Purpose of this notice
This notice outlines how I collect and use personal data about you, as required by the General Data Protection Regulation (GDPR).
Collecting and using personal data
As an Independent Consultant I work closely with individuals and client organisations to understand their needs and provide a range of services (for example, consultancy, training, facilitation or coaching). Sometimes I partner with other independent professionals and/or organisations in designing, delivering and evaluating these services.
In the course of my work I will collect and use your data for the purposes of my legitimate interests, in ways that you would reasonably expect in the context of our professional relationship. I will not gather or use your personal data for any other purpose unless I have first taken the steps required by the GDPR (such as notifying you, or seeking your consent).
Any personal data will be limited to what is necessary for initiating, carrying out and concluding our work together. For example, I may collect information about you:
- When you contact me for information about the services I provide, or related activities and events
- When we meet to discuss requirements
- As part of the process of engaging my services
- During the provision of services
- If you contact me with a query relating to the services I am providing
- From third parties and/or resources in the public domain
If you are a client, partner, supplier or a member of my professional network, the information I hold about you will normally include your personal contact details (such as your name, address, email address and telephone number). It may also include the following:
- Information about services that have been proposed and/or provided (or products if you are a supplier)
- Our correspondence and communications
- Information provided by you or your employer in the course of establishing and progressing our work together
- Information from research or surveys (which may include publicly available information)
I will share your personal data with third parties where required by law, where it is necessary to administer the relationship between us (for example, when partnering to deliver services) or where I have another legitimate interest in doing so.
If you have explicitly consented for me to do so, I will contact you with information relating to services, activities or events that may be of interest. You have the right to withdraw the consent that has been given in this specific respect (to do so, please use the unsubscribe facility in any marketing email you receive from me). I will not share your data with third parties for marketing purposes.
Data security and retention
I have put in place reasonable and appropriate security measures to prevent data loss and to safeguard your information from unauthorised access, use, alteration or disclosure. I will retain your personal data for as long as is necessary to meet the purposes for which it is collected and to comply with legal obligations (for example, retention of financial records for tax purposes).
Queries and concerns
Please contact me if you have any queries relating to this notice, or if you would like more detailed information regarding my collection/use of personal data and your rights in this respect.
If you have any concerns please write to me in the first instance:
You also have the right to make a complaint to the Information Commissioner’s Office (ICO): Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF (https://ico.org.uk/concerns)
Changes to this notice
Any changes to this privacy notice will be updated on www.estherwaite.co.uk.
This notice was last updated 14/09/18.