Please note that this Privacy Notice policy applies only to how our organisation handles your personal data only and does not represent any other organisation’s approach.
Collection of Personal Information
‘Personal information’ and ‘personal data’ mean any information that may be used to identify you as a natural living person, such as, your name, title, phone number or email address. or mailing address. In general, you can browse our website without giving us any personal information. We collect the information you supply to us through enquiry, and registration forms and by email.
We may also collect information automatically about your visit to our site. The information obtained in this way, which includes demographic data and browsing patterns, is only used in aggregate form, and as such cannot be used to identify you. This aggregate information is used to:
- build up marketing profiles
- aid strategic development
- audit usage of the site
There are additional activities on our site that require you to be registered and/or provide your consent to processing – for example, to receive our newsletter. As part of the registration process, we collect personal information. We use that information for a couple of reasons: to tell you about stuff information you’ve asked us to provide to you tell you about; to contact you if we need to obtain or provide additional information; to check our records are right correct and up-to-date, and to check every now and then that you’re happy and you are satisfied with our services.
Customers have the right to withdraw consent at any time. Where consent is the only legal basis for processing, we will cease to process data after consent is withdrawn.
Use of personal information
We process personal information collected via the website for the purposes of:
- Providing the best possible service
- Providing you with information about products and services we offer
- Understanding our customers’ behaviour, activities, preferences, and needs;
- Improving existing products and services and developing new products and services;
- Handling customer contacts, queries, complaints or disputes;
- Sending out essential course information;
and with your consent:
- Promoting, marketing and advertising our products and services;
- Sending promotional communications which are relevant and tailored to individual customers;
Ros Taylor Company may collect the following information about you:
- Your name, age/date of birth and gender;
- Your contact details: postal address including billing and delivery addresses, telephone numbers (including mobile numbers) and e-mail address;
- information contained in your CV or profile
- payment card information
- Your communication and marketing preferences, including your levels of consent;
- Your interests, preferences, feedback and survey responses;
- Your location of work for the purposes of face to face meetings;
- Your correspondence and communications with Ros Taylor Company
This list is not exhaustive and, in specific instances, we may need to collect additional data for the purposes set out in this Privacy Notice Policy. Some of the above personal data is collected directly, for example when you set up a contract with us or sign up to our newsletter on our website, or when you send an email to our team. Other personal data is collected indirectly, for example through your Human Resources or Learning & Development department for the purposes of carrying out our legal obligations.
Special Category data
We will comply with section 9 of GDPR, ensuring that Special Category data is handled using both a lawful basis and that such data is processed in a more sensitive way. For example, information about an individual’s:
- ethnic origin
- trade union membership
- biometrics (where used for ID purposes)
- sex life; or sexual orientation.
Retaining your personal information
Unless we explain otherwise to you, we’ll hold your minimal personal information based on the following criteria:
- For as long as we have reasonable business needs, such as managing our relationship with you and managing our operations; and/or
- Retention periods in line with legal and regulatory requirements or guidance (which will take priority)
We are committed to protecting the privacy of your personal data. We use appropriate standards of technology and operational security to protect personal information including a secure server and network firewall connection. Operationally, access to personal information is restricted to authorised personnel who are under a duty to maintain the confidentiality and security of such information.
Disclosure to Third parties
We may share your information with third parties but only in the strictly limited circumstances set out below.
- In certain circumstances we may share your information with affiliated companies and service providers who perform functions on our behalf such as information processing or printing, as well as our internet service provider. These third parties must at all times provide the same levels of security for your information as us and, where required, are bound by a legal agreement to keep your information private and secure.
- We may also supply your information to government bodies and law enforcement agencies but only: if we are required to do so by the requirements of any applicable law; if in our good faith judgment, such action is reasonably necessary to comply with legal process; to respond to any claims or actions; or to protect our rights or those of our customers and the public.
Transmission of Data Overseas
In certain circumstances, we may transfer your personal information to countries outside the European Economic Area (EEA). This may include circumstances where we use service providers who are based outside the EEA or who use “cloud” infrastructure which means that their servers are based all over the world. Where we transfer your information to companies outside the EEA, we will make sure it’s protected in a manner that is consistent with how your information will be protected by us. This can be done in a number of different ways, for instance:
- The country that we send the information to might be approved by the European Commission.
- The recipient company might have signed a contract obliging them to protect your information.
- The recipient is located in the US and is a certified member of the EU-US Privacy Shield scheme.
In other circumstances the law may permit us to otherwise transfer your information outside the EEA. In all cases however, we will ensure that any transfer of your information is compliant with the current Data Protection Legislation.
“Cookies” are small pieces of information that are stored by the browser on your computer’s hard drive. They make it possible to identify returning users to our website.
We use a cookie to track navigation through the website – allowing us to assist in your navigation of the site.
We use Google Analytics to analyse the use of our website and help us create a more useful and easy to use site. Google Analytics uses several small text files called ‘cookies’ which are saved on your computer, to collect standard internet log information and visitor behaviour. The data collected is completely anonymous and does not store any personal details.
The information, collected by Google through the use of the cookie (including your IP address), is used to analyse how visitors make use of the website and allows RTC Leadership & Coaching to gather statistical information such as website activity, visitor numbers, popular pages etc.
If you would like to opt out of being tracked by Google Analytics you can use the opt out tool at: http://tools.google.com/dlpage/gaoptout.
Children Under Thirteen
Our products and services are not intended to be used by children under 13 years old. We will never knowingly collect data from or on children below 13 years old. If you become aware of such a child (or another person) supplying data on that child to us, please contact using the details shown in the ‘Contact us’ section at the end of this Privacy Notice.
More information on your rights can be found at https://ico.org.uk/for-the-public/personal-information/.You have a number of legal rights in relation to the information that we hold about you, including:
- Right to be informed: individuals have the right to be informed about the collection and use of their personal data. This Privacy Notice forms part of this right.
- Right to access: You have the right to request access to your personal data held by us. Requests will be handled within one month of receipt basis, unless there is a legal or other basis not to comply, of the request, as long as the required information has been provided to us or it is a complicated and difficult to provide request, and free of charge with the exception of where requests are manifestly unfounded or excessive we hold the right to charge a reasonable fee taking into account the administrative costs of providing the information.
- Right to rectification: You have the right to have personal data rectified if inaccurate or incomplete. Where the personal data in question has been disclosed to a third party, they will be made aware of the rectification where possible.
- Right to erasure: You have the right to request the deletion or removal of personal data in the following circumstances:
- Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
- When you withdraw consent.
- When you object to the processing and there is no overriding legitimate interest for continuing the processing.
- The personal data was unlawfully processed (e.g. otherwise in breach of the Data Protection Act 2018).
- The personal data has/has not to be erased in order to comply with a legal obligation.
This does not provide an absolute “Right to be forgotten”. Where the personal data in question has been disclosed to a third party, we will inform them about the erasure of the personal data, unless it is impossible or involves disproportionate effort to do so. Personal data will be erased by removal from our internal and cloud servers.
- Right to restrict processing: You have a right to ‘block’ or suppress processing of personal data if you contest its accuracy; have objected to the processing; processing is unlawful and you oppose erasure; we no longer need the personal data but you require the data to establish, exercise or defend a legal claim. Where the personal data in question has been disclosed to a third party, we will inform them about the restriction on processing of the data, unless it is impossible or involves disproportionate effort to do so.
- Right to data portability: You have the right to obtain and reuse your personal data for your own purposes. Requests will be handled within one month of receipt of the request, unless it is impossible or involves disproportionate effort to do so.
- Right to object: Individuals have the right to object to processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling), direct marketing (including profiling) and processing for purposes of scientific/historical research and statistics.
You also have the right to make a complaint with the Information Commissioner at www.ico.org.uk if you think that any of your rights have been infringed by us. We will always welcome the opportunity to remedy any complaint beforehand.
All requests will be dealt with in your own merit, and in accordance with the Data Protection Legislation guidance.
Should a data breach occur, we have compliant procedures in place to investigate and report the matter to the Individual. In the event of a breach, it will be reported to you within 72 hours of discovery. A record of any breaches will be kept by the company.
You can exercise your rights by contacting us using the details set out in the “Contact Address” section below.
Changes to the privacy notice
RTC Leadership & Coaching
20 Grosvenor Crescent
Edinburgh EH12 5EL
Tel: +44 (0)131 535 1030