Privacy Statement

PURPOSE OF THIS PRIVACY STATEMENT

We are committed to protecting your personal information and to being transparent about the information we hold about you. Using personal information allows us to develop a better relationship with and understanding of our clients, and in turn to provide you with relevant and timely information about the work that we do.

Personal information also helps us as a business to engage with current and potential clients. The purpose of this policy is to give you a clear explanation about how we collect and process your personal information through your use of our website and in our direct contact with you; including any data you may provide through this website and when you sign up to our newsletter, purchase a service or make a payment.

It is important that you read this privacy policy together with any other privacy policy or fair processing notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using your personal information. This privacy policy supplements our other policies and is not intended to override them.

We will use the information that we collect about you in accordance with:

The Data Protection Act 1998
The Privacy and Electronic Communications (EC Directive) Regulations 2003
The EU General Data Protection Regulation (Regulation EU 2016/679), (‘GDPR’) which becomes effective from 25 May 2018

This policy explains:

Who we are
Information we may collect about you
How we collect your data
How we may use your information
Disclosure of your details to third parties
Security of your personal information
Data retention
Your legal rights
Notification of changes to our privacy policy
Contact details and further information

If you have any questions, please contact Alison Sydenham using the contact details at the end of this policy.

WHO WE ARE

Coaching for Wellbeing is a coaching and training business owned by Alison Sydenham.

2. INFORMATION WE MAY COLLECT ABOUT YOU

Personal information means any information about an individual from which that person can be identified. It does not include data where the identity has been removed, i.e. anonymous data.

We may collect, use, store and transfer different kinds of personal information about you which we have grouped together as follows:

Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
Contact Data includes billing address, delivery address, email address and telephone numbers.
Sensitive personal data – for example, details of why you would like to seek support from Coaching for Wellbeing, details of health and wellbeing, details of support you may have had in the past and notes written by the coach during sessions or after other contacts with us.
Financial Data includes bank account and payment card details
Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us, including dates of meeting.
Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website.
Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
Usage Data includes information about how you use our website, products and services.
Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences. This also includes us making a note of conversations we have had with you in person and/or communications with Alison Sydenham. This helps us to manage our relationship with you and ensures you only receive communications from us that are relevant and timely.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal information but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

Specific permission will be sought from you if we need to collect Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data, information about criminal convictions and offences.). We will only ever use sensitive personal data where this is essential in order for us to provide a service e.g. to make reasonable adjustments for you to access our services or to ensure health and safety requirements are met.

If you fail to provide personal information

Where we need to collect personal information by law, or under the terms of a contract we have with you and you fail to provide that information when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with a ticket). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

HOW WE COLLECT YOUR DATA

We collect different information about you in a number of ways:

Information you give us
Information written by us in the course of our agreement with you
When you email us, buy tickets, sign up to our newsletter, request marketing materials, give us feedback or make a payment we will store the personal information you give to us such as your name, email address, postal address, telephone number and card details. We will also keep a record of your purchases
Automated technologies or interactions
As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies.
Information from third parties
We occasionally receive information about you from third parties as set out below:

(a) Analytics providers such as Google
(b) Advertising networks such as Facebook
(c) Search information providers such as Google AdWords

HOW WE MAY USE YOUR INFORMATION

We will only use your personal information when the law allows us to.
Most commonly, we will use your personal information in the following circumstances:

Where we need to perform the contract we are about to enter into or have entered into with you.
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
Where we need to comply with a legal or regulatory obligation.
Where we have your explicit consent before using your personal information in that specific situation. However, generally we do not rely on consent as a legal basis for processing your personal information and you have the right to withdraw consent to marketing at any time by contacting us. You will find the relevant contact details at the end of this policy.

Purposes for which we will use your personal information

We have set out below, in a table format, a description of all the ways we plan to use your personal information, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
Please note that we may process your personal information for more than one lawful ground depending on the specific purpose for which we are using your information. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

Purpose/Activity	Type of Data	Lawful basis for processing including basis of legitimate interest
To register you as a new client	(a) Identify (b) contact	Performance of a contract with you
To process and deliver your coaching/ training/ consultancy/research service including: (a) manage payment, fees, charges (b) collect and recover money owed to us (c) write and store client notes	(a) identify (b) contact (c) finance (d) transaction (e) marketing and communications (f) sensitive personal data	(a) performance of a contract with you (b) necessary for our legitimate interests (to recover debts due to us) (c) Necessary for our legitimate interests (to conduct research that contributes to the development of knowledge)
To manage our relationship with you which will include: (a) notifying you about changes to our terms or privacy policy (b) Asking you to leave a review or take a survey	(a) identify (b) contact (c) finance (d) marketing and communications	(a) performance of a contract with you (b) necessary to comply with a legal obligation (c) necessary for our legitimate interests (to keep our records updates and to study how customers use our services.
To enable you to partake in a prize draw or complete a survey	(a) identity (b) contact (c) profile (d) usage (e) marketing and comms.	(a) performance of a contract with you (b) necessary for our legitimate interests (to study how customers use our services, to develop them and grow our business
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)	(a) identity (b) Contact (c) Technical	(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you	(a) Identity (b) Contact (c) Profile (d) Usage (e) Marketing and comms. (f) Technical	Necessary for our legitimate interests (to study how customers use our services, to develop them, to grow our business and to inform our marketing strategy)
To use data analytics to improve our website, services, marketing and communications with you, customer relationships and experiences	(a) Technical (b) Usage	Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
To make suggestions and recommendations to you about goods or services that may be of interest to you	(a) Identity (b) Contact (c) Technical (d) Usage (e) Profile	Necessary for our legitimate interests (to develop our services and grow our business).

Marketing communications

We aim to communicate with you about the work that we do in ways that you find relevant, timely, respectful, and never excessive. To do this, we use data that we have stored about you, such as which events you have booked for in the past, as well as any contact preferences you may have told us about.

We use our legitimate organisational interest as the legal basis for communications by post and email. In the case of postal mailings, you may opt out of receiving these at any time using the contact details at the end of this policy or by updating your contact preferences in your online account with us.

In the case of email, we will give you an opportunity to opt out of receiving electronic communications during your first purchase with us. If you do not opt out, we will provide you with an option to unsubscribe in every email that we send you subsequently. Alternatively, you can use the contact details at the end of this policy or update your contact preferences in your online account with us.

As part of our service to you, we may contact you by email or telephone to provide essential information related to your purchase and visit.

Use of personal data for research purposes

We may use personal data collected as part of the services we offer, to also conduct research. This will be in one of two forms:

Generic research that will assist us in improving our services e.g. a summary of client feedback;
Specific academic and practitioner research in order to contribute to knowledge in the industry.

In both instances you will be informed that the data being collected is for the purposes of research and you can choose whether you want to provide the information or not. Your express permission will be requested for any specific academic or practitioner research that is being conducted where you have been asked to be involved. We will as far as possible, try to ensure that your personal data is unidentifiable unless express consent has been given.

5. DISCLOSURE OF YOUR INFORMATION TO THIRD PARTIES

There are certain circumstances under which we may disclose your personal information to third parties. These are as follows:

To our service providers who process data on our behalf and on our instructions (for example eventbrite). We require all third parties to respect the privacy of your personal information and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.
Where we are under a duty to disclose your personal information in order to comply with any legal obligation (for example to government bodies and law enforcement agencies).

We do not sell personal details to third parties for any purpose.

If you give us someone else’s personal data

Sometimes, you might provide us with another person’s personal data – e.g. details of your emergency contact or next of kin. In such cases, we require you to inform the individual what personal data of theirs you are giving to us. You must also give them our contact details and let them know that they should contact us if they have any queries about how we will use their personal data.

6. SECURITY OF YOUR PERSONAL INFORMATION

Your debit and credit card information

If you use your credit or debit card to purchase from us or to make a donation, we will ensure that this is carried out securely using Paypal secure data processing. We never store your card details beyond the processing for which they were intended.

Security of your personal information

We have put in place appropriate safeguards (both in terms of our procedures and the technology we use) to keep your personal information as secure as possible. We will ensure that any third parties we use for processing your personal information do the same and that they will only process your personal information on our instructions. The third parties will also be subject to a duty of confidentiality.

We will not transfer, process or store your data anywhere that is outside of the European Economic Area, unless we have a contractual agreement in place that is of an equivalent standard to GDPR.

Dropbox:
As a precautionary measure, Coaching for Wellbeing backs up and stores a majority of its information collected regarding client contact with Dropbox, a 3rd party cloud storage company. Data provided to Coaching for Wellbeing will be stored on Dropbox’s cloud and therefore is governed by their privacy policy.

Coaching for Wellbeing exercises no control over these third party sites and their privacy practices.

7. DATA RETENTION

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

8. YOUR LEGAL RIGHTS

You have a number of additional legal rights relating to your personal data, which are outlined here:

The right to make a subject access request. This enables you to receive certain information about how we use your personal data, as well as to receive a copy of it and to check that we are lawfully processing it.
The right to request that we correct incomplete or inaccurate personal data that we hold about you.
The right to request that we delete or remove personal data that we hold about you where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
The right to object to our processing your personal data where we are relying on our legitimate interest (or those of a third party), where we cannot show a compelling reason to continue the processing
The right to request that we restrict our processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
The right to request that we transfer your personal data to you or to another party, in a structured format. This right applies in respect of data that you have provided where our legal ground for using the data is that it is necessary for the performance of a contract or that you have consented to us using it (this is known as the right to “data portability”).

If you would like to exercise any of the above rights or have any questions or concerns about how your personal data is being used by us, please contact Alison Sydenham in writing by email (see Contact). Note that these rights are not absolute and in some circumstances we may be entitled to refuse some or all of your request.

Note too that you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. Details of how to contact the ICO can be found on their website: https://ico.org.uk

The Site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Access to information

The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. Any access request may be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you.

9. CHANGES TO OUR PRIVACY POLICY

This privacy policy may change from time to time. Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.

10.CONTACT

Questions, comments and requests regarding this privacy policy are welcomed and should be directed to to info@coachingforwellbeing.org

Effective from 10 May 2018.

Privacy Statement

How committed are you to taking action to move towards achieving your goal?

Contact me for further details for your specific requirements

Recent Posts