Data Protection is governed by a set of rules called the General Data Protection Regulations which came into force on the 25th May 2018. These replace the Data Protection Act of 1998 and apply to all citizens of the EU. Under these regulations all individuals in the EU have rights regarding the way that businesses collect and use your data. You can find out more from the Information Commissioner’s Office here.
We all have rights regarding the way our data is processed. You can find out more about them here.
They include, among other things, the right to complain about the way your data is being processed. If you do have any complaints about the way that I am processing your data but I would really appreciate it if you let me know first so I can have opportunity to rectify the situation. I am a small business, doing my very best to keep your data safe and do the right thing.
What information do I collect and what is my reason?
I collect a variety of information to enable me to carry out the work I do.
The data I collect includes:
|What data is collected and how I collect it||What I do with your data||What is my basis for processing|
|Identification details, questions and feedback submitted through contact forms and via email||Respond to your queries and feedback||Legitimate interest in responding to your contact.|
|Name and Email address provided when you sign up to webinars or other training sessions.||I send information about the coaching or training session you wish to attend and may seek feedback or share relevant services or products with you.||Legitimate interest in enabling you to attend the training and any follow up sessions.|
|I use this data to improve services and tailor responses more accurately to your needs||Legitimate interest in growing a better business.|
|I use the information to provide the services or products you require.||I have a contractual reason to process this information and a legitimate interest to continue to use them if you do not pay as agreed and I need to take further action.|
|Identification, behaviours, IP address and other information collected about your use of my website and email||I use this to understand how people are engaging with my website and marketing in order to better understand what people want. I also use it to ensure my website and IT systems are secure. I may use it to ensure advertising is targeted appropriately.||Legitimate interest to run an effective business|
|Contact details provided by email or verbally||I hold these in order to be able to contact you about mutually beneficial business, referrals or to ask if you fancy a coffee and chat.||Legitimate interest in growing a strong business network.|
|Name and Email address provided when you sign up to my mailing list||I send irregular emails to you containing useful info and occasional offers||You consent to this (and can withdraw at any time)|
Note: If at any time you would like to unsubscribe from receiving future emails you can easily do this by emailing us directly at firstname.lastname@example.org
The information I collect from you may be used in one of the following ways:
- To personalize your experience. Your information helps me to better respond to your individual needs.
- To improve customer service. Your information helps me to more effectively respond to your requests and support needs.
- To process transactions as requested by you.
- To send periodic emails. If you sign up to my email list you will receive emails from me with news, offers and occasionally very cute lambs.
Information that is passed to me
I sometimes receive information from third parties who may be collecting data on my behalf. Examples include:
- Google Analytics who manage my website usage information
I look after this data in the same way as data that is given directly to me.
Disclosing your information
In order to provide the products and services you request and run my business in a lawful and professional manner I may need to share your information with selected third parties. These could include:
- Official authorities who may require access to the information (such as HMRC)
- Advisers who support my business with professional services such as accountants, insurers, lawyers and other business support services.
- Admin and IT service providers who work in my business.
I don’t share your details with any third parties for marketing purposes and will never sell your data.
Transfer of Information outside of the European Economic Area
Where possible data will be kept on secure servers within the European Economic Area however for certain services it may be transferred out of the EEA. When this happens, and to maintain the continued protection of your data, I will ensure that either:
- The country to which the data is transferred has equivalent standards of data protection to those offered by GDPR as set out by the European Commission.
- There is a contract in place with the processor that ensures that data security is equivalent to the protection provided within the EU.
- Where the data is transferred to the US, the company providing the service is signed up to the Privacy Shield Agreement.
The security of your data is very important to me. I use best practices to ensure that data is stored safely and where I do need to share data with other people I make sure I share only what is absolutely necessary.
In the event of a data breach I have a Data Breach policy which sets out steps I will take, including informing you and the Information Commissioner of the breach.