mindflowyoga Data Protection

Mindflowyoga Data protection policy

The Data Protection Act 1998 (the Act) regulates the way in which all personal data is held and processed. This is a statement of the data protection policy adopted by Mindflowyoga. It applies to all Mindflowyoga staff. In order to operate efficiently mindflowyoga needs to collect and use information about the people with whom we work. This includes current, past and prospective staff, reviewers, professional experts, stakeholders, delegates, students, trainees and others with whom we communicate.
Mindflowyoga regards the lawful and correct treatment of personal information as integral to our successful operation, and to maintaining the confidence of the people we work with. To this end we fully endorse and adhere to the principles of the Act.


The purpose of this policy is to ensure that everyone handing personal information at Mindflowyoga is fully aware of the requirements of the Act and complies with data protection procedures and that data subjects are aware of their rights under the Act.

Scope: information covered by the Act

The purpose of this policy is to ensure that everyone handing personal information at Mindflowyoga is fully aware of the requirements of the Act and complies with data protection procedures and that data subjects are aware of their rights under the Act.

Responsibility for Mindflowyoga's compliance with the Act

The Faculty Administrator has overall responsibility for compliance with the Act but individual members of staff are responsible for the proper use of the data they process

Policy statement

The principles of the Act require require that personal information must:

  • • be processed fairly and lawfully.
  • • not be used for a purpose for which it was not collected 
  • • be adequate, relevant and not excessive for the purpose 
  • • be accurate and up-to-date 
  • • not be kept longer than necessary 
  • • be processed in accordance with the data subject's rights 
  • • be kept secure and protected from unauthorised processing, loss or destruction 
  • • Must be transferred only to those countries outside the European Economic Area that provide 
adequate protection for personal information.

In order to meet the requirements of these principles Mindflowyoga will: 

  • • fully observe conditions regarding the fair collection and use of information 
  • • meet its legal obligations to specify the purposes for which information is used 
  • • collect and process appropriate information, and only to the extent that it is needed to 
fulfil operational needs or to comply with any legal requirements 
  • • ensure the quality of the information used 
  • • hold personal information on Mindflowyoga systems for as long as is necessary for the relevant 
purpose, or as long as is set out in any relevant contract held with Mindflowyoga or Mindflowyoga's Records Retention Schedule (this is a database that defines which documents should be kept and for how long) or the retention attached to the record's content type 
  • • ensure that the rights of people about whom information is held can be fully exercised under the Act (these include: the right to be informed that processing is being undertaken; the data subject's right of access to their personal information; the right to prevent processing in certain circumstances; the right to correct, rectify, block or erase information which is regarded as wrong information) 
  • • take appropriate technical and organisational security measures to safeguard personal information .
  • • ensure that personal information is not transferred outside the EEA without suitable safeguards. Mindflowyoga's responsibilities for data protection and confidential information Mindflowyoga will ensure that there is someone with specific responsibility for data protection in the organisation. The nominated person is currently the Faculty Administrator.

Contact Faculty Administrator

Mindflowyoga will ensure that:

  • • everyone managing and handling personal information understands that they are responsible for following good data protection practice 

  • • this policy is available to each member of staff.
  • • everyone managing and handling personal information is appropriately trained and 
  • • queries about handling personal information are promptly and courteously dealt with and 
clear information is available to all staff 

  • • the Information and Records Manager reports to the Information Governance Group, 
which approves all changes to policy and procedure. 
Staff responsibilities for data protection and confidential information 

  • • All staff should be aware of the requirements of the Act and how the rules apply to them.
  • • All staff must complete data protection induction and annual training.
  • • All staff have a responsibility to ensure that they respect confidential information in their 
possession and maintain information security. Disclosure of confidential information gained as part of your employment to a third party, or assisting others in disclosure, will be viewed by Mindflowyoga with the utmost seriousness.
  • • All staff are responsible for ensuring personal information is kept no longer than is necessary. 
For further advice, please contact the Faculty Administrator.

Privacy statement

Mindflowyoga respects your privacy. The information that you provide us with, or that is gathered automatically, helps us to monitor our services and provide you with the most relevant information. More information on how Mindflowyoga safeguards your privacy in relation to websites, email, voicemail, social media, testing and training can be found on our website:

Access Requests

Under the Act individuals have the right to access personal information Mindflowyoga may hold about them. 
If you wish to request such information please email below.

Contact Data Protection Admin

Data Protection Complaints Procedure

Mindflowyoga aims to comply fully with its obligations under the Act. If you have any questions or concerns regarding Mindflowyoga's management of personal data, including your right to access data about yourself, or if you feel Mindflowyoga holds inaccurate information about you, please contact Mindflowyoga's Faculty Administrator (details above). If you feel that your questions or concerns have not been dealt with adequately or that a subject access request you have made to Mindflowyoga has not been fulfilled you can use QMindflowyogaAA's complaints procedure. Contact the Faculty Administrator for a copy. If you are still dissatisfied, you have the right to contact the office of the Information Commissioner, the independent body overseeing compliance with the Act: