Privacy Policy  
We understand that privacy and the security of your personal information are extremely important. This policy sets out what we do with your information and what we do to keep it secure. It also explains where and how we collect your personal information, as well as your rights over any personal information we hold about you. This Policy explains how we do this and tells you about your privacy rights and how the law protects you.  

Introduction  
This privacy notice applies to this website and all other interactions (e.g, when you create an account with Beyond Reactivity, purchase or sign up for a free product or service, subscribe to the mailing list, when you contact us by email or phone or any messenger apps or through any forms on this website or contact us via social media or complete any questionaries, documents or disclose any of your personal information verbally or in any other way) you may have with us. If you do not agree with the terms, do not access or contact Beyond Reactivity or any other aspect of this website.  

Contents    
• Contact details    
• What information we collect, use, and why    
• Lawful bases and data protection rights

• Your data protection rights   
• Where we get personal information from    
• How long we keep information    
• Who we share information with    
• Sharing information outside the UK
    
• Data Security 
• How to complain 
 

Contact details  

You can contact Beyond Reactivity at any time if you have any questions about this Privacy Policy or our practices, or if you are seeking to exercise any of your statutory rights. You can contact us via email - matty@beyondreactivity.com  

What information we collect, use, and why  

We collect or use the following information to provide services and goods, including delivery:      
• Names and contact details    
• Email addresses    
• Addresses    
• Purchase or account history    
• Photographs or video recordings    
• Audio recording    
• Call recordings    
• Records of meetings and decisions    
• Technical Data that includes data about your use of our website and online services such as your IP address, your login data, details about your browser, length of visit to pages on our website, page views and navigation paths, details about the number of times you use our website, time zone settings and other technology on the devices you use to access our website.    
• User Data that includes data about how you use our website and any online services together with any data that you post for publication on our website or through other online services. This may include product, content, files, courses, quizzes, surveys or any other content you upload to or create on the Beyond Reactivity website.    
• Marketing Data that includes data about your preferences in receiving marketing from us and our third parties and your communication preferences.        Other Information Collected  We may collect data about you by you providing the data directly to us (for example by filling in forms on our site or by sending us emails). We may automatically collect certain data from you as you use our website by using cookies and similar technologies. Please see our cookie policy for more details about this: https://www.beyondreactivity.com/cookiepolicy      

Lawful bases 
Under UK data protection law, we must have a “lawful basis” for collecting and using your personal information. There is a list of possible lawful bases in the UK GDPR. You can find out more about lawful bases on the ICO’s website.  
Our lawful bases for collecting or using personal information to provide services and goods are:      
• Consent - we have permission from you after we gave you all the relevant information. All of your data protection rights may apply, except the right to object. To be clear, you do have the right to withdraw your consent at any time.    
• Contract – we have to collect or use the information so we can enter into or carry out a contract with you. All of your data protection rights may apply except the right to object    
• Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. For example to contact you after your Service has been completed for purposes of offering further sessions, or to improve our website or for insurance purposes should a claim arise.  All of your data protection rights may apply except the right to data portability and in the case of the collecting and using data for insurance purposes the right to object as the legitimate interests are compelling enough to override the individual’s rights  

Which lawful basis we rely on may affect your data protection rights which are in brief set out below. You can find out more about your data protection rights and the exemptions which may apply on the ICO’s website:  You can read more about these rights here - https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/individual-rights/individual-rights/ 

Your data protection rights     
• Your right of access - You have the right to ask us for copies of your personal information. You can request other information such as details about where we get personal information from and who we share personal information with. There are some exemptions which means you may not receive all the information you ask for.    
• Your right to rectification - You have the right to ask us to correct or delete personal information you think is inaccurate or incomplete.    
• Your right to erasure - You have the right to ask us to delete your personal information.     • Your right to restriction of processing - You have the right to ask us to limit how we can use your personal information.    
• Your right to object to processing - You have the right to object to the processing of your personal data.    
• Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you.    
• Your right to withdraw consent – When we use consent as our lawful basis you have the right to withdraw your consent at any time.  
If you wish to exercise any of the rights set out above, please email matty@beyondreactivity.com  

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.  

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

We may also contact you to ask you for further information in relation to your request to speed up our response.  We try to respond to all legitimate requests within 30 days. Occasionally it may take us longer than 30 days if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.  

Where we get personal information from     
• Directly from you    
• Veterinary practices and at times other animal industry professionals such as but not limited to dog walkers, daycares, physiotherapists and hydrotherapists.    
• We may receive personal data about you from various third parties and public sources as set out below. When a Third Party Service is enabled, we are authorized to connect and access other Information made available to us in accordance with our agreement with the Third Party Provider. We do not, however, receive or store passwords for any of these Third Party Services when connecting them to the Services. Third party integrations may include    
• Stripe.com    
• Paypal.com    
• Meta.com    
• Google.com    
• Microsoft.com    
• Zoom.com        

How long we keep information 
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. When deciding what the correct time is to keep the data for we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements. For insurance purposes we are required to keep the data collected about our customer for seven years after they stop being customers.  In some circumstances we may anonymise your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you.  

Who we share information with  
We may have to share your personal data with service providers who provide cloud infrastructure, video hosting, live video platforms, email provider, SEO support, IT and system administration services: the parties set out below:      
• Online Course platform provider Zenler.com who will be data processor of your data. We have entered into a data processing addendum with Zenler to process your data.    
• Meta.com    
• Google.com    
• Microsoft.com    
• Zoom.com  Others we share personal information with but only with prior consent from you.    
• Insurance companies    
• Veterinary practice    
• And other animal professionals such as but not limited to dog walkers, dog daycares,  physiotherapists and hydrotherapists.  

Sharing information outside the UK 
Where necessary, we may transfer personal information outside of the UK. We do this by using cloud storage, web hosting and web-based applications detailed below. When doing so, we comply with the UK GDPR, making sure appropriate safeguards are in place.  

Organisation name: Godaddy
Category of recipient: Web hosting company, domain registrar
How the transfer complies with UK data protection law: Either “adequate” level of data protection or the UK-US Data Bridge; (c) the EU Standard Contractual Clauses with the UK IDTA; or (e) any other applicable Mandatory Transfer Mechanism permitted under the applicable Data Protection Law.  

Organisation name: Google
Category of recipient: Cloud storage
How the transfer complies with UK data protection law: adequate country (Ireland)  

Organisation name: Microsoft
Category of recipient: web-based applications, email and cloud storage
How the transfer complies with UK data protection law: Standard contractual clauses  

Data Security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.  
Third Party Links We may include links to third-party websites, addons and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.  

Cookies: You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see Cookie Policy https://www.beyondreactivity.com/cookiepolicy  

How to complain 
If you have any concerns about our use of your personal data. We would be grateful if you would contact us by email on matty@beyondreactivity.com first if you do have a complaint so that we can try to resolve it for you. If you remain unhappy with how we’ve used your data after raising a complaint with us, you can also complain to the ICO.
The ICO’s address: Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF
Helpline number: 0303 123 1113
Website: https://www.ico.org.uk/make-a-complaint
 
Last updated 11 September 2024