Data Protection and Privacy Policy Notice

Last updated on December 5, 2024

1. General Provisions

This notice for TuA Ayurveda (the “Company,” “we,” “us,” or “our“), describes how and why we might collect, store, use, and/or share (“process“) your information when you use our services (“Services“), such as when you:

  • Visit our website at www.consultationsayurveda.com (the “Website”), or any website of ours that links to this privacy notice
  • Engage with us in other related ways ― including booking appointments, in person services, etc.

Reading this notice will help you understand your data and privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services.

  • This notice applies to all personal data processed by the Company.
  • The Responsible Person shall take responsibility for the Company’s ongoing compliance with this notice.
  • The Company reserves the right to modify this notice at any time, by publishing a new version on its website.

If you still have any questions or concerns, please contact Silvia Lombardi (hereinafter the “Responsible Person”) at contact@consultationsayurveda.com

The Company is committed to processing data in accordance with its responsibilities under the Data Protection Act (DPA) 2018, which implements the EU’s General Data Protection Regulation.

DPA requires that personal data shall be:

  • processed lawfully, fairly and in a transparent manner in relation to individuals;
  • collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
  • adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
  • accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
  • kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; and
  • processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
  • To ensure its processing of data is lawful, fair and transparent, the Organisation shall maintain a register of all systems or contexts in which personal data is processed by the Company (the “Register of Systems”).
  • The Register of Systems shall be reviewed at least annually.
  • All data processed by the Company must be done on one of the following lawful bases: consent, contract, legal obligation, vital interests, public task or legitimate interests (see ICO guidance for more information).
  • The Company shall note the appropriate lawful basis in the Register of Systems.
  • Where consent is relied upon as a lawful basis for processing data, evidence of opt-in consent shall be kept with the personal data.
  • Where communications are sent to individuals based on their consent, the option for the individual to revoke their consent will be available. 
  • The Company shall ensure that personal data are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
  • We collect personal information that you voluntarily provide to us when you contact us, use our Services, or participate in activities organized by us. This information may include personal information (when you contact us or participate in group events organized by us), and sensitive information (when you use our Services), such as:
    • Identification information: Name, date of birth, sex, phone number, email address
    • Personal information: lifestyle, family situation
    • Health information: current and past health situation
    • Medical information: medical history and medical situation
  • We do not collect information while you navigate our website.
  • We do not collect your payment information, which will be handled by a third party when you book our services online.
  • We do not share any information with third parties, unless you request so.
  • Beyond the respect of legal obligations, your data is collected only to ensure optimal client care.
  • To ensure that personal data is kept for no longer than necessary, the Company has an archiving policy for each area in which personal data is processed and review this process annually.
  • Your data will be kept for 5 years starting from the date of your last contact with the Company, after which your data will be destroyed.
  • The Company ensures that your data is stored securely using modern software and safe physical storage. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. 
  • Access to your data shall be limited to the Responsible Person, and appropriate security is in place to avoid unauthorised sharing of information.
  • When data is deleted, this is done safely such that the data is irrecoverable.

In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, the Company shall promptly assess the risk to people’s rights and freedoms and if appropriate report this breach to the relevant authorities.

You have the right to

  • Access your data: you can ask information regarding the processing of your data and a copy of your data.
  • Modify your data: if you think your data is inaccurate or incomplete, you can request their modification
  • Delete your data: you can ask that your data be deleted at any time
  • Transfer your data: you can request that your data be transferred to a third party

To benefit from these rights, you can address your requests to contact@consultationsayurveda.com

All information, commercial or of any kind whatsoever, which one of the parties may have collected on the other party in any form whatsoever, including through oral exchange, shall remain confidential. Each party undertakes not to disclose, use or communicate this information, and will take all reasonable measures to ensure that such confidentiality is preserved.

 

The parties undertake to return to each other, upon simple request or in case of termination of the contract, all documents communicated and not to keep copies or reproductions.

  • Client’s responsibility: In order to respect the confidentiality of exchanges within the framework of private consultations with the Practitioner, it is the responsibility of the Client to verify that the e-mail address or phone number that they provide is personal and that no one else can access it.
  • Practitioner’s responsibility: unless required by law, the Practitioner may not disclose or report information and/or statements of which they have become aware during a consultation. The Practitioner will take all reasonable precautions to preserve the anonymity of the Client. To this end, should the Practitioner run into a Client outside the scope of a consultation, they will not acknowledge the Client unless the Client acknowledges them first.

This notice is governed by French law and construed in the French language.

 

Any dispute arising from its application shall be submitted to the exclusive jurisdiction of the French courts. Specifically, any dispute arising from this notice will be submitted to the exclusive jurisdiction of the Foix (09000) Court.

 

In case of dispute, the parties commit to searching an amicable resolution. The Client is encouraged to contact the Company’s representative first. If the parties should not find a solution, the Client is informed that, as a consumer, they have a right to be assigned a mediator, in accordance with article L.612-1 and following articles of the French Code of Consumption, with a view to the amicable resolution of the dispute.