We are an educational foundation providing training, professional supervision, coaching, counselling, psychotherapy, and similar services through workshops, webinars, one-to-one and group sessions in various locations and online. We also provide supporting materials and assessment on the basis of various professional qualifications.
Our principal, Julie Hay, is our data controller, data processor and data control officer and pays personal attention to how we maintain information about those who contact us. We rarely send out bulk mailings, and if we do we use a reputable mailing service that will ask for opt in. Our website uses cookies to collect the usual types of visitor information for analysis and website functionality. You can set your browser not to accept these, although some websites may then not function completely.
We process information by storing it within reputable CRM and accounting systems and in locked filing cabinets. We do not provide any information about our contacts to any other organisations except where this is required for the award of qualifications such as by universities or other professional bodies.
Our lawful basis for maintaining records is as defined in the Information Commissioner’s Office (2018): “Contract: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract.” (p.13).
Our intended purposes for maintaining records include:
- managing the provision of goods or services in line with contractual arrangements
- advising about potential provision of goods or services that may become contractual arrangements
- liaising with universities and other professional bodies to provide and/or confirm such details as may be required by such organisations within our contractual arrangements with them and with individuals
- reporting our business results to the relevant authorities (accounts, tax, etc)
- other purposes as may arise in order to carry out the usual functions of the organisation
With regard to any contract we have an ongoing commitment to maintain suitable records of services provided, particularly as we are often asked to confirm attendances and/or qualifications some time after the event. We provide this information when requested by the individual or when the individual has confirmed that they wish the information given to a third party.
Information kept by us includes, where relevant and known, the following within our database: name, email address(es), address details, telephone and/or other contact details, interests, purchases, original contact method, status relating to qualifications we offer, attendances, webinar-related homeworks expected and received, services being provided, fees agreed, and sometimes notes of conversations that remind us of our discussions with you about current and potential services.
On paper, in confidential locked files, we may have notes seen only by our professional consultants and which are necessary to provide a contracted service (such as professional supervision and/or sponsorship, counselling/psychotherapy/coaching) to you or to progress your stated interest in our services. These may include special category data and criminal offence details only insofar as these are relevant to the contracted service being provided and only when such details have been provided by you.
We also store audio recordings of professional sessions conducted with you, only after you have confirmed agreement to being recorded. These are stored under codes and you are provided with full access to your own recordings. For audio recordings of group activities such as supervisions, these are made available only to those engaged during the session. For recordings of webinars, you will already have signed to confirm that you are willing for these to be shared with others; audio only is shared so there is no identification of individuals included.
Reference: Information Commissioner’s Office (2018) Guide to the General Data Protection Regulation (GDPR) https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/ accessed 29 April 2018 (note – living document updated regularly)