Privacy Policy

Privacy Policy for Therapiece

You can access a printable version of this here  PDF version of T&C and GDPR

Effective 20 June 2020

DATA PRIVACY NOTICE
Therapiece takes data privacy seriously. This privacy policy explains who we are, how we collect and use Personal Information, and how you can exercise your privacy rights. We do not share data with anyone.
If you have any questions or concerns about our use of your Personal Information, then please contact us the.team@therapiece.org.
We will let you know by email if we change any of our policies.

1. Our GDPR policy statement
a. Your personal data – what is it?
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone. In the UK the processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).
b. Who are we?
We are the Trustees of the charity, Friends of Therapiece, (the Charity) and control all the personal data in 1. above.
c. How do we process your personal data?
We comply with its obligation under GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
d. What do we use your personal data for?
To administer membership records. To help run the peer-to-peer nature of Therapiece. To inform you of news, events and volunteering activities relating to Therapiece.org including events and activities that raise funds for the Friends of Therapiece. All these communications are via email.
e. What is the legal basis for processing your personal data?
We need your explicit consent of the data subject so that we can keep you informed about news, events and activities. We adhere to the May-2018 GDPR legislation.
f. Will your personal data be shared?
No.
g. How long do we keep your personal data?
We only keep current data. All Members and Visitors who leave will have their data removed within 28 days. You must inform us of when you leave using unsubscribe.
h. Your rights and your personal data.
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:- i) to have copy of your personal data which we hold on you, ii) to correct your personal data which we hold on you, iii) request your personal data is erased at any time.
i. What information do we hold?
For each Member we keep an email address, address and phone number and details of meetings attended. For each Visitor we keep only an email address.
j. How do you communicate with us?
Communication will be via email. Please email the.team@therapiece.org with all requests relating to personal data.
2. The Basics
2.A. About Us
Therapiece is a peer-to-peer network of people operated by a UK charity called Friends of Therapiece. The Charity is run by the Trustees as defined in the constitution (“we,” “us,” “our,” and ” Therapiece”).
The Charity enables our Members to take part in meetings over the internet or in person for the purpose of exploring their wellbeing through creative activities.

2.B. Key Terms
In this privacy policy, these terms have the following meanings:
“Web App(s)” means any one or all of the Therapiece applications available for Members to use on their computing devices.
“Member” is a person who has joined Therapiece and is registered with us to use the Therapiece App(s) and join meetings. If they are a resident of the UK they are a member of the Charity.
“Personal Information” means any information that identifies or can be used to identify an individual directly or indirectly. Examples of Personal Information include, but are not limited to, first and last name, email address, or location address.
“Service” has the meaning given to it in our Terms and Conditions.
“Visitor” means, any person who visits any of our Therapiece websites, addresses, or otherwise engages with us and leaves contact details (email) with us.
“you” and “your” means, depending on the context, either a Member or a Visitor.

3. Privacy for Visitors
This section applies to Personal Information that we collect and process when you visit the Therapiece Site and leave your details. In this section, “you” and “your” refer to Visitors.
3.A. Information We Collect
(i) Information you provide to us
• Personal contact information (such as your name, email address);
• Any information you choose to provide to us when completing any ‘free text’ boxes in our forms.
(ii) Information we collect automatically through the Mailchimp facility:
• Device information: such as your IP address, your browser,
• Usage data: such as information about how you interact with our emails,
3.B Use of Personal Information
• We will only send you information about Therapiece
3.C. Cookies and Tracking Technologies
• We do not use cookies if you are a visitor to the Therapiece website.
3.D Third-Party use
• We will not use your Personal Information for any other purpose than for running Therapiece and we will not let any Third party have access to it.
3.E To unsubscribe and remove all your personal information
• Use the unsubscribe link in any Mailchimp email to you to remove your personal information

4. Privacy for Members
This section applies to the Personal Information we collect and process from a Member through using the TherapieceApp. If you are not a Member, the Visitors section of this policy may be more applicable to you and your data. In this section, “you” and “your” refer to Members and potential Members.
4.A. Information We Collect
The Personal Information that we collect is only your personal information and not to do with any other organisation you might be involved with.
(i) Information you provide to us: You will need to provide certain Personal Information to us when you sign up for a Therapiece account and use the Service.
• Personal contact information (your name, address, phone number, email address)
• Account log-in credentials (such as your email address or username and password when you sign up for an account with us);
• Troubleshooting and support data (which is data you provide or we otherwise collect in connection with support queries we receive from you. This may include contact or authentication data, the content of your chats and other communications with us, and the product or service you are using related to your help inquiry); and
• Donation information (including your bank card numbers and associated identifiers and billing address).
(ii) Information we collect automatically: When you use the TherapieceApp, we will automatically collect Service Usage Data which may include:
• Device information: We collect information about the device and applications you use to access the Service, such as your IP address, your operating system, your browser ID, and other information about your system and connection.
• Log data: Our servers keep log files that record data each time a device accesses those servers and the nature of each access, including originating IP addresses and your activity in the Service (such as the date/time stamps associated with your usage, pages and files viewed, searches and other actions you take (for example, which features you used)),
• Usage data: We collect usage data about you whenever you interact with our Service, which may include the dates and times you access the Service and when you attend a Therapiece Meeting.
4.B. Use of Personal Information
We may use the Personal Information we collect or receive through the Service Usage for the purposes and on the legal bases identified below:
• To send you system alert messages in relation to your Therapiece membership and meetings.
• To communicate with you about your account and provide support.
• To ensure compliance with our Terms & Conditions and Safeguarding to protect the rights and safety of our Members in reliance on our legitimate interest to protect against misuse or abuse of our Service and to pursue remedies available.
• To meet legal requirements.
• To provide, support and improve the Service to the Members
• To request donation and collect money for Therapiece funds.
4.C. Cookies and Tracking Technologies
We use cookies to enable the TherapieceApp to work correctly. These are the Microsoft part of the cookie equation.
.AspNetCore.Antiforgery.0JtIKE59_Do
PieceBookAuthCookie
PieceBookConsent
PieceBookSession
PieceBook_sSkin
1. Anti forgery is to do with Browser / server interaction, ensures browser session relates to server session and is not a third party attack on server.
2. Authentication cookie / helps with staying logged in between sessions of browser on same machine.
3. Consent cookie related to the accept button that appears on new browser or cleaned cache etc
4. Session cookie keeps browser session in sync with server session
5. This is the skin option related to colours of all Telerik visual objects.

This is the relevant part of the WordPress part
OptanonConsent
OptanonAlertBoxClosed

1. To do with the opt-in box on a new load on a new browser. The WordPress opt-in is primary to using the site. When you log into the booking calendar etc you have a secondary “audited” opt-in.
2. Same as 1.
3.D Third-Party use
• We will not use your Personal Information for any other purpose than for running Therapiece and we will not let any Third party have access to it.
3.E To unsubscribe, leave Therapiece and remove all your personal information
• Use the unsubscribe link in a Therapiece email to you to leave Therapiece and delete your personal information. There are a number of options to take a break and receive less information.
3.F. Your Data Protection Rights
You have the following data protection rights:
• To access; correct; update; remove your Personal Information.
• You can manage your individual account and profile settings within the dashboard of the TherapieceApp. You can remove all your personal information as stated in 3.E.
• The right to complain to a data protection authority about the collection and use of Personal Information. For more information, please contact your local data protection authority. Contact details for data protection authorities in the EEA and UK are available here and Switzerland are available here.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection law. We will ask you to verify your identity in order to help us respond efficiently to your request.

Version 2    Jun 2020