Privacy Policy

Version 1.1
12 January 2019

This is the privacy policy for Lesley Adams, trading as People Zone Ltd and as this Website and these social media identities: LinkedIn; Twitter.  
Contact details:  Lesley@people-zone.com

 This privacy policy sets out how People Zone Ltd uses and protects any information that you give our organisation when you use our website or services.

People Zone Ltd is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using our website, then you can be assured that it will only be used in accordance with this privacy statement.

People Zone Ltd may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This version of the policy is effective from 12th January 2019.

This privacy policy covers the following information:

  1. About your personal data – the type of data that is collected or used, including when, how and why;
  2. About Your rights – all the ways that you can control what happens with your data.

My marketing system

People zone uses Connectably as a Customer Relationship Management (CRM) system.  Connectably is committed to good marketing practice, and as Connectably’s client, I follow the same principles.   See here for their privacy policy.

Contact Form:  People Zone uses the website platform WordPress, and I use a contact form plug-in from Connectably CRM.  The personal data captured through the various contact forms will vary, but each time you submit a contact form you will be asked to give consent to your data being used as set out in this privacy policy.  

Cookies:  If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.  Please see our cookie policy.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.    

Your personal data: what data I collect and how I use it:

When you make an enquiry

The name and contact details you give and the content of your message(s) are retained for three reasons:

  1. By your consent
  2. As part of a ‘contract’ (only while we communicate)
  3. For legitimate business interests – for good business practice I keep tabs on who has made contact before, the types of questions asked, what they are interested in / what they have signed up for.

When you make an online purchase as a single purchase, a membership or subscription

This is a contract for services. Your contact details are dealt with as above (consent, contract, legitimate reasons).  In addition, your purchase history and the payment details (sent to me from Paypal or Stripe), are retained for six years beyond the end of the contract for legal reasons – accounting law.  

When you attend a workshop or training (includes in-house as well as public training events)

All of the above applies. I also keep record of your attendance, any certificates earned (on the legal bases of both contract and legitimate interest) – so that I can confirm your certificate status / reissue certification if required, also so that I can send you updates or offers which may be of specific interest to you as an attendee/graduate.

We use Eventbrite for event promotion and ticket sales.  If you purchase a service provided by People Zone through Eventbrite your purchase history will be retained by me, and your payment details will be retained by Eventbrite.  Please note that Eventbrite is a third-party service that is not owned or managed by People Zone. You should refer to Eventbrite’s terms and conditions of privacy policy as we do not accept any responsibility or liability for their policies.

When you work with me 1:1

One-to-one client work (e.g. leadership coaching) is different. Dependent on the work, you may wish (or need) to provide personal details of a sensitive nature.

I record some details on an intake form which is retained in electronic, printed or handwritten format and includes your contact details, information about your coaching goals and progress.  This information is retained for legitimate professional reasons and will not be used for marketing purposes. The sessions notes include my handwritten or typed up notes which I keep for the purpose of fulfilling our contract and keeping tabs on the work during the session, and from one session to the next.  These are filed separately with only initials and date as identifiers so that no other person may connect these details to your personal identity.

In both cases I am required by law to retain these records for six years after the completion of our contract.

When you contract People Zone, or associates working for People Zone, on behalf of your organisation (B2B or B2C contracts):  

For these type of contracts (B2B or B2C) I retain notes from briefings, discussions and sessions where we work together – as handwritten, digital or printed notes  – which I keep for the purpose of fulfilling our contract and keeping tabs on the work during the contract. I also retain the contact details of the lead / commissioner of the work, for legitimate business interests.  If I have access to contact details for other members of staff during the work I retain these for information purposes only and I do not communicate with them for marketing purposes unless they explicitly give their consent as above.  

When you fill in an on-line survey or download resources from my website:

You will be prompted, when you complete an on-line survey, or download resources from my website, to give consent to me using your data for marketing purposes as described above.  Only the data collected at the time you complete the survey, or download the resource, will be retained.

Other data sources:

Incoming data is also received from my website host (SiteGround), WordPress, Paypal, Stripe, Eventbrite, Skype and Zoom.

Sharing your data

Your privacy is important and I will not sell your data nor share it except by your consent or under the law.

When working together, I may give out elements of your personal information to another practitioner as part of a referral.  This will always only be with your personal consent.

In continuation of current UK law on confidentiality I also retain the right and in some cases the legal requirement to breach confidentiality to inform an authority such as the police or your GP of impending harm or illegality.

Your Rights

The GDPR (General Data Protection Regulation) sets out clearly what your rights are. It also lays out deadlines for a reply and other rules which are reproduced for your information at the bottom of this section.

Right to be informed

You have the right to be informed about the collection and use of your personal data. This is a key transparency requirement under the GDPR.

I must provide you with information including: my purposes for processing your personal data, my retention periods for that personal data, and who it will be shared with. This ‘privacy information’ is provided above.

I must provide you with privacy information at the time I collect your personal data from you, in other words it has to be available to you before you fill in a form or hand over your data such as your email address.

If I obtain your personal data from other sources, e.g. by referral or from the payment service provider your selected, I must provide you with privacy information within a reasonable period of obtaining the data and no later than one month.

There are a few circumstances when I do not need to provide people with privacy information, such as if an individual already has the information or if it would involve a disproportionate effort to provide it.

The information I provide to people must be concise, transparent, intelligible, easily accessible, and it must use clear and plain language. Therefore if there is anything you do not understand, please get in touch.

Right of access

You have the right to access your personal data and supplementary information. This allows you to be aware of and verify the lawfulness of the processing.  You are entitled to confirmation that your data is being processed, access to your personal data, and other supplementary information as provided in this privacy notice 

Right to rectification

You have the right to have the data your personal data corrected if it is incorrect, or completed if it is incomplete.

Right to erasure

You may request, verbally or in writing, to have your data erased. This is also commonly known as ‘the right to be forgotten’. This right only takes effect when:

  • Your personal data is no longer necessary for the purpose for which it was originally collected or processed,
  • you withdraw your consent when the sole legal basis to hold this information is your consent,
  • There is a legitimate interest in processing this data, which does not override your request
  • processing/analysing of the personal data was for direct marketing purposes and this is the use you object to
  • your personal data was processed unlawfully without a proper legal basis
  • There is a legal obligation to comply with your request; or
  • If the personal data was processed to offer information society services to a child.

Right to restrict processing

You have the right to request the restriction or suppression of your personal data. In other words you want to stop the data being used but keep it on file.  In this case your personal data cannot be used and can only be stored unless:

  • you give your consent;
  • it is for the establishment, exercise or defence of legal claims;
  • it is for the protection of the rights of another person (natural or legal); or
  • it is for reasons of important public interest.

Right to data portability

This allows you to obtain and reuse your personal data for your own purposes across different services.  It allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without affecting its usability.  Doing this is meant to enable you to take advantage of applications and services that can use this data to find you a better deal or help you understand your spending habits. In general this rule exists for data held by big service providers, such as your call history or insurance or gas bill history. The right also only applies to information you have provided.

If, as a private coaching client you wish to carry a copy of your case notes or other sensitive data to another coach or counsellor, these may be provided to you or to the nominated service provider, on request, as an encrypted and password protected document.

Right to object

Individuals have the right to object to:

  • processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
  • direct marketing (including profiling); and
  • processing for purposes of scientific/historical research and statistics.

Your objection must be made on grounds relating to your particular situation.

Once you object your data can no longer be processed, unless

  • there are demonstrably compelling legitimate grounds for the processing, which override the interests, rights and freedoms of the individual; or
  • the processing is for the establishment, exercise or defence of legal claims.

You may complain directly to me using the contact details above. If you find the outcome unsatisfactory you are then able to object or complain to the relevant authorities.  You may of course also exercise your right to legal action.

Timelines:

You can claim a right verbally or in writing.   A response should come without delay and at least within one month of receipt. The time limit is calculated from the day after you make the request (whether the day after is a working day or not) until the corresponding calendar date in the next month.  I aim to respond within 28 days.

Exceptions:

When you request access to your data, a copy must be provided free of charge. However, you can be charged a ‘reasonable fee’ when a request is:

  • manifestly unfounded or excessive; particularly if it is repetitive (unless the repetition is because I failed to respond); or
  • for further copies of the same information (that has previously been provided).