Who we are & our website
What personal information do we collect and use?
Personal information includes any information about an individual from which that person can be identified, for example: your name, address, phone number and email address. Obviously, this doesn’t include any anonymised data.
We collect personal information about you when you access the Site, register with us, contact us, send us feedback, purchase products or services via the Site, post material to the Site and compete customer surveys or participate in competitions via the Site.
The personal information we collect about you depends on the particular activities carried out through our Site but it might include:
- your name, address and contact details
- date of birth
- bank account and payment details when you purchase a product of service from us,
- details of any feedback you give us by phone, email, post or via social media
- information about the services or products we provide to you
- your account details, such as username, login details to membership sites we give you access to.
We then use this personal information in a number of ways including:
- to respond to you if you contact us for help or a query;
- create and manage your account with us;
- to allow you to play properly with our websites and online services, so you can be interactive with us when you choose to do so;
- verify your identity;
- provide goods and services to you under a contract;
- to send you valuable information which we think you’ll enjoy and like relating to our services, events, what we’re up to, how you can connect with us. But ONLY if you consent to this and if you ask us to stop then we will;
- customise our website and its content to your particular preferences;
- notify you of any changes to our website or to our services that may affect you;
- improve our services.
Generally, we only use it for purposes which we need to – to protect ours and your interests and prevent illegal activity and make sure that what we offer and do in the world is safe and secure. It’s also important to note that this website is not intended for use by children under the age of 13 and we do not knowingly collect or use personal information relating to children.
Our legal basis for processing your personal data
Here’s the main thing to know. We will only collect, use and share your personal information if you’ve given us your permission and / or if we have either a legal right or obligation. This is known as the legal basis. The main legal bases we may rely upon include:
- consent: where you have given us clear consent for us to process your personal information for a specific purpose
- contract: where our use of your personal information is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract
- legal obligation: where our use of your personal information is necessary for us to comply with the law (not including contractual obligations)
- legitimate interests: where our use of your personal information is necessary for our legitimate interests or the legitimate interests of a third party (unless there is a good reason to protect your personal information which overrides our legitimate interests)
- you specifically gave us your permission to do so (“consent”)
- we sought your consent for certain things, e.g. to add cookies to your device;
- we needed to use your information to run our business successfully (the law calls this “legitimate interests”) but only when we’re happy there is no risk to you and your personal information, and we’ll give you an option to easily unsubscribe;
- we are delivering a contract to you or complying with a legal obligation giving us permission to do so.
Current data protection laws provide you with certain rights. These include the right, in certain circumstances, to:
- request access to your personal data;
- request correction of your personal data;
- request erasure of your personal data;
- object to processing of your personal data;
- request restriction of processing your personal data;
- request transfer of your personal data; and
- right to withdraw consent.
You can find more information about your rights here: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
If you wish to exercise any of the rights set out above or have any queries, please email us at firstname.lastname@example.org.
Generally, fees for access to your personal data (or in the exercise of any of your other rights) can no longer be charged. You will therefore not have to pay any fee to exercise your rights, including to access your own personal data. However, if your request appears unfounded, repetitive or excessive we may either decide to charge a reasonable fee or we may refuse to comply with your request. We will always explain to you our reasons for doing so.
In order to help us we may need to confirm your identity and ensure that you have the right to access the data you are requesting or exercise any of your other rights. In order to do that, we may need to request specific information from you as a security measure to ensure that we are not disclosing personal data to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request in order to speed up our response.
Legitimate requests will generally be dealt with in one calendar month. Sometimes it may take a bit longer if there are numerous requests or if the request is a little more complex than usual. We will always keep you up to date with our progress.
What information we may ask you to provide
We may ask you to provide the following information:
- your name (and possibly job title)
- contact information such as email address, phone number, correspondence address;
- demographic information such as postcode, lifestyle interests, business pursuits;
- optional information about your needs, interests, preferences, challenges for examples when we’re inviting you to fill out surveys, questionnaires, on boarding information or enrolments to coaching programmes;
- photographic evidence and/or video footage (this is usually if you attend one of our events in which case you will be asked for specific consent for this)
- as a customer, we would need to collect financial information for a transaction, a signature on a contract or other personal data in the context of our working together and to allow us to operate our business in accordance with the law.
Using your personal data
We only use your personal data for purposes which we need to – to protect ours and your interests and prevent illegal activity and make sure that what we offer and do in the world is safe and secure.
For example, we may use the personal data you provide in the following ways:
- To reply to you if you contact us for help or a query;
- To fulfil our contract with you when you’ve bought something from us;
- To send you valuable information which we think you’ll enjoy and like relating to our services, events, what we’re up to, how you can connect with us… but ONLY if you consent to this and if you ask us to stop then we will;
- To make sure that the Site is helpful and attractive for you and working effectively for your computer and devices and so we can meet the preferences and interests that you’ve told us about;
- To allow you to play properly with our Site and online services, so you can interact with us when you want to;
- To tell you if we make changes to our Site or service;
Sharing your personal data
We do not routinely share your personal data with third parties. Occasionally data sharing may take place for example to allow a third party to dispatch a product to you on our behalf or when we share information with third party software providers who store information on our behalf.
We will share personal information with law enforcement or other authorities if required by applicable law.
We will not share your personal information with any other third party. We do not transfer your personal data outside toe European Economic Area (EEA).
We would like to send you information about products and services, events, special offers and news updates which are intended to be of value and interest to you. Where we have your consent or it is in our legitimate interests to do so, we may do this by post, email, telephone, text message (SMS) or automated call.
We will ask whether you would like us to send you marketing messages when you tick the relevant boxes when you provide your personal data to us for the first time.
If you have previously agreed to being contacted in this way, you can unsubscribe at any time by:
- contacting us at email@example.com; or
- using the ‘unsubscribe’ link in our emails to you;
Please note it may take up to 5 days for your unsubscription to take place.
For more information on your rights in relation to marketing, see ‘Your rights’ below.
Cookies and similar technologies
Through your use of our website you will have access to links, plug-ins and applications that are not under our control. When you click on those links or open the connection associated with those links it may be that the third party that does control them collects and shares your personal data. We cannot be responsible their privacy statements. When you leave our website, please ensure you read the privacy notice of each website you visit as there may be significant differences that affect you.
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
How long we will keep your personal data – data retention
We will only ever keep your personal data for as long as we need it to be able to fulfil the purposes for which we collected it in the first place. This will include any reporting requirements, legal requirements or accounting requirements.
When we think about how long we should keep or retain your data, we think about:
- the amount, nature, and sensitivity of the personal data;
- the potential risk of loss, damage or harm from any disclosure, loss, misuse or unauthorised use of your personal data;
- the purposes for which we process your personal data and whether we can achieve those purposes without needing your personal data, and
- the applicable legal requirements, for example we have to keep basic information about our customers for six years after they cease being customers for tax purposes.
You have the legal right to ask us to delete your data in certain circumstances. Please see the section below entitled ‘Your Rights’ for further information.
We may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you. This is because you can no longer be identified from the anonymised data.
What if the information we hold about you is wrong?
It is very important that any personal data we hold about you is correct and is current i.e. is up to date. You have the right to correct us if any information we hold is incorrect or out of date. Please tell us if at any time your personal information changes or if we just have it wrong by emailing us at firstname.lastname@example.org.
What if we get something wrong?
If we get something wrong, we want to put it right as quickly as possible. We would really appreciate it if you would contact us first to try and resolve the issue if you ever have any cause to be unhappy with any aspect of the way in which we collect and use your data. However, if you remain unhappy please note that you always have the right to make a more formal complaint through the Information Commissioner’s Office (ICO) is the UK supervisory authority for data protection issues and their website is at www.ico.org.uk. We will work with ICO to ensure that any such complaint is dealt with to your complete satisfaction and in as short a time as possible.
Schedule 1 – the legal bases for our processing
|CATEGORY OF DATA||EXAMPLES||LAWFUL GROUNDS|
|Communication Data||Pretty much any communication that you send to us. For example, via the contact form on our website, an email, a text, any social media messaging, or any social media posting.||We process this data for the purposes of communicating with you, for record keeping and for the establishment, pursuance or defence of legal claims. Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.|
|Customer Data||This includes data relating to any purchases of goods and/or services such as your name, title, billing address, delivery address email address, phone number, contact details, purchase details and your card details.||We process this data to supply the goods and/or services you have purchased and to keep records of such transactions. Our lawful ground for this processing is the performance of a contract between you and us and/or taking steps at your request to enter into such a contract.|
|User Data||This includes data about how you use our Site and any online services together with any data that you post for publication on our Site or through other online services.||Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our Site and our business. We process this data to operate our Site and ensure relevant content is provided to you, to ensure the security of our website, to maintain back- ups of our Site and/or databases and to enable publication and administration of our website, other online services and business.|
|Technical Data||This is data about your actual use of our Site and other online services. It might include your IP address, your login data, details about your browser, length of visit to pages on our Site, page views and navigation paths, details about the number of times you use our Site, time zone settings and other technology on the devices you use to access our Site. The source of this data is from our analytics tracking system.||We process this data to analyse your use of our Site and other online services, to administer and protect our business and Site, to deliver relevant Site content and advertisements to you and to understand the effectiveness of our advertising. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our Site and our business and to grow our business and to decide our marketing strategy.|
|Marketing Data||This could include data whether you agree to receive marketing from us (and our third parties) and your communication preferences. We process this data to enable you to partake in our promotions such as competitions, prize draws and free give-aways, to deliver relevant Site content and advertisements to you and measure or understand the effectiveness of our communications and advertising.||Our lawful ground for this processing is our legitimate interests, for example in order to evolve and improve our services we like to study how customers use our products/services, and this helps us to expand and develop them, to grow our business and to decide our marketing and commercial strategy.|