Updated: 23rd May 2018
This privacy notice explains how we collect, manage, process and protect your data when you use our website www.hmcoaching.co.uk, including signing up to our online programmes, ask to be kept informed of updates, contact us or purchase our products. It outlines the type of data we hold and how we use that data to provide our services to you.
Our legal basis for processing your data
We process and store your information in order to fulfill our contractual agreement to deliver information/ goods you have consented to receive (online programmes, delivery of goods ordered, or updates on future books and products). We only store this information until the service/ goods are delivered, however, as part of our legal obligations, we do have a statutory obligation to retain information regarding products sold or to fulfill other legal requirements.
Where your data comes from
The data we receive is collected and gathered through our website and third-party software when you:
- sign up to our online programme
- request updates on our books or toolkits
- order books
- sign up for an event
- send us a message through our ‘contact us’ page
- email/ text/ call us with an enquiry
- leave a comment on our blog
The data we hold on you
We hold your name and contact information (e.g. email and/or phone number) and links to any social media sites if you have shared these with us. We do NOT collect any sensitive information from our website that refers to your race, ethnic origin, political opinions, medical condition, religious beliefs, sexual orientation or convictions. We do NOT collect or store any payment details from you; these are done through third-party commercial secure sites.
For clients we provided a service to, we hold personal data that enables us to provide the relevant service to you (necessary for the performance of the contractual agreement). Further information can be found in our terms and conditions, and how we protect that data within our data protection policy.
How we use your data
We will use your data to manage your interaction with us and this enable us:
- To provide the service you have employed us to do.
- To deliver the products you have bought either from us or from third party websites.
- To comply with AML regulations and other HMRC responsibilities.
- To keep you informed of work we are doing together or on your behalf.
- Offer you the opportunity to engage in other services we are piloting or offering (only if you sign up for updates).
If you provide us with contact information (by email, phone or via our website – contact us) we will assume this is consent for us to use that data only for the purposes listed above. However please see below for how long we keep data for.
How long we hold your data for
For those who sign up to our online programmes: Your data will be held until you unsubscribe or until the end of the programme. At the end of the programme, your data will be deleted during our quarterly data review or sooner if you ask for it to be deleted.
If you sign up to receive updates or further resources: Your data will be held until (a) you unsubscribe/ ask to be removed, (b) the service is offered and communicated to you, or (c) the service is no longer being offered.
If you buy our products from a third party site: The site’s own privacy notice will apply however, the data we gather from them will only be used to send you the product and contact you if needed. It will NOT be kept by us other than through the third party site. For our financial records, we do have an obligation to keep a record of any sale for 7years (NB: no payment details are collected or stored).
For those who contact us via an enquiry (either through our website, email or by phone): We will hold your data for at least 3 months unless we have a legal obligation under AML/ CF regulations. Assuming there is no legal obligation, your data will be reviewed and deleted as part of our quarterly data review or sooner if you ask to be deleted.
Leaving a comment: If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue. For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
For clients: After an initial enquiry, if we enter into a contractual agreement, as part of our legal obligations we have a statutory obligation to retain information for a period of 7 years. Further information can be found in our terms and conditions, and how we protect that data within our data protection policy.
Cookies & Analytics
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
We currently do not collect any analytics. If this changes, we will update this privacy notice immediately.
Protecting your data
We continually work to ensuring your data is securely processed, transmitted, protected against unauthorised or unlawful processing or accidental loss or damage. We regularly conduct assessments and put steps in place to rectify any risks identified.
Your data will always be our concern. Your data is NEVER sold to third parties nor disclosed to any external organisation by us, other than HMRC and Companies House in order for us to carry out our services to you and our legal obligations. The personal information we obtain is processed in accordance with all relevant data protection legislation. When this legislation is updated or replaced we will review and update our data processing practices accordingly.
If you buy our products from a third party site, the site’s own privacy notice will apply. However, we will NOT pass on your details to anyone nor use your data for any other purpose that provide the service/ product you have requested and your data will be securely processed by us.
For the automation of the online programmes we currently use MailChimp. You can access their privacy note: https://mailchimp.com/legal/privacy/. For the purchase of books we currently use Amazon. You can access their privacy note: https://www.amazon.com/gp/help/customer/display.html?nodeId=201909010
Communication via email or social media messaging platforms is NOT 100% secure therefore whilst we strive to protect your personal information we cannot guarantee the security of any information you transmit to us through these platforms therefore you do so at your own risk. We may provide you with a password in order for us to share encrypted personal data. Where we have given you a password you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Visitor comments may be checked through an automated spam detection service.
Embedded links and content from other websites
Transferring your information outside of Europe
As part of the services offered the information which you give to us may be transferred to countries outside the European Economic Area (EEA). For example, some of our third-party providers may be located outside of the EU. Where this is the case we will take steps to endure the right security measures are taken so that your privacy rights continue to be protected in accordance with UK data protection law.
Your rights and preferences
You have the right to:
- Be informed (which is explained in this privacy notice)
- Be forgotten
- Request a copy of the data we hold about you (this is called a subject access request)
- Update the information we hold on you and/or manage your communication preference at any time
- Restrict how use your data
- Obtain your personal data and re-use for own purposes
- Object to the processing of your personal data
If you would like a copy of some or all your personal information or should you wish for us to completely delete all information that we hold about you, please contact us (details below) and we will respond to your request within one month of receipt of the request. It is very important that the information we hold about you is accurate and up to date. You may ask us to correct information you think is inaccurate. You can also update your data via the support emails on the programme you signed up to. Please do let us know if at any time your personal information changes.
If you exercise your right to be removed from our records, we may still be required to maintain some data for our financial records to comply with our legal and statutory obligations but you will no longer receive any communication from us. Furthermore, reasons we may deny your request is if we show compelling legitimate grounds for the processing, which override your interest, rights and freedoms, or the processing of a legal claim.
- Email via our contact us form.
- Or write to Helen Monaghan, Data Protection Officer, HM Coaching Ltd, EH20 Business Centre, 6 Dryden Road, Loanhead, EH20 9LZ.
If you feel that your personal data has been processed in a way that does not meet the General Data Protection Regulations (GDPR) and you are unsatisfied with any explanation we have given you, you have the right to lodge a complaint with the relevant supervisory body. As we are based in the UK, that is the Information Commissioner’s Office (ICO).