Crescat Sententia Therapy And Counselling Services

Counselling, Cognitive Behavioural Therapy (CBT) & Mindfulness.

Privacy Policy

At Cresca Tsententia, we are devoted to safeguarding and respecting our customers’ privacy.

This policy has been updated to reflect the changes brought about by the General Data Protection Regulations (GDPR). We may amend this policy from time to time to reflect the following:

  • modifications to Data Protection Regulations and other applicable laws that may have an effect on this policy;
  • advice issued by the Information Commissioner’s Office and others;
  • concerns expressed by our customers

​This policy takes effect on May 25, 2018.

​Definitions

The following terms have the following definitions in this policy:

  • Act refers to the 1988 Data Protection Act.
  • Customer refers to customers or prospective customers who have signed into a contract with us in the past or future for the provision of Counseling, CBT, or similar Services.
  • The term “Data Protection Laws” refers to the Act, the GDPR, the Regulation of Investigatory Powers Act 2000, the Electronic Communications Data Security Directive (2002/58/EC), and the Privacy and Electronic Communications Act (EC Directive)
  • Regulations 2003 (SI 2426/2003) and all applicable laws and regulations governing the personal data and privacy, which include, where applicable, guidance and codes of practise issued by the ICO or other supervising authority, and any applicable equivalents in any relevant jurisdiction.

The terms “Data Controller,” “Data Processor,” “Data Subject,” and “Personal Data” have the meanings assigned under the Act and GDPR.

  • ICO refers to the Information Commissioner’s Office of the United Kingdom and any successor data protection authority.
  • We, Our, and Us refer to Cresca Tsententia.
  • You, Your, or Customer refers to your organisation and its employees, or to you as an individual.
  • The term “staff” refers to your and our employees, contractors, agents, and subcontractors.
  • The Business (Cresca Tsententia) – in its capacity as Data Controller

Where you are a Cresca Tsententia Customer, we shall be the Data Controller for certain Personal Data that you and your Staff may provide to us or that we collect from you (Data subject).

Cresca Tsententia, 44 Denchworth Road, Wantage, Oxfordshire, OX12 9ES shall be the Data Controller for the purposes of the Act and GDPR. If we ask you to give us with personally identifiable information through our Services or other communication methods, you can be confident that it will be treated in line with this privacy statement.

​As Data Controller, we define the purposes for which and how your Personal Data will be processed, if at all. This policy describes the sorts of processing that we may perform on your Personal Data.

​The Types of Data We Store

The Partnership will collect and process the following personally identifiable information about you that you supply us with:

Customer Personal Data (customers):

Name;

Address;

Email address: and other information essential for our Services to operate properly.

You may provide this information when you: Apply to utilise our Services; Communicate with us through phone, e-mail, or other means; Inform us of a problem with one of our services.

Personal Enquiry Data (individuals submitting an application to utilise our services):

This is information that you provide to us and may contain the following:

Name;

Address;

email address; and any other information you voluntarily provide or furnish.

This information may be provided by you when you: contact us regarding our goods and/or services through telephone, email, or another channel; or subscribe to any newsletter or periodical we may provide. This data may be used for the following purposes: replying to your query; promoting, offering, and selling our products and services to you; or sending you requested publications; and enabling and monitoring your usage of our services.

​How we will utilise data

Personal information will be used in the following ways by the Partnership:

Personal Data of the Customer:

​May be processed for the following purposes: internal record keeping in the performance and administration of our services, to run our business efficiently, to notify you about new features, products, special offers, or other information we believe you’ll find interesting, to notify you about changes to the company’s service, this privacy statement, maintaining backups of our databases, data analysis, research, statistical, and survey purposes in order to improve our service; to communicate with you about new features, products, special offers, or other information we believe you’ll find interesting;

​If you do not supply requested personal details

If you, the Customer, fail to supply requested information, the Company may be unable to fulfil the services and/or any contract with you. In this instance, the contract becomes null and invalid.

​Modification of purpose

Personal information will be used solely for the purposes for which it was gathered.

Please be aware that we may treat your personal information without your knowledge or permission to the extent that the law requires or permits.

​Your information will be disclosed

You acknowledge and agree that the Company has the right to share Customer Personal Data with the following entities:

Selected third parties, such as business partners, suppliers, and subcontractors for the performance of any contract we enter into with them or with you (including third-party IT providers, hosting, and back-up service providers); and third-party service providers who assist us with our activities, such as hosting providers and other IT or payment service providers, may also have access to personal information we hold and may use it on our behalf if the Complaint is upheld.

Other third parties: if we are required to disclose or share your personal data by law, or in order to enforce or implement the Terms of Service; or to protect the Company’s, our customers’, or others’ rights, property, or safety. This includes exchanging information with other organisations to combat fraud and reduce credit risk; and to assist us in enhancing our goods and services. We may monitor aggregated data acquired through our service and share it with third parties anonymously. This data will not contain any personally identifiable information.

We will not sell, rent, or disclose Customer Data or Usage Data in any other way with other parties without your agreement, unless required by law;

Where the Partnership will keep personally identifiable information

Personal information may be stored electronically, such as in our customer relationship management system. We take all reasonable precautions to ensure the security of any personal information we collect about you.

We limit access to personal information to those employees who require it to operate and improve the services.

All information supplied to or collected by the Company is: saved on the Company’s secure servers located inside the European Union (EU) or on facilities that comply with the EU-US and Swiss-US Privacy Shields.

Data Protection

Regrettably, information transfer over the internet is not totally secure. While the Company will make reasonable efforts to secure your personal data, it cannot guarantee the security of personal data submitted through the internet; any transmission to the Company is at your own risk. After receiving your information, the Company will employ stringent processes and security mechanisms to attempt to prevent unauthorised access.

​How long the Partnership intends to retain personal information

The Company will retain Customer Personal Data for the following periods: as long as necessary to provide the services we are providing to you; and for a period of six years following the conclusion of the services.

​We may retain Customer Personal Data if it is essential for us to comply with a legal obligation or to safeguard your vital interests or the vital interests of another natural person.

​The Partnership will preserve Enquiry Personal Data for the following periods: as long as necessary to process the enquiry you have raised; and six years from the date of your Enquiry.

Your data subject rights

​You have the following rights as a natural person. Please keep in mind that this is a brief outline of your legal rights. If you want a more detailed understanding of your rights, you should study the appropriate laws, advice, and regulations.

​Right of Access to Your Personally Identifiable Information

You may inquire as to whether we process your Personal Data and, if we do, you may obtain a copy from us. If you submit an electronic request to the Partnership, the Partnership will respond in a frequently used electronic format, unless you expressly request a different format.

​We shall provide the data free of charge, but we retain the right to charge a reasonable price (or to refuse to act) if you seek further copies of the information or if your access request is baseless or excessive.

We may withhold your Personal Data in some instances, such as where the rights and freedoms of others may be harmed or when we are authorised by law.

​Right to request that your Personal Data be rectified

If you believe we possess any erroneous or incomplete Personal Data about you, you have the right to request that we correct any inaccurate data or complete any missing data we hold.

Right to have your Personal Data erased (the “right to be forgotten”).

The Partnership shall retain Personal Data for no longer than required to fulfil the objectives for which it was obtained. However, in some instances, you may request that the Company delete any Personal Data it holds about you.

​Right to request that your Personal Data be restricted from being processed

You may, in some instances, request that the Company restrict its processing of your Personal Data.

Right to object to the processing of your Personal Data by Companies

You may object to the Company processing your Personal Data if the processing is necessary for the Company’s or a third party’s public interests or legitimate purposes; or if the processing is necessary for direct marketing. If you object, the Company will cease processing your Personal Data unless the Company has a compelling legitimate reason to do so; or the Company need the Personal Data to establish, exercise, or defend legal claims.

​Direct marketing processing will halt immediately.

You have the right to data portability with regards to your Personal Data.

In certain circumstances, you may be able to request that the Company: provide your Personal Data in a format suitable for storage on a private device for future personal use; transmit the Personal Data to another data controller; or transmit your Personal Data directly to another data controller where nominally feasible.

​Right to lodge a complaint with the Information Commissioner’s Office/supervising authority

If you feel our processing violates Data Protection Laws, you have the right to make a complaint with a data protection supervisory body. You may lodge a complaint in the EU member state in which you reside, work, or where the alleged infringement occurred.

​The right to be notified of any violation

In the improbable case of a Personal Data breach that poses a significant danger to your rights, the Company will notify you without undue delay.

However, if your Personal Data is encrypted or rendered unreadable in any other way, the Company is not obligated to notify you of a breach.

​Consent revocation

Where our processing of your Personal Data is based on your consent, you have the right to withdraw your consent at any time. This withdrawal will have no effect on the lawfulness of any processing that occurred prior to your withdrawal of permission.

​Modifications to our privacy statement

Any future modifications to this privacy statement will be published on this page and, where applicable, informed to you by e-mail. Keep checking back periodically to see if our privacy policy has been updated or modified.

​Contact

All inquiries, comments, and requests regarding this privacy statement should be sent to the contact page.