Transition Leadership Coaching Ltd
Last updated 7 January 2020, in accordance with the requirements of the General Data Protection Regulation (GDPR).
Transition Leadership Coaching Ltd is a UK based consultancy specializing in the performance development of leaders as they transition into more senior roles.
It is likely that we’ll need to make changes to this policy from time to time, but we’ll keep you informed, and you can always check the current document on our website at www.tlcoaching.com
Our approach to privacy
We take very seriously our obligations and responsibilities in relation to safeguarding your confidential information and processing your personal data. We will not share your data with third parties for marketing purposes, and we will only share your data when necessary to provide a business service you have requested, or if legally obliged to do so.
In order to deliver our services, and to carry out other business functions, we rely on the following lawful conditions for processing personal data:
- Consent – the individual has given their consent to the processing of their personal data.
- Contractual – processing of personal data is necessary for the performance of a contract to which the individual is a party, or for TLC to take pre-contractual steps at the request of the individual.
- Legal Obligation – processing of personal data is necessary for compliance with a legal obligation to which TLC is subject.
- Legitimate Interests – processing is necessary under the legitimate interests of TLC or an associated third party, unless these interests are overridden by the individual’s interests or fundamental rights.
We will be clear and transparent with you about which lawful basis is used when processing your personal data.
How do we collect personal data?
The main ways we collect personal data direct from you are when you:
- email us directly, or contact us via our website.
- ask for details of our products or services, whether by phone, email, via social media or in person
- book a meeting with us
- engage with us on social media
- take the Harrison Assessment questionnaire
- book to attend an event
- give us your business card at a networking event or exhibition.
- sign up to a newsletter or ask us to send you articles or other information
- attend any of our workshops or training programmes
- complete any training evaluation forms
- use our website
Your personal data may sometimes be provided to us by a third party, such as your employer, in which case it is the third party’s responsibility to ensure that they have the correct lawful basis in place so share this data with TLC.
Additionally we may receive data from third parties such as analytics providers, advertising networks and search information providers such as Google, LinkedIn and Facebook, based outside the EU.
What sort of personal data do we collect?
We may collect the following personal data from you:
- Your name
- Your business name
- Your email address
- Your phone number
- Your postal address
- Your date of birth (if you are under 18 years of age)
- Your social media usernames
- Your financial / bank account details
- Photographs of you at events
- Video recordings of you at events
- Your marketing and communication preferences
- Information about your work preferences
- Information relating to your eligibility for a job role, including your skills, qualifications, experience, driving license, permit to work etc.
- Your CV and application covering letter
- Any other information that you directly provide to us, whether by phone, email, social media, contact form, in person or otherwise, such as when entering a competition or completing a survey or feedback form
- Any personal data you post on our website and data about how you use our website
- Technical data such as your IP address, login data, details about your browser, length of visit to pages on our website, page views, navigation paths, number of times you use our website, time zone settings and other technology on the devices you use to access our website.
How we may use your data
We may use your data to:
- Respond to any enquiries you make about our products or services
- Keep records of our communications with you
- Keep records of orders placed and communications in relation to these
- Fulfill our contractual commitments to you, by processing orders, providing products and services, responding to enquiries related to the order and dealing with complaints
- Process financial transactions to enable you to purchase our products or services
- Send you customer communications about enhancements to products or services you have bought
- Invite you to complete surveys
- Invite you to provide feedback on services received
- Deliver relevant website content and advertisements to you, including personalizing your experience and monitoring your use of our website and online services.
- Send you marketing communications and deliver relevant advertisements to you, where we are allowed by law to do so, and to understand the effectiveness of our marketing communications and advertising.
- Administer, manage and protect our business and website
- Obtain professional advice
- Carry out credit checks
- Bring legal claims against you if you breach a contract or fail to make payment
- Comply with any legal obligations we are subject to or as required by a government authority.
Why we use your data
You will always be told what we intend to do with any personal data we collect from you, however the main reasons are to:
- support the delivery of contracted services and products
- implement our marketing and sales strategies
More specifically, these may take the form of the following scenarios:
- Delivery of contracted services
When receiving a service (eg assessment, survey, workshop, coaching) we are contracted to deliver, the information you provide will only be used for the stated purposes and/or those you consent to. This may include product research and development, administrative and legal purposes, statistical analysis, or service maintenance and development. In this scenario, we would be relying on contractual necessity as the primary legal basis for processing personal data. The personal data you provide here will either be anonymized or deleted after two years.
We may need to provide your personal data to one of our Associates (an independent practitioner authorised to deliver TLC services), or a Client Practitioner (a colleague in your organisation authorised to deliver TLC services), where one or more of these is involved in the delivery of the TLC service. Please see the section titled ‘Who has access to your personal data’ for more information on how we make sure your data remains secure in these circumstances.
Depending on the service we are delivering to your company, we may also ask for more detailed information about your employment such as the department or team you work in, your length of employment and professional performance goals. When receiving coaching from TLC, information considered sensitive may emerge during the course of discussions with your TLC coach. These relationships are bound by strict confidence, and any notes collated by your TLC coach are treated accordingly.
TLC coaches abide by the ICF code of ethics, which can be found at https://coachfederation.org/code-of-ethics
- Other interactions
- Accessing online services and resources
We may collect data from you when you use online services and resources such as our website, webinar registrations or downloading e-books and white papers. We may also collect information to better understand how visitors use our website and interact with our marketing content, so we can offer timely and relevant information.
- In person contact at networking events and exhibitions
We may collect data from you in person when we meet you informally at events where we are networking generally, or where we may be exhibiting.
In either scenario 2.1 or 2.2 your data may be used for the following:
- For our own internal records
- To improve the products and services we provide
- To contact you in response to a specific enquiry
- To customize our website for user needs and preferences
- To send you promotional emails about products, services, offers and other things we think might be relevant to you
- To contact you via email, telephone or mail for market research reasons.
In these two scenarios, we would be relying on legitimate interests and where required, consent, as the primary legal bases for processing personal data. TLC will only keep data for as long as is necessary to meet these purposes. We will never shire, sell or rent individual personal information to an external party without your advance permission, or unless ordered by a court of law. The personal data you provide to us is only available to relevant employees and contracted service providers. If required by law, TLC may disclose data to government and/or enforcement agencies.
If we intend to use your data for a new purpose outside of those detailed in the policy, this policy will be updated to keep you informed of the same; should consent be required from affected individuals, then it will be sought. T4LCwill never supply your data to third parties for marketing purposes.
Keeping personal data secure
Our website and online services are protected by firewalls and we have implemented security policies, rules and technical measures to protect the data in our control. These security measures are designed to prevent unauthorized access, improper use or disclosure, unauthorized modification and unlawful destruction or accidental loss.
Any information you provide us with when using our services is stored on secure cloud-based systems. Direct access to these databases is restricted to authorised personnel and their appointed agents only. We have taken every reasonable step to ensure that your personal data is held securely at all times, and that access to these are closely monitored. We use security measures to protect against the loss, misuse and alteration of data within our systems.
Please be aware however, that no internet or email transmission is every fully secure or error free. You should take special care in deciding what personal data you send to us via email and keep this in mind when disclosing any personal data to us via the internet.
Controlling your personal data
Any personal data we collect from you or we generate as a result of your interaction with our systems and services belongs to you. Under the data protection laws in the UK you therefore have the right to know if your data is being processed, why and for how long. This will include details of what categories of data we process (storing your name and contact details in a CRM system), whether your data has been disclosed to third parties and their identities, and how to raise a complaint with the information Commissioner’s Office (ICO).
In addition to your right of access to data we process, TLC will uphold other rights afforded to you under the applicable data protection laws in the UK, namely:
- The right to request that errors in your personal data processed by (or on behalf of) TLC is amended or corrected;
- The right to erasure of your personal data if those data are no longer needed for their original purpose, or where the processing is based on consent and you withdraw that consent (and no other lawful basis for the processing exists);
- The right to restrict processing where the relevant personal data either cannot be deleted (eg because the data are required for the purposes of exercising or defending legal claims) or where you do not wish to have the data deleted;
- The right to object to processing carried out for the purposes of direct marketing
- The right to request a copy of the personal data you have provided to us for yourself, or for it to be transferred to another organisation if the processing was based on consent, the provision of business services under a contract, or processing carried out by automated means.
If you believe that any information we are holding about you is incorrect or incomplete, or wish to exercise any of your rights in relation to your personal data, please click here to download the Subject Access Request form. We aim to respond promptly to any requires. However, please note that depending on the complexity and scope of your request, it may take up to 30 days for us to provide you with an adequate response.
You can also contact Shirley Wakelin on firstname.lastname@example.org to query any aspect of our data processing activities if you have completed (or are about to complete) a diagnostic or psychometric survey with us.
We will implement appropriate steps if a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed in connection with the provision of a public electronic communications service occurs. We will assess the scope and impact of the breach. Based on the assessment of the likely risks to individuals, we will notify the individuals and/or their connected organisations that a data breach has occurred where this may result in a significant risk to the rights and freedoms of individuals, or where we may be in breach of a contractual obligation. Any such notification to individuals will be carried out as soon as reasonably possible and will include information on the nature of the breach, the likely consequences of the breach, measures taken or proposed by TLC to address it, and recommendations for affected individuals to mitigate any potential adverse effects. Such individuals will also be provided with advice on how to make a complaint to the ICO.
If, due to the nature of the breach, TLC is required to inform the ICO, we will do so within 72 hours of becoming aware of the essential facts of the breach. Such notification must include at least:
- your name and contact details
- the date and time of the breach (or an estimate)
- the date and time we detected it
- basic information about the type of breach
- basic information about the personal data concerned.
You may also contact the ICO directly if you have a serious concern about how your data was handled via the following link: https://ico.org.uk/concerns/
Who has access to your personal data?
The data we collect about you is accessed predominantly by the Director of TLC, Shirley Wakelin. On the occasions we work with associates, they will be provided with the relevant personal data required for providing services as part of an agreed contract.
If for example, an individual has completed a work preferences questionnaire, the reports produced from this data will only be provided to the individual and/or their line manager and/or senior managers in their organisation in accordance with the agreed contract. Other than this, their reports will not be shared with anyone else without their prior consent. If this individual attends a TLC workshop, their profile will not be shared with the group by TLC. Rather the facilitator may invite participants to share relevant information with fellow attendees, however this is their personal choice and done so entirely at their own discretion.
The following outlines who has access to your personal data, and under what circumstances:
- Shirley Wakelin, TLC Director
- Service partners who are contracted by TLC to arrange and deliver the services you request, and therefore bound under terms within their contract relating to confidentiality and privacy that is to the same standard and level as TLC
- Associates/Approved Practitioners who are contracted by TLC to provide services to you on our behalf, and therefore bound under terms within their contract relating to confidentiality and privacy that is to the same standard and level as TLC
- Client employees:
- who are involved in arranging and delivering the services you request, or
- who are authorised to deliver TLC solutions or
- who are line managers and/or senior managers in the organisation, who have commissioned specific reports.
How long we hold data
TLC follows the guidelines set out by Information Commission Office (ICO). We keep certain information about clients, suppliers and other individuals or organisations we interact with over the course of business to carry out certain business functions for up to 6 years, to monitor and improve the quality of our service, for our records, and to meet certain legal and compliance requirements.
In summary, client personal data will be held for as long as the individual or their employer is in receipt of services from TLC, plus up to a maximum of six years. Where a client makes a specific request for their data to be deleted sooner and it does not conflict with any legal or compliance requirement to hold data for longer, we will honour the request.
Where data is held by third parties in support of the services we provide to you, the third parties are contractually bound to either delete data upon our request, delete data at the end of our supplier contract with them, or to anonymise data after two years of receipt.
TLC will provide further information to you about our data retention policy at your request.
Cookies do not provide us with access to your computer or any information about you, other than that which you choose to share with us. Cookies can also be controlled by the functions within your browser, so do consider changing as you see fit.
Links from our website
Our website may contain links to other websites. However, once you have used these links to leave our site, you should note that we do not have any control over the other websites and are not responsible for the privacy practices of such other websites.
If you submit personal data and other information to a website to which we link, we are not responsible for its protection and privacy. Always exercise caution when submitting data to websites. Read the sites’ data protection and privacy policies fully.
If we make substantive changes to the policy, we will announce it on our website to ensure that you are aware of the information we collect and how we use it at all times.
If you have any questions regarding this policy please get in touch by using the details below:
Transition Leadership Coaching Ltd
5 – 7 George Street
Phone: 07554 013017