficiently protected to not be exposed to persons who should have no access to it by taking technical, contractual and organisational safety measures.
3. The types of personal information we collect
We may collect and process the following data about you:
Information you give us
We collect information you voluntarily provide to us by filling in forms on our Site happiful.com (our "Site"), by corresponding with us by phone, e-mail, live-chat services, or in other ways. The information you give us may include your name, address, email address and phone number. Where we take any financial payments from you, these will be done securely and in accordance with industry standards.
Information we collect automatically
Whenever you visit our Site we may automatically collect the following information about you:
- Technical information. We may, for example, collect information about the type of device you use to access our websites, the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this Site;
- Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Site (including date and time); pages you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer services number.
Information we receive from other sources
We may receive information about you if you use any of the other websites we operate or the other services we provide - for example, if you subscribe to Happiful.com or use the Happiful mobile app, we may receive information about related Counselling Directory content that you’ve viewed.
Under GDPR, we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights. We will only process your personal data if at least one of the following basis applies:
a) you have given consent to the processing of your personal data for one or more specific purposes - for example, by signing up to receive our Happiful magazine.
b) processing is necessary for the performance of a contract to which you are a party, or in order to take steps at the request of you prior to entering into a contract - for example, if you purchase a subscription to our magazine.
c) processing is necessary for compliance with a legal obligation to which we are subject;
d) processing is necessary to protect the vital interests of you or of another natural person; or
e) processing is in our legitimate interests or those of a third party such as our credit card payment processing, unless these interests are overridden by the fundamental rights and freedoms of the data subject (this will normally be you). For example, we rely on our legitimate interest basis to analyse and improve our Services and the content on our websites and apps, to send you information about our services, and offer you suggestions about similar products and services that might interest you. We can use your personal information in this way because it is in our legitimate interests to provide you with relevant information when appropriate, so that we may look at ways of establishing and extending our relationship with you.
If we receive personal information from another user in the course of providing our Services to you, we expect you to have complete responsibility for making sure that the contents of this Privacy Notice are brought to their attention and you have obtained their consent in the process.
In some instances, it may be appropriate for us to combine your information with other information that we may be holding about you - such as combining your name with your geographic location or your history with us.
If you fail to provide personal data:
If you choose not to provide the personal information we request, you can still visit most areas of the Site but you may be unable to access certain options and services. You have the final decision on whether to proceed with any activity that requests personal information.
In some cases, the collection of personal data may be a statutory or contractual requirement, and we will be limited in the services we can provide you if you don’t provide your personal data - for example, if you do not provide us with your personal data, you will not be able to apply for a digital subscription to our magazine. We will let you know how this will affect you at the time.
5. What do we do with information we collect about you and why
We use your personal information in order to provide you with the products and services we offer. Here are some examples of some of the ways we may use your data:
Example - Signing up to Happiful magazine
If you wish to sign up to receive our Happiful magazine (either the free e-magazine or paid printed version), we will use your details to communicate with you when a new magazine is released, and to keep you informed about other news and services that may be of interest to you. We won't pass your details on to any third parties other than where necessary for the delivery of the magazine. We will give you the option to adjust your email preferences or to unsubscribe.
We may also store information about you, such as your IP address or website activity, in certain database fields to record certain actions - for example, if you subscribe to our e-magazine, purchase a print copy, register for our services, or interact with our site in other ways, we use Google Analytics and Facebook Pixel to record that you’ve successfully completed a specific action. We use this information to monitor and administer our site (such as evaluating the effectiveness of our advertising methods).
This is a summary of the ways that we may use your personal information. Depending on the way that you use our Site - some of these may not apply:
- To present Site content as in the most effective manner for you and your device(s).
- To provide information, products and services that you request, or which we think may interest you.
- To allow you to use our interactive services if you want to.
- To enable you to subscribe to our Services or publications.
- To tell you about changes to our Services.
- To tell you about other goods and services that might interest you.
- To administer our Site and for internal operations like trouble shooting, data analysis, testing, research, statistical and survey purposes.
- As part of our efforts to keep our Site safe and secure.
- For our legal records, e.g. we have to retain accounting records for at least six years.
- For dispute resolution.
- To give us feedback.
If you are already our customer, we will only contact you electronically about things similar to what was previously sold to you. If you are a new customer, you will only be contacted if you agree to it. If you want to be contacted for marketing purposes, please tick the relevant box that you will find on screen when we collect your data.
Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to our marketing communications or sending third party direct marketing communications to you via email or text message.
If you don’t want us to use your personal data for any of the other reasons set out in this section, you can let us know at any time by contacting us at email@example.com and we will delete your data from our systems. However, you acknowledge this will limit our ability to provide the best possible service to you, and some parts of our service may not be accessible to you as a result.
As already indicated above, with your permission and/or where permitted by law, we may also use your data for marketing purposes which may lead to us contacting you by email and/or telephone with information, news and offers on our Services. We agree that we will not do anything that we have not agreed to under this Privacy Notice, and we will not send you any unsolicited marketing or spam. We will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, as amended in 2004, 2011 and 2015.
6. Where we store your data
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. These staff may be engaged in, among other things, the processing of your payment details and the provision of support services like email communications.
By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Notice. Where such processing takes place, appropriate controls, such as the adoption of agreements containing appropriate standard clauses, are in place to ensure that your information is protected to the same standard as if it were in the UK. We will do what we reasonably can to keep your data secure, and up to date and in accordance with this Privacy Notice.
Data security is of great importance to us, and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected through our Site. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share passwords with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will always do our best to protect your personal data as outlined in this Privacy Notice, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk.
We have put procedures in place to deal with any suspected personal data breach, and will notify you and any applicable regulator of a breach where we are legally required to do so.
7. Disclosing your information
We are allowed to disclose your information in the following cases:
- If we want to sell our business, or our company, we can disclose it to the potential buyer.
- If we want to sell or buy any business, or assets, we can disclose your personal data to the potential buyer or seller of such business or assets.
- We can disclose it to other businesses in our group which means our subsidiaries, our ultimate holding company and any subsidiary as defined in Section 1159 of the UK Companies Act 2006.
- We can disclose it if we have a legal obligation to do so, or in order to protect other people's property, safety or rights.
- We can exchange information with others to protect against fraud or credit risks.
- In connection with legal proceedings (including prospective proceedings).
Third parties or publicly available sources:
We contract with third parties to supply our Services to you on our behalf. We use a variety of third-party vendors, such as our partners and suppliers for payment processing, search engine facilities, email communications, technical, advertising and marketing. In some cases, these third parties may require access to some or all of your data.
We only share the appropriate level of personal data to enable the supplier to provide their services. Where your data is required to be shared we will take all reasonable steps to ensure it is handled safely and securely and in accordance with our and the suppliers’ obligations under GDPR and the law.
For questions about third-party vendors, please send an email to firstname.lastname@example.org.
8. Retaining your personal information
We will retain your personal information for as long as we deem it necessary to enable you to use the Site, to provide Services to you, to comply with applicable laws (including those regarding document retention), resolve disputes with any parties, and otherwise as necessary to allow us to conduct our business.
All personal information we retain will be subject to this Privacy Notice and our internal retention guidelines. We will also retain data in an anonymous form for statistical and analytical purposes, for example, to understand how our users interact with our service. If you have a question about a specific retention period for certain types of personal information we process about you, please send an email to email@example.com.
9. Your rights
You can ask us not to use your data for marketing. If you are a member of our Site, you can do this by updating the relevant settings in your Members’ Area, or by contacting us at any time at firstname.lastname@example.org.
For all other enquiries of this nature, please contact us at email@example.com.
Under the GDPR, you have the right to control how your personal information is used in the following ways:
- You can ask for a copy of your personal data held by us, at no cost to you
- You can ask us to correct any personal information that we hold about you, or inform us about any changes to your personal information
- You can request that your personal data be transferred to another person (data portability)
- You can ask to be informed of what data processing is taking place
- In certain situations, you can ask that we restrict processing of, or object to processing of, your personal data
- In certain situations, you can ask that we delete personal information that we hold about you.
Where we are using your personal information on the basis of your consent, you are entitled to withdraw that consent at any time. Where we process your personal information based on legitimate interest or the public interest, you have the right to object at any time to that use of your personal information.
We rely on you to ensure that your personal information is complete, accurate and up to date. Please do inform us promptly of any changes to or inaccuracies in your personal information by contacting firstname.lastname@example.org We will respond to your request as soon as possible, but certainly within 30 days.
We are committed to working with you to obtain a fair resolution of any complaint or concern you may have about our use of your personal information. If, however, you believe that we have not been able to assist with your complaint or concern, you may have the right to file a complaint with the UK supervisory authority - details of which are found in section 13 of this policy.
10. Links to other sites
Please note that our terms and conditions and our policies will not apply to other websites that you get to via a link from our Site. We have no control over how your data is collected, stored or used by other websites, and we advise you to check the privacy policies of any such websites before providing any data to them.
12. How to contact us about this privacy notice
Our Data Compliance Manager is in charge of answering questions about this privacy notice or your requests to exercise your rights which are set out below. The Data Compliance Manager may be contacted at Memiah Limited, Building 3, Riverside Way, Camberley, Surrey GU15 3YL, or via email at email@example.com.
Our Data Compliance Manager may work in conjunction with our Customer Service/Membership Services team when corresponding with you.
You can contact us using these details for one or more of the following reasons:
- To ask us to fix information about you that is wrong or incomplete, or to delete personal information about you (the so-called "Right to be Forgotten").
- To tell us you no longer agree to, that you object to, or that you wish to restrict us using information about you and ask us to stop.
- To tell us to stop using your personal information to tell you about products or services that may be of interest to you (direct marketing).
- A right of access, namely to ask us to provide you with a copy of all of the personal information that we have about you. To receive this information please write to the Data Protection Team, Memiah Limited, Building 3, Riverside Way, Camberley, Surrey GU15 3YL.
- A "data portability" right, namely to obtain and reuse the information that you have provided to us for your own purposes across different services. You may ask for this information to be provided directly to you or directly to another organisation. We will provide the information in a machine readable format so that another organisation's software can understand that information.
Sometimes we will not be able to stop using your personal information when you ask us to (e.g. where we need to use it because the law requires us to do so or we need to retain the information for regulatory purposes).
In other cases, if we stop using your personal information, we will not be able to provide services to you, such as administering your sunscription.
We will tell you if we are unable to comply with your request, or how your request might impact you, when you contact us.
We are committed to working with you to obtain a fair resolution of any complaint or concern you may have about our use of your personal information.
If you have any concerns about the way in which we are using your personal information, please contact our Data Compliance Manager in the first instance and we will endeavour to resolve your concern. Our Data Compliance Manager can be reached by emailing firstname.lastname@example.org, or by post at the following address:
Data Compliance Manager
Surrey GU15 3YL
Although we encourage you to contact us if you have any concerns, you do also have the right to complain about how we treat your personal information to the Information Commissioner's Office ("ICO"). The ICO can be contacted at:
ICO telephone: 0303 123 1113
ICO textphone: 01625 545860