Protecting Your Information – Our Policy

1          Introduction and Scope of this Privacy Policy

At Couravel we are serious protecting and respecting your privacy and to acting in compliance with the provisions under the General Data Protection Regulation (GDPR), as amended from time to time.

This Privacy Policy sets out the types of personal data we may collect about you when you interact with us.  It also explains how we will capture, store, process, use and keep the data safe, including how long we will retain the data.

If you ask us for information, register interest with us, commission/contract or use our leadership, organisation, communication, change and development consulting services or report a problem, then we collect any personal data you submit to us.

2          What legal bases do we rely on?

The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:

Consent

  • In specific situations, we can collect and process your data with your consent.
  • When collecting your personal data, we will always make clear to you which data is necessary in connection with a particular service.

Contractual Obligations

  • In certain circumstances, we need your personal data to comply with contractual/commissioning obligations in connection with any services that we provide to you.

Legitimate Interest

  • In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.

3          What sort of personal data might we collect from you?

The data that we collect from you when we provide our services may include information:

  • You provide when you request our services, such as your name, e-mail/postal address, social media contact details or telephone numbers.
  • You provide in scoping/discovery/diagnostic interviews undertaken as an element of leadership and organisation development programmes for which our services have been commissioned/contracted.
  • You provide when you request and complete psychometric questionnaires as part of any service we supply.
  • You provide when you contact us or report a problem to us.
  • You provide when you choose to complete a survey that we use for evaluation or research purposes.
  • When you engage with us on social media.
  • When you ask us by whatever means to provide information about our services.
  • When you comment on or review our services.
  • When you have given a third party permission to share with us the information that they hold about you.

4          How and why we may use your data?

The personal data that we collect is used:

  • To communicate with you when you approach us about or commission/contract us to provide our services.
  • For communicating with you about our other services in which we think you may be interested.
  • To seek your views on our services.
  • For informing and shaping the design of our services that you either request or commission/contract from us.
  • For the compilation of anonymised and aggregated interview data used to inform the design/delivery of services and programmes that you commission/contract from us.
  • To compile a pictorial record for your use of the outputs from any leadership, communication, change or development programme that you either request or commission/contract from us.
  • For the evaluation of our programmes and assignments.

When sensitive personal data emerges in scoping/diagnostic/discovery interviews or coaching sessions then the data will be recorded anonymously and used only for the duration of the leadership, communication and organisation development programme.

If you choose not to share your personal data with us then we might not be able to supply some of the services that you have requested.

Importantly, if you wish to change how we use your data then you will find details in the section covering your rights (see Section 7 below).

5          How we protect your personal data?

We know how much data security matters to our clients and, with this in mind, we will treat your data with the utmost care and take all appropriate technical and organisational measures to protect it.

Whenever and wherever we collect, process or use personal data, including sensitive data, we have security measures in place to ensure that it is password-protected and handled securely in accordance with this Privacy Policy.

Although nothing that you or we send over the internet is completely secure, when it is held on our systems we employ a layered approach to protecting your data including high-strength passwords and market-leading firewall/anti-virus software.

We routinely monitor our system for possible vulnerabilities and attacks.

6          How long will we keep your personal data?

Whenever and wherever we collect, process or use your personal/sensitive data, we will keep it only for as long as is necessary for the purpose for which it was collected.  For example, this might be for the life of a particular leadership and organisation development programme or coaching assignment.

At the end of that retention period, your data will be securely saved on our systems in the event that you require access to it in future.

7          What are your rights over your personal data?

You have the right to request:

  • Access to the personal data we hold about you.
  • The correction of your personal data when incorrect, out of date or incomplete.
  • The deletion of the data that we hold about you. For example, when you withdraw consent, or object and we have no legitimate overriding interest, or once the purpose for which we hold the data has come to an end.
  • A computer file in a common format containing the personal data that you have previously provided to us.
  • Restriction of the use of your personal data, in specific circumstances, generally whilst we are deciding on an objection you have made.
  • That we stop processing your personal data, in specific circumstances. For example, when you have withdrawn consent, or object for reasons related to your individual circumstances.
  • That we stop using your personal data for direct marketing.
  • That we stop any consent-based processing of your personal data after you have withdrawn that consent.

8          Your right to withdraw consent

Whenever you have given us your consent to use your personal data, you have the right to change your mind and withdraw your consent.

You can contact us by e-mail to request to exercise these rights at any time.

9          Direct marketing

You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels.  We will always comply with your request.

You can stop direct communications from us by:

  • Telling us in an e-mail, inserting ‘UNSUBSCRIBE’ in the message subject.
  • Writing to us at our registered company address: Couravel, The Oast, Gedges Farm, Tonbridge TN12 7EJ.

10        Our commitment to you

We will keep your data secure.

We will never sell your data or share it with third parties.

When we engage trusted associates with your consent to work with you as part of any commission/contract with you then we will ensure that:

  • We provide only the information they need to perform their specific services.
  • They may only use your data for the exact purposes we specify in our contract with them.
  • We work with them closely to ensure that your privacy is respected and protected at all times in accordance with this Privacy Policy.

You will be able to unsubscribe from any communication we send whenever you choose.

When you request it we will provide you with a file containing all the data that we hold on you.

11        If you live outside the UK

Sometimes we will need to transfer your personal data between countries to enable us to supply the services you have requested.  In the ordinary course of business, we may transfer your personal data from your country of origin to ourselves located in the UK.

By commissioning/contracting us you are giving your consent to this overseas use, transfer and disclosure of your personal data outside your country of residence for our ordinary business purposes.

This may occur because our information technology storage and processing facilities are located outside your country of residence, such as the storage of your personal data on servers in the UK.

We will ensure that reasonable steps are taken to prevent third parties outside your country of residence using your personal data in any way that is not set out in this Privacy Policy.  We will also make sure that we adequately protect the confidentiality and privacy of your personal data.

By either using our services or providing your personal data to us, you expressly consent to the processing of your personal data by us in this way.  Of course, you still have the right to ask us not to process your data in certain ways, and if you do so then we will respect your wishes.

12        Contacting the Regulator

If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests that you have made to us regarding the use of your personal data, then you have the right to lodge a complaint with the Information Commissioner’s Office.

You can contact them by calling 0303 123 1113

Or go online to www.ico.org.uk/concerns (please note that we cannot be responsible for the content of external websites).

If you are based outside the UK then you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.

13        Any questions and how you can contact us?

We hope that this Privacy Policy statement has been helpful to you in setting out the way that we handle your personal data and your rights to control it.

If you have any questions that have not been covered by this Privacy Policy, or wish to opt out of any direct marketing communications or wish to update or request any information about or copies of your personal data held by us then please contact us.

Write to us at:

Data Protection Officer

Couravel Limited

The Oast, Crittenden Road,

Tonbridge TN12 7EJ

If you have a complaint regarding any matter under this Privacy Policy or how we handle your data then please contact our Data Protection Officer using one of the methods above.

14        How you can obtain the personal data that we hold about you

If you wish to see a copy of the personal data that we hold about you, you can request this by contacting our Data Protection Officer by one of the means shown above.

15        Changes to and reviews of this policy

This Policy was issued on 25 May 2018 and covers Couravel Limited.

It is reviewed either at least annually or on significant changes to GDPR whichever comes sooner.

We reserve the right to modify or update the policy from time-to-time and will tell you of any such changes where they are either significant or where they alter the legal basis for our use of your personal data.

Registered Company Number: 04291357