This privacy notice describes the scope and purpose of personal data we process. We are committed to collecting and using such data in accordance with the requirements of the General Data Protection Regulations (GDPR).
This document gives data about your data privacy rights, and how we gather, use and share your personal data. If you have a question about this notice, you can contact Alison Hodge by email: firstname.lastname@example.org.
2. About us
‘We’ in this privacy notice refers to Alison Hodge Associates, the data controller.
3. Your privacy rights
You have the right to object to how we use your personal data. You also have the right to see what personal data we hold about you. In addition, you can ask us to correct inaccuracies, delete or restrict personal data, or to ask for some of your personal data to be provided to someone else. You can make a complaint to us by email.
Right to object – You can object to our processing of your personal data. Please contact us as noted above, providing details of your objection.
Access to your personal data – You can request access to a copy of your personal data that we hold, free of charge. Please contact us by email.
Right to withdraw consent – If you have given us your consent to use personal data, you can withdraw your consent at any time, and you can update your marketing preferences by sending an email to Charlotte Ryan or Alison Hodge via the contact page.
Rectification – You can ask us to change or complete any inaccurate or incomplete personal data held about you.
Erasure – You can ask us to delete your personal data where it is no longer necessary for us to use it, or if you have withdrawn consent, or where we have no lawful basis for keeping it.
Portability – You can ask us to provide you or a third party with some of the personal data that we hold about you in a structured, commonly used, electronic form, so it can be easily transferred.
Restriction – You can ask us to restrict the personal data we use about you where you have asked for it to be erased or where you have objected to our use of it.
We will not make any charge for responding to any request from you to exercise your privacy rights, and we will respond to your requests in accordance with our obligations under data protection law.
4. What kinds of personal data we use
We use a variety of personal data, depending on the products and services we deliver to you. For all products and services, we need to use your name and contact details. For some services, we may need your address or your bank details (to issue a refund). We might also need health, dietary and other data to facilitate access to services, provide refreshments or to better support you.
We also use data gathered directly from you as part of the services we provide, such as coaching, coaching supervision, and other professional development services. This data forms part of the requirements for the services we provide, and may be used in accreditation processes, quality standards and certification procedures.
5. How we gather your personal data
We gather data in two ways: Data you provide to us, and data we collect automatically on our website.
Data you provide to us – We obtain personal data directly from you, for example when you fill out an application, agree to services, sign a contract, or contact us via email or on our website. We also gather data from you as part of the services we provide, such as data gathered as part of a learning experience.
Data we collect automatically on our website – We also collect some data automatically. This includes:
Log data – Like most websites, we collect data that web browsers, mobile devices, and servers typically make available, such as the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access and operating system. We collect log data whenever you visit our website.
Location data – We may determine the approximate location of your device from your IP address. We collect and use this data in aggregate form, for example to determine how many people visit our sites from different geographic regions.
6. How we use your personal information
To provide you with any products and services we need to know your name and contact details. We might also need health data to help support our clients who have a vulnerability.
To operate and deliver services to you, we sometimes need to gather, use and share additional personal data for specific purposes, which are set out in more detail below:
• Your contact details to notify you of essential information and to comply with audit and legal obligations
• Application form details, including personal data
• Your bank details to process payments and refunds
• Your professional and career journey
• Your continuing professional development activities in order to process accreditation
• Written, verbal and photographic data as evidence of your learning for accreditation
• Any special health or mental health data that affects how you might learn or participate in a learning environment
• Any other professional or personal interests relevant to your continuing learning journey, so that we might send you details of events and opportunities that might interest you (direct marketing) and keep you updated with news (newsletter)
• We may need to know the contact details of support staff within your organisation (i.e. personal assistants) in order to book appointments
8. Our legal basis for using your personal data
We only use your personal data where it is permitted by the laws that protect your privacy rights. We only use it where:
• We have your consent (if consent is needed)
• We need to use the data to comply with our legal obligations
• We need to use the data to perform a contract with you
• It is fair to use the personal data either in our interests or someone else’s interests, where there is no disadvantage to you
Where we have your consent, you have the right to withdraw it. We will let you know how to do that at the time we gather your consent.
Special protection is given to certain kinds of personal data that are particularly sensitive. This is data about your health status, racial or ethnic origin, political views, religious or similar beliefs, sex life or sexual orientation, genetic or biometric identifiers, trade union membership, and criminal convictions or allegations. We only use this kind of personal data where:
• We have a legal obligation to do so (for example to protect vulnerable people)
• It is necessary for us to do so to protect your vital interests (for example if you have a severe and immediate medical need while on our premises)
• You have specifically given us explicit consent to use the data, for example when you attend an event
9. Data sharing
We share your data with others only in specific circumstances. We will inform you about data sharing when we contract with you to provide services, or at the time of sharing.
We share data when it is necessary for progression on a contracted assignment, programme, course or event that you are completing with us. This may include sharing with accreditation bodies, moderators and quality standards processes.
10. Transfers outside the UK
We may need to transfer your data outside the UK to service providers and regulatory authorities in countries where data protection laws may not provide the same level of protection as those in the European Economic Area, such as the USA. We will inform you if we need to transfer your data outside the UK. For example:
• To faculty members residing outside the UK who are involved in your participation on a course, event, webinar, retreat or other service we provide to you
• Where the course, event, webinar, retreat or other service we provide to you is being held outside the UK
• Where essential business services are located outside the UK
Where we need to transfer your data, we will do so with an appropriate level of security.
11. How long we keep your personal data
We do not retain your personal data for longer than is necessary for the purposes we need to use it for.
We keep personal data for five years after any engagement with us, for the purpose of re-accreditation with a professional body.
We keep your personal data for five years if you are applying for accreditation with a professional body
We will not use your personal data for marketing purposes once you no longer have any active products or services with us
In some circumstances, we hold personal data for longer, where necessary: for active or potential legal proceedings, to resolve or defend claims, and for the purpose of making remediation payments.
12. Keeping you up to date
We will communicate with you about our products and services using any contact details you have given us – for example, by post, email, or text message.
Where you have given us consent to send you marketing, you can withdraw consent, and update your marketing preferences by emailing Charlotte Ryan or Alison Hodge via the contact page.
13. Privacy notice changes
Although most changes are likely to be minor, we may update this privacy notice from time to time. When we make changes, we will notify you by revising the change log. Your further use of our services after a change to our privacy notice will be subject to the updated policy.