PRIVACY AND WEBSITE
Welcome to the best part! Not everyone comes here, but as you have maybe we share an interest in privacy and doing things right.
It’s hard to compare people making similar coaching claims. Here’s a tip not included in Browning Coaching’s Recipe For Success: Four Questions You Must Ask When Choosing A Coach which you can access via the Resources page – compare these policies on coaches’ websites. If you think that compliance is important, then a coach’s attitude to this side of their business is revealing. Here are three good questions:
- Do they have a policy? It speaks volumes if they don't.
-
Does their policy meet the standard you’d expect of a senior professional working for your organisation? A good policy will be written carefully and address the key questions clearly.
-
Does a UK coach’s name appear on a search of the register of data controllers published on the Information Commissioner’s website? It’s a legal requirement and there’s a fee. Registration indicates many things and personally, I wouldn’t risk working with someone who hadn’t.
PRIVACY POLICY
This policy sets out how I’ll process your personal data. Coaches need to comply with data protection law because they have information about individuals from which they can be identified – that makes it personal data and covered by this policy. Anonymous information isn’t data and therefore isn’t covered.
My record shows I’m good at keeping secrets. I take privacy seriously and the essence of this policy is simple – you give me some information so we can work together, you tell me things in coaching that I write down which helps me coach you, I treat your data carefully, I keep it securely, I don’t misuse it and I only hold onto it as long as I need to. I run a website so there’s some standard software that uses your data. I need to process your data to run a small business. Given how joined up the world is, some of your data may go to servers and be processed outside the UK. Data protection law means there needs to be a detailed policy to tell you that.
Where will I get your data?
I will have your data because you’ll have given it to me. If we are working together because your organisation has engaged me to coach you (and is therefore my client), then I may have basic data from them too. I don't process my client’s data in secret ways.
How will your data be processed?
The data I hold about you will be:
-
used lawfully, fairly and in a transparent way;
-
collected only for valid purposes that I have clearly explained to you and not used in any way that is incompatible with those purposes;
-
relevant to the purposes I have told you about and limited only to those purposes;
-
accurate and kept up to date, based on any updates you give me;
-
kept only if necessary for the purposes I have told you about and for a period which is reasonably necessary; and
-
kept securely.
Why will personal data be processed?
I need to process personal data to provide you with coaching, to fulfill my obligations and to run my business. This means:
-
I will need to process personal data so I can perform the coaching contract or carry out pre-contract requests from you. For example, I need to use my data on you to coach you effectively and for invoicing.
-
I will need to process personal data for legitimate interests that are not overridden by your interests, rights and freedoms. Examples would include the legitimate interests of my business such as disclosure of data to my bank and/or accountant (or other professional advisors) and/or professional body. I may use it to provide you with information or for telling you about services I provide which may be of interest to you. I may process data about you in the legitimate interests of my client, if my client is the organisation where you work. Examples would include providing periodic updates on progress or if a situation arose where confidentiality could not be maintained (eg an undisclosed potential breach of policy).
-
I will need to process your data to operate my website. This policy should be read in conjunction with my website policy, which sets out the details, including of cookies and plug-ins.
-
I may need to process personal data to comply with the law (eg to prevent money laundering, fraud or terrorism).
-
I may need to process personal data to protect someone’s life (eg if I had a concern that you or someone else was in danger).
-
I may need to process personal data where necessary in the public interest/for official purposes (eg if I was ordered to disclose it by a tribunal or the police).
I will only use your personal data for the purposes for which I collected it, unless I reasonably consider that I need to use it for another reason and that reason is compatible with the original purpose. If I need to use your personal information for an unrelated purpose, I will notify you and either seek your consent or explain the legal basis that allows me to do so. I won’t make automated decisions or do profiling based on your data.
Please note that I may process your personal information without your knowledge or consent, in compliance with this policy, where this is required or permitted by law.
What kind of data will be held?
There won’t be any surprises, because you will have provided me with this data during our work together or it will come through interacting with the website, but I need to spell it out. The data may include:
-
personal data required for us to interact and carry out the contract – eg name, telephone numbers, email addresses, addresses as necessary;
-
biographical information– eg your gender, age, marital status;
-
work-related information – eg data relating to career history, role and responsibilities, job title(s); and
-
special category data – eg data relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health or sexual orientation. I will use this data to provide effective coaching to you (ie to perform the contract). You need to explicitly consent to me using this data for this purpose: this is covered in our agreement. You can withdraw consent at any time.
Please note that I may process your personal information without your knowledge or consent, in compliance with this policy, where this is required or permitted by law.
Do you need to keep me informed of changes?
I can only keep your data up to date and accurate if you inform me of changes. Data protection law says that it is important that the personal data I hold about you is accurate and current. In terms of providing coaching and running my business, this is especially true of your contact information.
Who may data be shared with?
I will not disclose your data to third parties unless you have consented for me to do so, where it is necessary to provide coaching services to you, to run my business, where required for professional accreditation, or where I am otherwise required to do either contractually or under another law or enactment. Examples of third parties where disclosure is necessary for me to provide coaching services to you or to run my business include information that is held by the providers of the platforms we use to communicate with each other or my website, information required by my bank or other third parties in relation to invoices/my finances/insurance or if we use the services of psychometric profiling organisation. It could mean providing your name, contact details and coaching dates/hours to a professional coaching body so they can verify our coaching relationship. Some of these transfers may be outside the UK and European Economic Area. I will never sell your data to a third party.
How will data be kept secure?
Where I can I will ensure that you can’t be identified from the information I have on you. Client and business data is stored on a password-protected computer protected by Norton: antivirus, secure VPN, firewall and backup. Contact details for clients that I am working with are also stored on my mobile telephone that is also password protected. If coaching is carried out via Zoom or similar platform, contact data will be stored within the application for the duration that we are actively in a coaching relationship.
Emails and information transmitted via the Internet is not completely secure. I cannot guarantee the security of your data transmitted online and transmission is made at your own risk. If you communicate with me by email then you assume the risks of such communications being intercepted, not received or delivered, or received by individuals other than the intended recipient. I store notes I make during our sessions securely in a lockable filing cabinet. I dispose of paper records securely. I will notify you and any applicable regulator of a suspected breach where I am legally required to do so. I reserve the right to change the systems in which data are stored to another equivalent system without notification but at all times I will ensure the appropriate security of your data.
How long will data be kept for?
I will only retain your personal information for as long as necessary to fulfil the purposes I collected it for, including for the purposes of satisfying any professional, legal, accounting, insurance or reporting requirements. To determine the appropriate retention period for personal data, I consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which I process your personal data, whether I can achieve those purposes through other means, and the applicable legal requirements.
You can expect me to hold data relating to your coaching for a period of seven years after the last coaching contact with you. The reason for this is that under English law legal proceedings for breach of contract or negligence can be brought up to six years after the events. I therefore have a legitimate business interest in retaining the data should any subsequent legal proceedings ensue. After seven years, I will confidentially destroy all data held for you.
Will your data be used for marketing?
I may use your data to keep in touch, to send you information that I think may interest you, send you blogs, updates or tell you about other services. You may opt out of receiving these types of communication from me at any time by sending me an email.
Do you need to consent?
Almost all of the processing of your data does not require your consent. The exceptions are processing special category data and processing for marketing purposes. You have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please email me.
If you withdraw consent, I will no longer process your data for the purpose or purposes you originally agreed to, unless I have another legitimate basis for doing so in law.
How can you request access to, correction of or deletion of data?
Under certain circumstances, by law you have the following rights:
-
Right to be informed – to be told what data I hold about you and what I do with it.
-
Right of access – being able to request a copy of the data I hold on you.
-
Right to rectification – being able to have inaccurate data corrected.
-
Right to erasure – being able to ask me to delete / destroy your data.
-
Right to restrict processing – being able to limit the amount or type of data used. This enables you to ask me to suspend the processing of personal information about you, for example if you want me to establish its accuracy or the reason for processing it.
-
Right to data portability – requesting to move your data electronically to another business.
-
Right to object – being able to ask me to stop using your data.
If you want to exercise any of these rights please email me at graham@browningcoaching.com. I have a month to respond to your request. I may need to confirm your identity.
You will not have to pay a fee to access your personal information or to exercise any of the other rights. However, I may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, I may refuse to comply with the request in such circumstances. Please note that where you ask me to erase, correct, object to process or seek to restrict my processing of data I may refuse your request where I have a legal obligation, contractual or other legitimate business interest to do so. If I refuse your request then I will notify you and you will have the right to appeal.
What if you have questions or a complaint?
Please email me at graham@browningcoaching.com if you have any questions or complaints and hopefully we sort it out between us. You also have the right to complain the Information Commissioner’s Office at www.ico.org.uk.
WEBSITE
What data do I collect on this website?
Using my website may involve automatic collection of data by cookies and plug-ins about your browsing actions, usage patterns and your equipment. Examples of data collected in this way include IP addresses, browser type/version, browser plug-in types/version, time zone setting and location, operating system/platform and other technology on your device (Website Data).
What data may I receive from third parties?
I may receive Website Data from search information, advertising and analytics providers such as Google and LinkedIn. They may be based inside or outside the UK or EU.
What do I need to know about cookies?
Avoiding the temptation to talk about biscuits here, cookies are used by almost all websites and do not harm your IT. They improve your experience on the website. A cookie is a small piece of data transferred onto your computer by my website. They can either be stored on your computer only for as long as you are on the website, or remain on your computer when you leave the site. They don’t reveal your identity to me in a way that means I’m going to figure out who you are, and are about your device or your preferences.
I use cookies in two ways:
-
to give you the best experience possible on the site by ensuring it runs efficiently on your device; and
-
to track visits - this helps me improve the website as I’ll know which parts are visited most.
I use these types of cookies:
-
Strictly necessary cookies – no cookie, no access. You would not be able to use the website without them so they cannot be turned off. They do not gather data about you that could be used for marketing or remembering where you have been on the site.
-
Analytics/performance cookie – these gather information about how visitors interact with the site. If you disable these some parts of this website may not work as well.
I don’t use advertising cookies.
You have the choice to change cookie settings. You can also amend your cookie settings on your device.
This website is hosted on the Wix platform. For a complete listing of cookies used by Wix click here. It also uses Google Analytics whose cookie and privacy policy you can find here.
What happens when I connect with third parties?
My website may have links to third party websites, plug-ins and applications. I do not control those websites or their approach to privacy. Clicking on those links or enabling those connections may allow third parties to collect or share data on you.
Kudos if you read down to here.