1. How we use your personal data
We are committed to protecting your personal data.
The only data we collect from you is that submitted by you for the coaching assignments, and session notes, which are anonymised.
We will use your non-sensitive personal data to (i) register you as a new client, (ii) manage payment, (iii) collect and recover monies owed to us, (iv) manage our relationship with you, (v) send you details of our goods and services, vi) submit evidence to the ICF of our coaching practice for credentialing assessment.
Our legal grounds for processing your data in relation to points (i) to (iv) above are for performance of a contract with you, in relation to points (iii) and (v) above are for our legitimate interests to develop our products/services, to grow our business and to recover monies owed, and in relation to point (vi) above is in order to protect the vital interests of you or another natural person.
We will not share your details with third parties for marketing purposes except with your express and written consent.
2. Disclosure of your personal data
We may have to share your personal data with (i) service providers who provide IT and system administration support, (ii) professional advisors including lawyers, bankers, auditors and insurers (iii) HMRC and other regulatory authorities and (iv) professional bodies and/or a coach supervisor for the purposes of discussing our work as part of our coaches’ ongoing professional development. (v) third parties to whom we sell, transfer or merge parts of our business or our assets.
We require all third parties to whom we transfer personal data to respect the security of such data, and to treat it in accordance with the law. They are only allowed to process your personal data on our instructions.
3. International transfers
Some of our third-party providers are businesses outside of the EEA in countries which do not always offer the same levels of protection for your personal data. We do our best to ensure a similar degree of security by ensuring that contracts, code of conduct or certification are in place which give your personal data the same protection it has within Europe. If we are not able to do so, we will request your explicit consent to any transfer of data, and you can withdraw this consent at any time.
4. Data security
We have put in place security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We also limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal data on our instructions and are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breaches and will notify you and any applicable regulator where we are legally required to do so. In certain circumstances you can ask us to delete your data. See the section entitled ‘your rights’ below for more information.
We anonymise your personal data in association with client session notes whether this relates to whole team, groups or one-to-one clients.
We anonymise your personal data in conversations for professional development with Supervisors on a one-to-one basis and in group settings. In conversations with prospective clients we anonymise your personal data unless expressly agreed to the contrary in advance.
We anonymise your personal data (so that you can no longer be identified from such data) for impact and return on investment case studies, evaluation, research or statistical purposes in which case we may use this information indefinitely without further notice to you.
6. Data retention
We will only keep your personal data for as long as is necessary to fulfil the purposes for which we collected it. We may retain your data to satisfy any legal, accounting, or reporting requirements, for example we need to keep certain information about you for 6 years after you cease to be a client for tax purposes.
You have the right to ask us to delete the personal data we hold about you in certain circumstances. See section 6 below.
7. Your rights
You are able to exercise certain rights in relation to your personal data that we process. These are set out in more detail at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
In relation to a Subject Access Right request, you may request that we inform you of the data we hold about you and how we process it. We will not charge a fee for responding to this request unless your request is clearly unfounded, repetitive or excessive, in which case we may charge a reasonable fee or decline to respond.
We will, in most cases, reply within one month of the date of the request unless your request is complex, or you have made a large number of requests, in which case we will notify you of any delay and will in any event reply within 3 months.
If you wish to make a Subject Access Request, please send the request to Paul Starbuck, 3, Ousemere Close, Billingborough, Sleaford. Lincolnshire. NG34 0HY or to for the attention of the Data Compliance Officer.
8. Keeping your data up to date
We have a duty to keep your personal data up to date and accurate, so from time to time we will contact you to ask you to confirm that your personal data is still accurate and up to date.
If there are any changes to your personal data (such as a change of address) please let us know as soon as possible by writing to or emailing the addresses set out in section 6 above.
We are committed to protecting your personal data, but if for some reason you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).
We would be grateful if you would contact us first if you do have a complaint, so that we can try to resolve it for you.