Graydin Ltd (Registered Company Number: 07815621) is committed to protecting your privacy. At all times we aim to respect any personal information you share with us, or that we receive from other organisations, and keep it safe. This Privacy Notice (Notice) explains how we hold and use personal information and your rights in relation to it.
This Notice covers interaction with out on our website: http://www.graydin.com/, through our learning portal and when we work with you in providing our coaching sessions.
This Notice contains important information about your personal rights to privacy, so please read it carefully.
1. How we collect personal information about you:
(a) When you give it to us directly (for example, by getting in contact through our website or through accessing our learning portal).
(b) When we obtain it indirectly (for example, where your organisation provides us with your details for the purposes of running a course). To the extent we have not done so already, we will notify you when we receive personal information about you from somebody else, and tell you how and why we intend to use that personal information.
(c) When you visit our website (including the learning portal). When you visit our website, we automatically collect the following types of personal information:
· Technical information, including the internet protocol (IP) address used to connect your device to the internet.
· We also collect and use your personal information by using cookies on our website and our learning portal– please see our Cookie Notice.
We may combine your personal information from these different sources for the purposes set out in this Notice.
2. What personal information do we use?
We collect, store and use the following kinds of personal information:
· name and contact details, including telephone number and email address;
· job title and employer;
· information about your computer/ mobile device and your visits to and use of this website, including, for example, your IP address;
· any other personal information which you choose to share with us (for example, on the Pre-Coaching Questionnaire or on the Feedback Form), or which is shared with us indirectly on your behalf via your employer, as per section 1.
3. Do we process “special categories” of data?
Data privacy law recognises certain categories of personal information as sensitive and therefore requiring more protection, for example information about your health or ethnicity.
In certain situations, we collect and/or use these special categories of data (for example, we may collect details about access requirements or dietary needs in order to facilitate our courses). We will only process these special categories of data if there is a valid reason for doing so and where the law allows us to do so.
4. How and why will we use your personal information?
Your personal information, however provided to us, will be used for the purposes specified in this Notice, including:
(a) to provide courses;
(b) to provide one to one and group coaching;
(c) to provide consultancy;
(d) to provide workshops;
(e) to help train new coaches on our team;
(f) to provide you with the information you have requested and to communicate with you in general;
(g) to provide you with updates about new resources we offer and future course offerings;
(h) to send you general information about Graydin, Graydin’s activities and our partner organisations;
(i) to liaise with your employer about any service we provide and your participation (without breaking legal confidentiality agreements);
(j) to manage relationships with our clients;
(k) what about when a client says that it is cool with them that we forward someone else their details as to learn more about coaching
(l) to improve our course offerings and other services provided by Graydin;
(m) to analyse and improve our work or for our internal records;
(n) to analyse/ report on the impact and effectiveness of our work;
(o) to audit and/ or administer our accounts;
(p) to satisfy legal obligations which are binding on us, for example in relation to regulatory, government and/ or law enforcement bodies with whom we may work;
(q) for the prevention of fraud or misuse of services; and/or
(r) for the establishment, defence and/ or enforcement of legal claims.
5. Our legal basis for processing your personal information
The law requires us to rely on one or more lawful bases to collect and use your personal information. We consider the grounds listed below to be relevant:
(a) Where you have given your consent (for example, we may ask for your explicit consent to collect special categories of your personal information or to send you future information about Graydin’s offerings).
(b) Where necessary so that we can comply with a legal obligation to which we are subject.
(c) Where necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering a contract (for example, if you request additional coaching support in addition to the courses, or would like to become a Graydin coach).
(d) Where there is a legitimate interest in us doing so. The law allows us to collect and process your personal information if it is reasonably necessary to achieve our or others’ legitimate interests (as long as that processing is fair, balanced and does not unduly impact your rights).
In general, our “legitimate interests” include the day to day administration of Graydin as a business, the running of our courses and developing new business by reaching out to new schools and partners.
6. How long do we keep your personal information?
In general, unless still required in connection with the purpose(s) for which it was collected and/or processed, we remove your personal information from our records six years after the date it was collected in other cases (e.g. when we ran the course).
However, if before that date (i) your personal information is no longer required in connection with such purpose(s), (ii) we are no longer lawfully entitled to process it or (iii) you validly exercise your right of erasure (please see section 10 below), we will remove it from our records at the relevant time.
If you request to receive no further contact from us, we will keep some basic information about you on our suppression list in order to comply with your request and avoid sending you unwanted materials in the future.
7. Will we share your personal information?
We do not share, sell or rent your personal information to third parties for marketing purposes. However, in general we may disclose your personal information to third parties in order to achieve the purposes set out in this Notice.
Non-exhaustively, those parties may include:
(a) Our sister company, Graydin LLC in the United States, with whom we coordinate the provision of service;
(b) With our trainers and coaches and administrators who are independent contractors;
(c) suppliers and sub-contractors for the performance of any contract we enter into with them, for example IT service providers such as website hosts;
(d) schools with whom we work;
(f) financial companies that collect or process donations on our behalf;
(g) professional service providers such as accountants and lawyers;
(h) parties assisting us with research to monitor the impact/ effectiveness of our services; and/or
(i) regulatory authorities, such as tax authorities.
In particular, we reserve the right to disclose your personal information to third parties:
· if we sell or buy any business or assets, in which case we will disclose your personal information to the (potential) seller or buyer;
· if substantially all of our assets are acquired by a third party, personal information held by us may form part of those assets;
· if we are under any legal or regulatory duty to do so; and/or
· to protect the rights, property or safety of Graydin, its personnel, users or others.
8. Security of and access to your personal information
We take appropriate and proportionate measures to safeguard your personal information and to prevent the loss, destruction, misuse or alteration of it.
We generally store and process your information within the European Economic Area (EEA).
Where we need to transfer your information outside of the European Economic Area we only do so to countries which have been determined by the European Commission to have an adequate level of data protection//or where we transfer personal information to countries that have not been determined to have an adequate level of protection we do so using a variety of legal mechanisms, including contracts, to help ensure your rights and protections.
9. Your legal rights
Where we rely on your consent to use your personal information, you may withdraw your consent at any time. You also have the following rights:
(a) Right of access – you can write to us to ask for confirmation of what personal information we hold about you and request a copy of that personal information. Provided we have confirmed your identity, we will provide you with your personal information subject to any exemptions that apply.
(b) Right of erasure – in some cases you can ask us to delete your personal information from our records (or to anonymise it).
(c) Right of rectification – if you believe our records concerning you are inaccurate, you may ask us to update them. You can ask us to check the personal information we hold about you if you are unsure.
(d) Right to restrict processing – you may ask us to restrict the processing of your personal information if there is disagreement about its accuracy or legitimate usage.
(e) Right to object – you have the right to object to processing where we are (i) relying on the basis of legitimate interests, (ii) using your personal information for direct marketing or (iii) using your personal information for statistical purposes.
We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal information you request to you.
Some of these rights only apply in limited circumstances. For more information, or to exercise your rights, please contact us using the details below.
10. Links and third parties
Our website links directly to other websites. This Notice does not cover those external websites and we are not responsible for the privacy practices or content of those sites. We encourage you to read the privacy policies of any external websites you visit via the links on our website.
11. Changes to this Notice
We may update this Notice from time to time. We recommend you check it regularly, but we may also notify you of significant changes by contacting you directly where reasonably possible for us to do so and by placing a notice on our website.
This Notice was last updated on 6th of June 2018.
12. How to contact us (including complaints)
If you have any questions or concerns about this Notice or about the way in which your personal information is being used please let us know by contacting us in the following ways:
by email: firstname.lastname@example.org
by telephone in the UK: +44(0)797 2031 606
by telephone in the USA or CAN: +1 (917) 251 4674
You are entitled to make a complaint at any time to the Information Commissioner’s Office, the UK regulatory authority for data privacy – www.ico.org.uk/global/contact-us.