I collect and store the following data in order to deliver coaching, mentoring and tutoring services:
Contact Information (your name, email address and phone number).
Email correspondence.
Payment information.
Calendar bookings.
Session notes and records. (Information related to your coaching goals, progress, and any other relevant information shared during coaching sessions.)
In the case of minors, the name of your school or college, and details of any exam courses you are working towards.
Communication: To schedule sessions, share resources, and respond to your enquiries or to follow up on anything related to or discussed in our sessions.
Payment: To collect payment for services rendered.
Delivery of service: To provide effective coaching tailored to your own needs, and to help you work towards your goals, as per our client-coach agreement which I ask you to read and sign before our first session.
Legal obligations: I may use your information to comply with legal obligations or in response to lawful requests.
Insurance: It is required by my insurers that I keep a record of session notes for at least 5 years after the date of our last session. If you are a minor when you see me, I am required to keep your data for 5 years after your 18th birthday.
I may ask for your additional consent to use your contact details and/or session notes in order to:
· send you information about offers and other services I offer.
· share your testimonials for marketing purposes.
· share anonymised case studies with other coaching professionals, or as part of a supervision.
In these instances, your consent is entirely voluntary and can be withdrawn at any time. If you choose to withhold or withdraw your consent it will in no way affect the quality of service you receive or my ability to deliver it.
Your personal data will be stored for 5 years from the end of your last session with me. If you are a minor, your data will be stored for 5 years after your 18th birthday.
I implement the following measures to ensure your data is as secure as possible:
Files stored electronically (eg session notes and client agreements) are password protected.
Two-factor authentication is enabled where possible.
Software and security systems are updated regularly and promptly.
Video calls are carried out using secure, password-protected platforms such as Zoom.
My devices are locked and password protected when not in use.
Any paper copies of information (eg session notes, client contracts) are either scanned electronically and destroyed, or kept in a locked cabinet in my home office.
Although I do my best to protect the personal information you provide me, I must advise you that no method of data storage, or transmission, is 100% secure and no one can guarantee absolute data security. Should I become aware of a data breach I will comply with UK GDPR requirements with regard to reporting it.
I will not share your data with a third party unless with your written or verbal consent. The exceptions to this are:
If I believe you to be in danger of harming yourself or other people.
If any illegal activity is disclosed to me that must be reported to the authorities.
If anything is disclosed to me that falls under safeguarding and reporting duties as outlined in the Children Act.
If otherwise required to do so by law.
Right of access: You have the right to access and receive a copy of all the personal data I hold about you.
Right to rectification: You have the right to request that any personal data I hold about you is rectified, if inaccurate, or completed if it is incomplete.
Right to data portability: You have the right to receive any data I hold about you that has been collected, or that you have provided to me, electronically, (name, contact details and, where provided, payment information) or request that I share this with a third party.
Right to object*: You have the right to object to the processing of your personal data.
Right to erasure*: You have the right to request that some, or all personal data held about you is deleted.
Right to restrict processing*: You have the right to restrict the processing of your personal data where you have a particular reason for wanting to do so:
you are concerned about the accuracy of your personal information.
you believe your personal information has been unlawfully processed.
you need me to maintain the personal information solely for the purpose of a legal claim
you have already objected to me processing your data and I am considering whether your legitimate grounds override those of the individual.
*Please note, that your rights to object, to restrict processing and to erasure, do not apply to session records (my session notes, your name, and the date(s) of sessions). This is because my insurers require these records to be kept for a period of at least five years from the date of our last session, and in the case of a minor, for a period of at least five years after the minor reaches majority. In this case your data is being used “for the establishment, exercise or defence of legal claims” and the previously mentioned rights therefore do not apply. For more information on these restrictions, please see the ICO website.
If you have any questions about this privacy policy or how your data is handled, please contact me at christine.locock@gmail.com