Lewis and Palmer Limited, trading as Clementine (“Clementine”, “we”, “us”, “our”), is a provider of a hypnotherapy and wellbeing app called Clementine (the “App”). For more information about Clementine, please visit our website: https://clementineapp.co.uk/ (the “Website”).
We have developed the App which is available for download from https://apple.co/2GYHdyP for Apple devices. The App allows you to set up an account and browse, access and listen to a variety of hypnotherapy sessions whenever you want. The App includes a number of features, about which more information can be found in the App Terms and Conditions.
What personal data do we collect and process, and how do we use it?
|What personal data do we process?||Why do we process this personal data?||What is our lawful basis for processing?|
|Identity Data: this includes your title, first name and surname.||
|Contact Data: this includes your email address and any other contact details you may choose to provide to us.||
|Survey Data: this includes any additional information you may choose to give us as part of a survey we conduct.||
|Location Data: this includes your precise and approximate geo-location which is collected by Apple from the device you use to access the App.||
|Usage Data: we may process data regarding your use of the App, including App download and deletion, average time spent in the App, any problems reported, what is accessed on the App, your IP address, device type, and number and frequency of logins.||
Who do we share your personal data with?
By using the App, we may need to disclose your personal data to selected third parties in the following limited circumstances:
- We share your personal data with third party service providers such as Mailchimp (for mailing and marketing services), Firebase (for tracking events, for use of Firebase Crash Reporting, Google Analytics and Dynamic Links), Survey Monkey (to conduct surveys on our behalf) React Native (the software we use to develop the App) and Apple. We share your personal data with these companies in order to help with the proper functioning of the App, to analyse and understand your usage of the App and the services, so we can make improvements, and to contact you via email.
- We may share your personal data with our insurance providers or other professional advisers if this is necessary for, for example, obtaining or maintaining insurance coverage, managing risks, obtaining professional advice or exercising or defending legal rights and claims.
- If you purchase any additional services through the App, if we process the payment we may pass your payment details to:
- credit reference agencies to verify your identity and detect and prevent fraud, money laundering or any other criminal activity; and
- payment providers to securely process your payments and deal with any refunds or payment-related queries.
Transfers of your personal data
We will not transfer your personal data outside of the EU (or the UK to the extent the UK is no longer part of the EU), except to selected third parties that we have instructed to help us provide the App to you, and such third parties may process and store your personal data in any one of their geographically distributed data centres as part of its cloud platform.
In the case of transfers of your personal data outside of the EU (or the UK to the extent the UK is no longer part of the EU), where the transfers are not to countries that provide an adequate level of protection (for example, we may rely on a Privacy Shield certification where the transfer contains a US entity, such as MailChimp), we will use reasonable efforts to put in place appropriate safeguards to cover transfers of your personal data which may include, for example, signing standard contractual clauses/data protection clauses adopted by the European Commission. Please click here for a link to the standard contractual/data protection clauses and click here for more information about the Privacy Shield for US companies.
If there are any other circumstances which would require us to transfer your personal data outside of the EU (or the UK to the extent the UK is no longer part of the EU), we will seek your consent to transfer your personal data outside of the EU. In the event of such a transfer, where applicable, we will put appropriate safeguards in place to cover transfers of your personal data including, for example, signing standard contractual clauses/data protection clauses adopted by the European Commission, or where applicable, relying on a Privacy Shield certification where the transfer contains a US entity.
Cookies are small text files containing a string of characters that can be placed on your computer or mobile device that uniquely identifies your browser or device. Some of our third party service providers (see section 2 above) may place third party cookies on your device that are necessary in order to help with the proper functioning of the App, such as storing and remembering your log-in details and automatically reporting any bugs or other issues with the App. For information about the cookies that we use on the Website, please read our Cookies Policy available here: https://clementineapp.co.uk/cookie-policy/.
We store your personal data in line with legal, regulatory, financial and good-practice requirements and we will generally keep your personal data for up to a maximum period of six years following the end of our relationship. For further details regarding how long we keep each specific category of personal data, please contact us email@example.com.
Accessing your Personal Data and your rights
As a result of us collecting and processing your personal data, you have the following legal rights:
- to access personal data held about you;
- to request us to make any changes to your personal data if it is inaccurate or incomplete;
- to request your personal data is erased where we do not have a compelling reason to continue to process such data in certain circumstances;
- to receive your personal data provided to us as a data controller in a structured, commonly used and machine-readable format where our processing of the data is carried out by automated means, and it is based on: (i) your consent; (ii) our necessity for performance of a contract to which you are a party to; or (iii) steps taken at your request prior to entering into a contract with us;
- to object to, or restrict, our processing of your personal data in certain circumstances;
- if we ever use your personal data for direct marketing, you can ask us to stop and we will comply with your request;
- if we use your personal data on the basis of having a legitimate interest (as set out in the table above), you can object to our use of it for those purposes, giving an explanation of your particular situation, and we will consider your objection;
- to object to, and not be subject to a decision which is based solely on, automated processing (including profiling), which produces legal effects or could significantly affect you; and
- to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
To exercise any of your rights set out above, including to withdraw your consent where we have stated we are processing your personal data based on your consent, please contact us at firstname.lastname@example.org.
Contacting us and changes to your personal data
Please keep us informed of any changes to your personal data at any time by updating your details in the App.