Privacy and Cookies
Chris Rodgers Consulting Ltd (“the Company”) is registered in England as Company No. 3619309. We provide a range of business services, including management consultancy; meeting and workshop facilitation; individual and team coaching and development programmes; and the provision of ideas and guidance on organizational dynamics, through the Company website and contribution to third-party speaking events. These are referred to collectively below as “our services”.
Purpose of personal data collection
To enable the business to function in a viable and professional manner, and in ways that deliver value to corporate clients and individual website visitors, we might need to collect and process certain personal data about those individuals with whom we interact. In relation to any data that relates personally to you, our purpose in collecting and processing it will be to fulfil one or more of the following conditions:
- to provide you with a particular business service that you have personally requested;
- to fulfil our contractual commitments to a client organization with which you are involved;
- to enable our interactions with prospective client organizations with which you are involved;
- to facilitate the effective delivery of support services to the Company from a supplier organization or associate consultancy with which you are involved;
- to manage your employment with the Company;
- to satisfy a legal or regulatory requirement.
Our approach to privacy
We place a high priority on the safeguarding of confidential information and on the secure and ethical processing of the very limited amount of personal data that we receive in the course of our business. This applies to all aspects of our business processes and practices, including the design, delivery, and reporting of our services; marketing activities; our involvement in client procurement procedures; requirements associated with legal and regulatory compliance; and our use of IT systems and external support services.
We will never supply your personal data to third parties for marketing purposes.
Underpinning all of the above is our recognition of your right to data privacy. This applies whether you are interacting with us as an individual service user; an individual working for one of our clients, service providers, or associate consultancies; or an employee of the Company.
Collecting and processing personal data
To enable us to carry out our business in a professional manner, we might collect a limited amount of personal data from you in a number of well-established ways. Most typically, we will do this via conversations (whether face-to-face, by telephone, or web-enabled) and/or the exchange of emails, with you or someone authorized to act on your behalf (such as your employer). We might also collect such data through your interaction with our website or your use of an online portal.
In most cases, other than for employees of the Company, the personal data that we collect and retain within our management and information systems will be limited to such things as your name, email address(es), and other role-related and contact information. In some instances - as, for example, in a one-to-one coaching relationship or website contact that you initiate – we might gain access to other personal data. This might be information that you choose to share with us in establishing the relationship. In other cases, it might arise in the course of the coaching conversation itself or as a result of interactions that flow from your initial contact. Any such data obtained through one or other of these means will be handled strictly in accordance with the data-protection principles set out in this Privacy Statement.
Consistent with this, we ensure that one or more of the following, conditions exists:
- You have given your consent to the processing of your personal data.
- We have a contractual requirement to process your personal data. This might arise from our contractual obligations to a client, to which you are party, including the requirements of the pre-contract process (such as tendering and contract negotiation); our management of services provided to the Company by a third-party organization with which you are involved; or in relation to your position as an employee of the Company.
- We have a legal obligation to process your personal data.
- We have a legitimate interest in processing your personal data, to enable the effective and compliant delivery and development of our business services. This would primarily relate to the anonymized analysis of data arising from any visits you might make to the Company website, so that we can improve the relevance and presentation of the information that we provide via that medium.
Keeping personal data secure
So far as is reasonably practicable, security measures are in place to prevent the unauthorised access, improper use or disclosure, unauthorised modification, unlawful destruction, and accidental loss of personal data stored electronically within our business systems. No personal data is stored in hard copy, other than that which might be provided to us in that form by you or, where applicable, your authorized representative (such as your employer).
In addition to this, our website uses a secure connection (you will see “https” at start of website address, and you can ‘click’ on the ‘lock’ symbol to view the security certificate). This means that any data you provide via this means will be encrypted before being transmitted across the web.
Any personal data that we hold is ordinarily accessed solely by authorized employees of the Company. However, from time to time, we might engage other people to work with us on a particular assignment. In such cases, we might allow them limited access to personal data, insofar as this is necessary for them to carry out the assigned work.
As part of our business support infrastructure, we engage a professional accounting firm to manage the accountancy needs of the business on our behalf. As part of this service, they have access to all relevant commercial and administrative details of the Company. This includes employees’ personal data, for the purposes of payroll management, tax accounting, and other mandatory requirements relating to employment matters.
As regards other, data-related aspects of our support infrastructure, we employ a professional service agency to design, develop, and host our website. We also have a service agreement with a professional IT service and support company, to help us minimize the risk of threats to our computer systems. This relationship also provides for the routine and secure back-up of Company datato the Cloud and to an encrypted storage device. With our permission, authorized employees of this company are given occasional access to our computer system, where this is necessary to diagnose faults and improve system performance.
These three important contributors to our business support infrastructure apply similarly high standards of data privacy to any personal data that they process on our behalf. These functional specialists, along with all others who have access to personal data as a result of their work with us, are required to comply fully with the conditions set out in this Privacy Statement or with provisions in their own Privacy Statements that we judge to be of an equivalent standard.
Despite the above security provisions, no email transmission or web-enabled exchange of information can ever be guaranteed to be fully secure. You should therefore take special care in deciding what personal data you send to us in this way.
How long we hold personal data
We only retain your personal data for as long as this is required to serve the purpose for which it was originally provided, plus a further period to cater for any business management or legal and regulatory requirements that might apply.
In relation to any personal data associated with client work, we will retain this for a maximum of six years after the end of our commercial relationship with the client. Similar provisions will apply to any personal data arising from our relationship with various service organizations; and from our links with associate consultancies, with whom we might work from time to time.
As regards those individuals who have consented personally to our possession and processing of their personal data (such as via their interaction with the Company website), we will retain and use that data in the ways intended until such consent is withdrawn.We will then delete or anonymize the record unless a legitimate reason exists for us to retain it in its original form.
In respect of the personal data of individual employee, we will retain this for the duration of their employment with the Company, plus a further six years to meet certain legal and regulatory requirements.
Ownership of, and access to, your personal data
Any personal data that we collect from you, or which is generated as a result of your interaction with our systems and services, belongs to you. You therefore have the right:
- to know what personal data of yours we hold;
- to know if, how and why your data is being processed;
- to ask us to correct any errors that might exist in any of your personal data that we hold;
- to request your personal data to be deleted from our systems, where this is no longer required to satisfy its original purpose, or its presence within our systems was originally based on consent, which you now wish to withdraw, and no other legitimate reason exists for us to retain it.
- to ask for your name be removed from any list that we might use, from time to time, for purposes such as information sharing (e.g. newsletters and briefings), direct marketing, and surveys;
and, in the event that you are not satisfied with the response you receive,
- to raise a concern with the Information Commissioner’s Office (ICO) at https://ico.org.uk/concerns/.
If you need to contact us with a data protection query regarding our possession and processing of your personal data, please use the “Get in Touch” form on the Company website or email email@example.com.
Subject to our having confirmed your identity, we aim to respond promptly to any legitimate requests that you might make in relation to the above. The relevant data protection regulations allow a maximum of 30 days for us to provide you with a response to a valid request.
If a breach of security were to occur, affecting data that relates to you, we would begin by assessing the nature, extent, and likely impact of the breach.
Were we to judge that this might result in a significant risk to your rights, we would notify you, and/or (where applicable) relevant members of your connected organization, that a breach of your personal data had occurred.
We would do this as soon as reasonably practicable after discovery of the breach. In any such notification, we would aim to include information on what had occurred; the measures we had taken or that we proposed to take, to address the situation; details of whom to contact within the Company; and. advice on how to contact the Information Commissioner’s Office (ICO).
If the nature of the breach were such that the Company was required to inform the ICO, we would do so within 72 hours of our becoming aware of the essential facts of the breach.
Links from our website
Besides the above links to the Information Commissioner's Office and AboutCookies.org, our website contains links to a number of external social media platforms. These include Typepad, on which our blog, informalcoalitions.com is hosted; the professional networking site, LinkedIn; and the online news and social networking service, Twitter. Although these sites are well-established and widely used, we have no control over the management and operation of these websites and platforms, including any matters relating to their security, privacy policies, and practices.
If you have any questions regarding this Policy, please contact us initially by using our Get In Touch form.
© Chris Rodgers Consulting Ltd