This policy outlines what information we hold about you, how that information is used, who we may share it with and how we keep it secure. If you would like any additional information or explanation, please contact firstname.lastname@example.org.
What we do
Excellaspro provides Mastery services to clients to help them take control of their next career step through bespoke, personalised coaching support and guidance. We help clients plan the right steps at the right time. By helping them prepare CV, applications and interviews, we help client develop, practice and refine key skills and strategies that will increase their chances of success and will benefit them throughout their career.
How we obtain your personal data
You provide us with personal data in the following ways:
- by completing a questionnaire or requesting a session online
- by completing an online sign up or contact form
- through email, over the telephone or by post
- by making credit card and online payment
This may include the following information:
- basic details such as your name, address, contact details
- details of contact we have had with you such appointment requests
- employment history
- bank details
How we use your personal data
We use this information so that we can provide our services to you and comply with our legal obligations. This means that the legal basis of our holding your personal data is for legitimate interest.
We use your personal data for the following purposes:
- to assess your enquiry about our services
- to manage any aspect of our services and improve the way we offer our services
- to manage our business operations
- to keep records of our communications with you
- to comply with legal and regulatory obligations, requirements and guidance.
We will protect your personal data in accordance with the law.
We may use your data for marketing purposes, such as newsletters, but we will ask you for your express consent first. You can ask us to stop at any time by contacting us at email@example.com.
We will hold your personal data for as long as we need to for reasonable business needs, ie to manage our relationship with you and our operations and accounts, to handle complaints and to comply with retention periods required by law.
Where do we keep your data?
We use third-party tools to store and manage personal data, such as a CRM System, cloud storage or email marketing software, as well as our own data storage systems. This means that data may be held in the EEA, USA (with suitable data privacy shields) or elsewhere.
These tools include:
- Practice Better (an practice management tool for appointments, resources and client communications https://practicebetter.io/privacy/)
- Square (as our payment provider https://squareup.com/gb/en/legal/general/privacy)
- Mailerlite (for email marketing https://www.mailerlite.com/legal/privacy-policy).
How do we share your information?
We will keep information about you confidential. We will only disclose your information to third parties with your express consent with the exception of:
- other businesses in order to fulfil our services to you
- legal or crime prevention agencies and/or to satisfy requests from governmental or regulatory authorities (such as HMRC or ICO) if we have a duty to do so or if the law allows us to do so.
What are your rights?
Everyone has the right to see, amend, delete or have a copy of data held that can identify them, with some exceptions. You do not need to give a reason to see your data. You have the right, subject to exemptions to:
- have your information deleted or corrected where it is no longer accurate
- ask us to stop processing information about you where we are not required to do so by law
- receive a copy of your personal data in an intelligible form
- object to certain processing of personal data, in particular to data processed for direct marketing purposes.
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the United Kingdom Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
You can find out if we hold any personal information by making a ‘subject access request’.
If we do hold information about you, we will:
- give you a description of it
- tell you why we are holding it
- tell you who it could be disclosed to
- let you have a copy of the information in an intelligible form.
If you would like to invoke any of these rights or make a subject access request, please contact firstname.lastname@example.org.
How is data that identifies you secure?
We only use information that may identify you in accordance with law. This requires us to process personal data only if there is a legitimate basis for doing so and that any processing must be fair and lawful.
Cookies are small files that hold information; they’re placed or ‘dropped’ on your computer when you access websites or use apps on your device. The data contained in the cookie can be retrieved by the website or app that placed them there. They can also be accessed by websites or apps that have been authorised to use them by the website or app that first dropped them.
Some cookies only exist for a short period of time and are then automatically deleted by your device. Others last for longer – these are called ‘persistent cookies’ – and some exist for years unless manually deleted. These can be used to analyse multiple website visits over time or customise the content that’s displayed.
Some cookies are set by the website or app you’re visiting – these are called ‘first party’ cookies. Others may be set by a third party when you use a website or app – for example, by a tool built into the website, or by an advertising network that displays adverts on the site or in the app.
To find out more about cookies, including how to see what cookies have been set and how to control, opt out and delete them, visit www.allaboutcookies.org or, for more information, visit https://ico.org.uk/.
If you have a complaint about the use of your personal data, please contact email@example.com and we will do our best to help you. You have the right to complain to the Information Commissioner’s Office which enforces data protection laws: https://ico.org.uk/.
Last reviewed May 2020