Data Privacy and Processing Policy
Introduction
This document covers how Red Kite People Development Ltd processes data. The company is registered with the Information Commissioners Office. The Data Protection Officer is Liz Elton, contact at liz@redkitepd.com
What sort of data do we hold?
We hold details of our clients’ names, contact details (including emergency contacts for coaching clients), and the services that we are providing for them, including the dates that those services were received.
How do we use this data?
We use this data to liaise with our clients regarding services we are providing for them. If we have consent, we may also communicate with them via newsletters and similar which we be believe will be of interest. If any disputes arise regarding the services provided these data may be used in the course of resolving it.
Client data will not be disclosed to the third parties unless consent has been given for such a disclosure or we are otherwise required to do so either contractually or under another law or enactment.
For coaching clients, consent will be requested to record details of when the coaching relationship started, how many coaching hours and the names and contact details of coachees for credentialing purposes with the European Mentoring and Coaching Council. Names and contact details will only disclosed in the event of an audit.
How is data held?
Data is held securely on password protected computer drives that have up to date virus protection. Paper-based information is held in locked filing cabinet.
How long do we hold this data?
We hold the data above for up to 7 years from the date of the last interaction, at which point it is securely deleted. The reason for this is that the Limitation Act 1980 typically provides that legal proceedings for breach of contract or negligence can be brought up to six years after the events. There is therefore a legitimate business interest in retaining the data should any subsequent legal proceedings ensue.
Making a request to see the data held about you
Please contact the Data Protection Officer in writing, including your full and real name, a correspondence address (which can be an email address) and a description of the information you are interested in seeing. This will be treated as a data protection subject access request, and we will respond within the required timelines. For more information on this please see: https://ico.org.uk/for-the-public/your-right-to-get-copies-of-your-data/
Asking for your data to be deleted
Please contact the Data Protection Officer in writing, including your full and real name, a correspondence address (which can be an email address) and a description of the information you are interested in having deleted. This will be treated as a right to erasure request, and we will respond within the required timelines. For more information on this please see: https://ico.org.uk/for-the-public/your-right-to-get-your-data-deleted/