Privacy & Cookies Policy
This privacy notice tells you what to expect when the Almond Tree Foundation collects personal information about you when you use thealmondtree.org or interact with us in any setting where your personal details are used. We are committed to protecting your personal information when you use our services. Whenever you provide such information we will use your information in line with all applicable data protection laws, including the General Data Protection Regulation (GDPR). Your information will be kept in a secure environment and access to it will be restricted according to the ‘need to know’ principle.
The Almond Tree Foundation is the data controller and we are responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice).
Who we are
The Almond Tree Foundation is a Community Interest Company (CIC) registered in the UK, whose aim is to provide wellbeing education. The term ‘Almond Tree Foundation’ or ATF or ‘us’ or ‘we’ refers to the owner of this website.
Our website address is: https://www.thealmondtree.org
Registered Address: 167-169 Great Portland Street, London, W1W 5PF
What personal data we collect and how we collect it
This is data that can be used to uniquely identify or contact a single person. You may be asked to provide your personal information anytime you are in contact with us or related activity.
We will collect and process the following personal information about you. Typically this will be information you give us by filling in forms on our website, creating an account, or making a purchase with us or by corresponding with us by phone, e-mail or otherwise. It includes information you provide when you register to use our services, or report a problem with our site. This information that you give us may include:
Identity Data, including first name, last name, username or similar identifier, title, and date of birth;
Contact Data, includes billing address, delivery address, email address and telephone numbers;
Financial Data, including bank account and payment card details;
Transaction Data, including details about payments to and from you and other details of products and services you have purchased from us;
Marketing and Communications Data, including your preferences in receiving marketing from us and our third parties and your communication preferences.
When visitors leave comments on the site we may collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
The contact form on our website collects the name and email addresses of those who choose to contact us this way. This information is used to email a response to your query. We do not share this information with any third party, it is not used for any marketing purpose.
The cookies we use may last for a single visit to our site (they are deleted from your computer when you close your browser) or may remain on your computer until you delete them or until a defined period of time has passed.
to allow essential parts of our website to operate for you;
to collect information about how you use our site;
to close your session and log you out of your account upon the expiry of a certain amount of time of inactivity.
To market our products to you through services such as google.com, and facebook.com
Useful links for information about cookies:
The following links explain how to access cookie settings in various browsers:
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.) from other websites e.g. youtube.com. Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
We use Google Analytics to record information about the pages a user has seen, for example, the URL of the page, time of day, the device used, etc. The information that we collect is anonymized and sent to Google Analytics for analysis.
Google Analytics mainly uses first-party cookies to report on visitor interactions on this website. Users may disable cookies or delete any individual cookie. Learn more here https://policies.google.com/technologies/cookies
In addition, Google Analytics supports an optional browser add-on (https://tools.google.com/dlpage/gaoptout/) that once installed and enabled – disables measurement by Google Analytics for any site a user visits. Note that this add-on only disables Google Analytics measurement.
Google Analytics also collects Internet Protocol (IP) addresses to provide and protect the security of the service and to give website owners a sense of which country, state, or city in the world their users come from (also known as “IP geolocation”).
See this page for Google Analytics security and usage of data – https://support.google.com/analytics/answer/6004245
For further details, please see the ‘about Hotjar’ section of Hotjar’s support site.
Why do we collect this data?
All information we collect allows us to operate our activities and service you the customer. We collect this data so that we may:
Operate our activities in an organised and efficient fashion; and/or to process and deliver your orders; and/or manage your payments, fees and charges; and/or keep you posted on our latest announcements, news and upcoming events; and/or help us to improve our services, content and advertising; and/or help us develop, deliver and improve our products, services, content and advertising; and/or collect and recover money owed to us; and/or notify you about changes to our terms or privacy notice; and/or administer and protect our organisation and this website; and/or make suggestions and recommendations to you about goods or services that may be of interest to you.
We may also use personal information for internal purposes such as auditing, data analysis and research to improve our products, services and customer communications.
We will only use your personal data for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Who we share your data with
We may have to share your personal data with the parties set out below as follows:
Third-Party Service providers including those who provide IT, Finance, Software, Marketing and system administration services.
Professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.
HM Revenue & Customs, regulators and other authorities based in the United Kingdom and other relevant jurisdictions require reporting of processing activities in certain circumstances.
We require all third parties to whom we transfer data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.
We also share anonymous website metrics data with Google Analytics, Youtube, Facebook, Hotjar and Vimeo.
At times, we may make certain personal information available to strategic partners that work with us to provide products and services, or that help us market to customers. Personal information will only be shared by us to provide or improve our products, services and advertising.
How long do we retain your data?
Personal data will be kept for the length of time necessary to perform the process for which it was collected. This applies to data held both electronically and on paper.
Your personal data for marketing communications will be retained indefinitely unless you tell us that you no longer wish to receive marketing messages from us and our services. In these circumstances, we will keep this information about you to ensure that we don’t send you any further marketing communications in error.
Legal basis for collecting personal data
Organisations are permitted to process data if they have a legal basis for doing so. We process data on the basis that:
Express and informed consent has been given by the person whose data is being processed; and/or we have a legitimate interest in processing the data; and/or It is necessary in relation to a contract or agreement which the person has entered into or because the person has asked for something to be done so they can enter into a contract or agreement; and/or there is a legal obligation on us to process data.
Where we are relying on solely consent as the basis for processing data, we are required to obtain your explicit consent and you can modify or withdraw this consent at any time by notifying us in writing, although this may affect the extent to which we are able to provide services to or interact with you in future.
Where your data is stored
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those parties who have a business need to know such data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
All information you provide to us is stored on secure servers. Our website is hosted by Wix.com. Wix has servers all over the world, including Europe and the US. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our site you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
What rights do you have over your data?
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us via our website contact form. Unless you inform us otherwise we will handle your data in accordance with this policy.
In certain situations, you are entitled to: (i) request access to a copy of your personal data; (ii) request that we correct your personal data; (iii) request that we erase your personal data; (iv) object to the processing of your personal data where we are relying on legitimate interest; (v) request the restriction of processing of your personal data; (vi) request the transfer of your personal data to a third party; or (vii) where you have provided your consent to certain of our processing activities, in certain circumstances, you may withdraw your consent at any time (but please note that we may continue to process such personal data if we have legitimate legal grounds for doing so).
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests (in each case, where we are legally entitled to take longer to respond). In this case, we will notify you and keep you updated.
Our site may, from time to time, contain links to and from other websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
If you are under 16
When registering an ‘under 16’ for our programmes and services this should be done through a parent or legal guardian. If you are under 16 and register your details with us, we will collect the personal details you provide and send you age-appropriate marketing communications in accordance with this policy.
Data Privacy Information