Privacy Notice

Updated Feb 2022

This Privacy Notice sets out how My Expert Midwife (known as a Data Controller) collects and uses your personal data.
When we refer to “we”, “us” “our” or “controller” in this Privacy Notice we mean My Expert Midwife.
Our Privacy Notice is structured in a way for you to easily find the specific details of what we do with your personal data, depending on which of our services you are using, for example buying one of our products, or signing up to our newsletter.
Part 1 of our Privacy Notice is information we must tell everyone regardless of the nature of our relationship with you. Parts 2 to 6 give information that is specific to your relationship with us
  • Part 1 – General Information
  • Part 2 – If you make a purchase from our website
  • Part 3 – If you make an enquiry about our products or service
  • Part 4 – If you would just like to receive our newsletters and blogs
  • Part 5 – If you stock our products
  • Part 6 – If you are a supplier

PART 1 – GENERAL INFORMATION

Our contact details

My Expert Midwife is the data controller for the personal data we process about you.
You can contact us regarding the use of your personal data via one of the following ways: Email: advice@myexpertmidwife.com
Postal Address: Unit 4 Stoneacre, Grimbald Crag Close, Knaresborough HG5 8PJ

How we get your personal data

Most of the time we obtain personal data directly from you, for example when you purchase one of our products, or ask us a question about our products. Here are some of the ways in which you may give us your personal data;

  • Purchase one of our products
  • Create an account on our website
  • Subscribe to our newsletter
  • Contact us via email, or via the contact us page on our website
  • Engage with us through social media
  • Take part in a survey

There are some occasions when we obtain personal data indirectly, through a third party or publicly available source. For example we may purchase lists from third parties in order to contact you with relevant information, or, in the case of suppliers, we may look up your contact data from publicly available sources such as companies house. Where this is the case My Expert Midwife will carry out all due diligence checks required and only use data that complies with the General Data Protection Regulation.

Your rights

Depending on the purpose and the legal basis we rely on for processing your personal data, there are various rights available to you. You can:
  • access the personal data we keep about you and be given specific information about the processing. This right always applies regardless of the processing activity we undertake.
  • ask us to rectify personal data we hold about you that you think is inaccurate. This right always applies regardless of the processing activity we undertake.
  • ask us to delete your personal data but only when specific circumstances apply.
  • ask us to restrict the processing of your personal data but only when specific circumstances apply.
  • object to the processing when we have relied on legitimate interest to undertake that processing activity and you believe we have infringed your rights.
  • transfer your personal data from us to another service provider or give it to you. This right only applies to personal data you have given to us and when the processing is based on your consent or contractual basis and the processing is automated.
To find out more about how to exercise your rights please refer to the guidance on the Information Commissioner’s Office website - https://ico.org.uk/your-data-matters/.
You do not have to pay a fee to us to exercise any of your rights. However, if your request is manifestly unfounded or excessive, we may either charge a reasonable fee or refuse the request.
We shall respond to valid requests within one month of receiving it.
If you wish to make a request, please contact advice@myexpertmidwife.com

How to make a complaint about us to the Information Commissioner’s Office

If you are not happy with how we are processing your personal data or you believe we have not dealt with one of your rights correctly you are entitled to make a complaint to the Information Commissioners Office (ICO). The ICO has several ways in which you can get in touch with them, including post, email, and online forms. For full details how to make a complaint please refer to their website - https://ico.org.uk/make-a-complaint/.

Sharing your information

We do not rent, or sell your information with any third parties for the purposes of direct marketing.
When we need to use data processors who are third parties to provide any aspect of the service we provide to you, we ensure we have appropriate contracts in place that are GDPR compliant. The data processor is not allowed to do anything with your personal data unless we have instructed them to do it. They will not share your personal data with any organisation apart from us unless they are required to do so by law. They will hold it securely and retain it for the period we instruct.

Our data processors (external third parties) include:

DATA PROCESSOR

FUNCTION

PROCESSING ACTIVITIES

Shopify

Website: www.shopify.com/legal/privacy

Used to host our ecommerce store.

Information that you enter when placing an order on our website is held by Shopify so that we can make sure you receive your order. Your information is also stored if you have chosen to receive newsletters via our stay updated page, or contacted us via the contact us page.

Mosaic Fulfilment Solutions

Website: www.mosaic-fs.co.uk

privacy@mosaic-fs.co.uk

Operation of our Fulfilment and packing service. (myexpertmidwife.co.uk)

The fulfilment and packing service that we use, when you place an order through myexpertmidwife.co.uk. Mosaic Fulfilment Solutions access your data through the Shopify ecommerce site and use it to process

2Flow Logistics Solutions

Website: www.2flow.ie

Operation of our Fulfilment and packing service. (www.myexpertmidwife.ie)

The fulfilment and packing service that we use, when you place an order through myexpertmidwife.ie. Flow Solutions access your data through the Shopify ecommerce site and use it to process your order only.

Freshdesk

Website: www.freshdesk.com

privacy@freshworks.com

Our customer relationship management tool

When you contact us via email, or via the website contact us page , freshdesk will store your email address and any other information that you have passed on to us, in order that we can respond to your enquiry.

Survey Monkey

Website: www.surveymonkey.co.uk

To send you questionnaires and surveys

Will process the information that you submit in response to a survey. This may include your email address and other personal data.

Mention-Me Ltd

Website: www.mention-me.com

gdpr@mention-me.com

Operation of refer a friend program

Processing customer email addresses and certain order data for the purposes of:

• Monitoring the programme and safeguarding against gaming or fraudulent use of the programme;

• Communicating with customers in connection with operation of the programme and delivery of rewards;

• Reporting to [Controller] on the performance of the programme

BazaarVoice

Website: www.bazaarvoice.com/uk/

Operation of of product Review Service

Processing Customer email addresses and certain order data for the purposes of Communicating with customers in connection with the operation of the review programme

Klaviyo Website: www.klaviyo.com privacy@klaviyo.com Operation of our email program Processing customer email addresses and certain order data in order to send, if we have permission, emails from time to time.

Microsoft Onedrive for business

To store My Expert Midwife Business data Used to store My Expert Midwife business data which may include your personal data

Facebook

Website: Facebook.com

Social Media Network To share our content, products and target relevant advertising to you and similar audiences.

Klarna

klarna.com/UK

Payment Method In order to offer you Klarna’s payment methods, we might in the checkout pass your personal data in the form of contact and order details to Klarna, in order for Klarna to assess whether you qualify for their payment methods and to tailor those payment methods for you. Your personal data transferred is processed in line withKlarna’s own privacy notice

Tik Tok

website: tiktok.com

Social Media Network To share our content, products and target relevant advertising to you and similar audiences.

Thinkific

Our On Demand Foundation Couse and site is hosted by Thinkific Labs Inc. (“Thinkific”). They provide us with the online course creation platform that allow us to sell our product/services to you.
Your data is stored through Thinkific’s data storage, databases and the general Thinkific application. They store your data on a secure server behind a firewall.
Third Party Services
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.

However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.

For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.

Certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. If you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.

Once you leave our course website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

Links
When you click on links on our course site, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.

Security
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

Zapier

Zapier Privacy Policy

Used within our eLearningplatform Based on our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR, we use Zapier, a service provided by Zapier Inc., 548 Market St #62411, San Francisco, California 94104, USA, in order to integrate different databases and tools. In the course of this, your customer information (but not your payment information) will be transmitted to Zapier.

For the handling of your data at Zapier, we refer you to the Privacy Policy of Zapier at https://zapier.com/privacy/.

Transferring personal data outside of the UK and EU

We use the marketing platform Klaviyo to store your contact details and other personal data which allows us to undertake our marketing activities. From time to time, personal information Omnisend & Klaviyo collects from data subjects in the European Economic Area (“EEA”) may be transferred to, stored, processed or accessed by, the Company and other entities who may be based outside of the EEA, for example, the United States. The Company will always take steps to ensure any transfer of such information to entities based outside the EEA is carefully managed to protect your rights and interests by implementing appropriate safeguards to protect your personal information.

https://www.klaviyo.com/privacy

We use Freshdesk to log and reply to support tickets, and within this system we store contact information and details on previous support issues. The data held in Freshdesk may be transferred and stored outside of the EEA. We rely on the following exception in GDPR to undertake the transfer of personal data:

Adequacy decision in place (GDPR Article 45)
Freshdesk is registered under the EU-US Privacy Shield Framework. Their certificate can be viewed U.S. Department of Commerce’s Privacy Shield website https://www.privacyshield.gov/ps/participant?id=a2zt0000000GnbQAAS&status=Active
We use Shopify to host our ecommerce shops, and store your contact details and personal data that allows us to carry out our contractual obligation to you, and send you the products that you have ordered. Your personal information is processed by Shopify’s Irish affiliate, Shopify International Ltd. As part of their service, your data may be transferred to other regions, including to Canada and the United States.
Adequacy decision in place (GDPR Article 45)
Shopify is registered under the EU-US Privacy Shield Framework. Their certificate can be viewed U.S. Department of Commerce’s Privacy Shield websitehttps://www.privacyshield.gov/ps/participant?id=a2zt0000000TNSNAA4&status=Active
The EU Commission has made a partial finding of adequacy for Canada. This adequacy finding covers data that is subject to Canada's Personal Information Protection and Electronic Documents Act (PIPEDA).
We use SurveyMonkey to create, and manage information gathering surveys. Your personal or sensitive data (if applicable) is held by SurveyMonkey, in accordance with the company's Privacy Policy. SurveyMonkey operates in the United States, and your personal data may therefore be transferred to, stored, or processed in that country.
Adequacy decision in place (GDPR Article 45)
SurveyMonkey is registered under the EU-