The EU General Data Protection Regulation (“GDPR”) has come into force across the European Union on May 25th 2018 and brings with it the most significant changes to data protection law in two decades. Based on privacy by design and taking a risk-based approach, the GDPR has been designed to meet the requirements of the digital age.

The 21st Century brings with it broader use of technology, new definitions of what constitutes personal data, and a vast increase in cross-border processing. The new Regulation aims to standardise data protection laws and processing across the EU; affording individuals stronger, more consistent rights to access and control their personal data.

The GDPR applies to data processing carried out by organisations operating within the EU. It also applies to organisations outside the EU that offer goods or services to individuals in the EU.


Security of information and privacy are BUSINESS NAME most important assets. It is in our greatest interest that you have confidence in how we handle your personal data.

We place a high importance on information security and we already comply with a number of standards that focus on it.

We will always comply with the GDPR as a processor and controller of data.

In our role as a data processor, we are responsible for implementing appropriate technical and organisational measures to meet the requirements of GDPR, ensuring a level of information security appropriate to the risk, and acting in accordance with the relevant data controller’s instructions.

We are committed to safeguarding your privacy online. We will not knowingly support any use of your information which is illegal or which contravenes the laws or common practice in the country of your origin.

BUSINES NAME is committed to ensuring that your privacy is protected and that there is transparency with regard to the processing of your information. Should we ask you to provide certain information by which you can be identified, then you can be assured that it will only be used in accordance with this statement.


This Statement mainly applies but is not limited to:




Our Privacy Policy sets out how we handle data including how we collect, store and use personal data and sensitive personal data, our lawful bases for processing personal data, information on transfers outside the European Economic Area (EEA), as well as the rights of data subjects, including the right to withdraw consent. We also use fair collection/ processing notice at key data capture points. This notice includes information, and consents where applicable, at the relevant data capture point.

Please see our Privacy Policy (below).


We already have a consistent level of data protection and security across our organisation, however it is our aim to be fully compliant with the GDPR by 25th May 2018.

We’ve revised data protection policies and procedures to meet the requirements and standards of the GDPR and any relevant data protection laws, including but not only:

  • Privacy Policy (see below) – We have revised our Privacy Policy to comply with the GDPR, ensuring that all individuals whose personal information we process have been informed of why we need it, how it is used, what their rights are, who the information is disclosed to and what safeguarding measures are in place to protect their information
  • Terms and Conditions  – We have also revised our Terms and Conditions to comply with the GDPR
  • Legal Basis for Processing – We have revised all processing activities to identify the legal basis for processing and ensuring that each basis is appropriate for the activity it relates to. Where applicable, we also maintain records of our processing activities, ensuring that our GDPR obligations are met
  • Obtaining Consent – We have revised our consent mechanisms for obtaining personal data, ensuring that individuals understand what they are providing, why and how we use it and giving clear, defined ways to consent to us processing their information. We have developed stringent processes for recording consent, making sure that we can evidence an affirmative opt-in, along with time and date records; and an easy to see and access way to withdraw consent at any time.
  • Data Protection Impact Assessments (DPIA) – Where we process personal information that is considered high risk, we have developed stringent procedures for carrying out impact assessments that comply fully with the GDPR. We have implemented processes that record each assessment, allow us to rate the risk posed by the processing activity and implement mitigating measures to reduce the risk posed to the data subject(s).


BUSINESS NAME, as a Consultation/Coaching company, is committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have already put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.

We will collect and look after your data for the purpose of delivering services and information to you that you have requested and to correspond with you about our Services. We will never pass your information to any external party outside of BUSINESS NAME unless required by law to do so. We will never, ever, give, sell or lease your personal information to anyone outside of our organisation.

If you have subscribed to our services, signed up for the newsletter, survey or similar, we will include you on our mailing list for our regular newsletter and occasional news of our services.

You can opt out of this communication permanently at any time.


BUSINESS NAME will always respect your rights that concern the protection of your personal data.

A) Right to be informed

You have the right to be informed about the collection and use of your personal data. We are obligated to provide you with the following information:

  • the purposes for processing your personal data
  • our retention periods for that personal data

We do not need to provide you with privacy information if you already have them or if it would involve a disproportionate effort to provide it to you.

The information we provide to you will be always concise, transparent, intelligible, easily accessible, clear and easy to understand. We will, of course, be open to feedback on our documents if you feel there is scope for clarification.

We provide individuals with privacy information at the time we collect their personal data from them.

B) Right of Access

You have the right to access your personal data and supplementary information. This right allows you to be aware of and verify the lawfulness of the processing.

You have the right to obtain:

  • confirmation that your data is being processed
  • access to your personal data; and
  • other supplementary information – this largely corresponds to the information that is provided in our Privacy Policy

We are obligated to provide a copy of the information requested. We will verify the identity of the individual making the request, using “reasonable means”. If the request is made electronically, we will provide the information in a commonly used electronic format.

C) Right to Rectification

Personal data is inaccurate if it is incorrect or misleading as to any matter of fact. You have the right to have inaccurate personal data rectified, or completed if it is incomplete.

When a request is made, we will verify the identity of the individual making the request, using ‘reasonable means’. If the request is made electronically, we will provide the information in a commonly used electronic format.

If we receive a request for rectification, we will take reasonable steps to confirm that the data is accurate and to rectify the data if necessary. We will also take into account the arguments and evidence provided by the data subject.

D) Right to Erasure

You have the right to have personal data erased. This is also known as the “right to be forgotten”.

The right is not absolute and only applies in certain circumstances.

We already have processes in place to ensure that we respond to a request for erasure.

If you no longer want to use our services and you want your personal information to be erased, you may request it by contacting us at any time.

Please note, we may not be able to honour these requests when they conflict with legal circumstances and requirements that we are obligated to fulfil.

We will explain this to you if and when such a conflict arises.

E) Right to Restrict Processing

You have the right to restrict the processing of your personal data in certain circumstances. This means that you can limit the way that we use your data. This is an alternative to requesting the erasure of your data (see above).

We have processes in place to ensure that we respond to a request for restriction without undue delay and within one month of receipt.

F) Right to data portability

The right to data portability allows you to obtain and reuse your personal data for your own purposes across different services.

It allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.

The right to data portability only applies:

  • to personal data you have provided to a controller
  • where the processing is based on your consent or for the performance of a contract
  • when processing is carried out by automated means.

We are obligated to provide the personal data in a structured, commonly used and machine readable form. Open formats include CSV files. Machine readable means that the information is structured so that software can extract specific elements of the data. This enables other organisations to use the data.

The information provided is free of charge.

If you request it, we may be required to transmit the data directly to another organisation if this is technically feasible. However, we are not required to adopt or maintain processing systems that are technically compatible with other organisations.

Clarification: This pertains only to your personally identifiable data.

G) Right to Object

You have the right to object to:

  • processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling)
  • direct marketing (including profiling)
  • processing for purposes of scientific/historical research and statistics

You must have “grounds relating to your particular situation” in order to exercise your right to object to processing for research purposes.

We are obligated to halt processing personal data for direct marketing purposes as soon as we receive an objection.

H) Rights related to automated decision making including profiling

Automated individual decision-making is a decision made by automated means without any human involvement. It does not have to involve profiling, although it often will do.

We do not currently use your personal data to make automatic decisions about you. If this changes in the future you will be notified.


You are always welcome to communicate with us about the exercise of your rights concerning the protection of your personal data.

We only accept written requests since we cannot deal with verbal requests immediately without first:

  • analysing the content of the request; and
  • adequately verifying your identity.

Your request should contain a detailed, accurate description of which right you want to exercise.

We will respond to your request without delay and at the latest within one month of receipt.

We will extend the period of compliance by a further two months where requests are complex or numerous. If this is the case, we will inform you within one month of the receipt of the request and explain why the extension is necessary.

We do not charge a fee to comply with your request.


If you have any questions about our stance on data protection matters generally or how we process personal data, please refer to our Privacy Policy. This will be updated in respect of GDPR prior to the implementation date. In the meantime, if you have any questions on our steps towards implementation of GDPR requirements, please feel free to contact us by:

using Contact Us section of our websites where available; or sending email to (mailto:)

We are fully committed to ensuring that we act in accordance with various global data protections laws as applicable, including GDPR, and will take seriously any data protection concerns you raise with us.


You have a right to lodge a complaint with a supervisory authority. For the detailed information, please see here: 

The term ‘BUSINESS NAME’, ‘SHORT BUSINESS NAME’, ‘SHORTER BUSINESS NAME’ or ‘OTHER NAME’ refers to the owner of this website whose registered office is BUSINESS ADDRESS, United Kingdom. Our company registration number is BUSINESS NUMBER.

Last Update: DAY MONTH 2018 @ XX:XX am/pm

Privacy Policy



The European Union’s General Data Protection Regulation (GDPR) takes effect from May 25, 2018. GDPR regulates the governance of personal data for EU citizens with an emphasis on data security and privacy. The GDPR does not only apply to companies that operate in the EU. This regulation will also impact companies operating outside of the EU if they have any EU customers or personal data of anyone in the EU.

The GDPR imposes additional requirements upon companies to strengthen the security around, and enhance the protection of, personal data of EU residents.

BUSINESS NAME, as a TYPE OF BUSINESS company, has made information security and data privacy foundational principles of every step we take, long before GDPR was ever introduced.

We recognise the importance of passing regulations to advance information security and data privacy for citizens of the EU, and all citizens, regardless of their location.

We are firmly committed to GDPR compliance – please see our GDPR Statement (above) for further in-depth details.


Our main services include, but are not limited to:



This privacy policy pertains to all services we offer whether they’re listed here explicitly in this document or not.


This Privacy Notice is meant to help you understand what Personal Data we might collect, why we collect it, and what we do with it. It also describes the choices available to you with regard to the use of your Personal Data and how you can access and update this information.

We are committed to protecting the privacy of our websites visitors (“Visitor”), individuals/businesses that purchase our services (“Customer”) and individuals who register with our website or services (“User”).

We have adopted the following principles to govern its use, collection, and transmittal of Personal Data, except as specifically provided by this Policy or as required by applicable laws:

  • Personal data will only be processed fairly and lawfully
  • We do not collect any more personal data than is necessary to provide the services
  • We only use your personal data for the purposes we specify in this Privacy Notice, unless you agree otherwise
  • We do not keep your personal information if it is no longer needed
  • We do not sell, distribute or share your personal information with third parties
  • You can have your data updated at any time
  • You can remove your data at any time
  • You can request a copy of the data we store on you at any time
  • Personal data is securely stored and managed


Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data.

Personal data is subject to the protection requirements set out in the GDPR.

Examples of data considered as personal data:

  • a name and surname
  • a home
  • an email address such as
  • an identification card number
  • location data (for example the location data function on a mobile phone)
  • an IP address
  • a cookie session ID
  • the advertising identifier of your phone

Examples of data not considered as personal data:

  • a company registration number
  • an email address such as, sales@ enquiries@
  • anonymised data e.g. statistical data


We collect and maintain information about our Customers and Users, which may include:

  • First and last name
  • Postal address
  • Phone and mobile number
  • Website URL
  • Email address
  • Credit card information* – BUSINESS NAME does/not (SELECT) currently receive or store client credit card details. But we may do so in the future if need arises.
  • Other billing information, i.e. order details, subscription and license information
  • Profile data of Customer’s authorised users and account administrators
  • In addition, we collect User’s profile data (name, email).
  • In order to communicate with us or to use our services, you may be prompted to provide certain personal data in the following ways:

By filling in forms (i.e. a “Contact Us” (hyper-link) form) on our websites or anywhere else we conduct business

  • Contact us offline (i.e. by phone, SMS, email or post)
  • By downloading or accessing our services
  • When you register to use our websites, applications or services. This may include your name, postal address, phone and mobile numbers, URL, email address.
  • When you place an order using our websites, applications or services. This may include your first and last name, postal address, phone and mobile numbers, website address, email address and payment details.
  • By subscribing to our newsletters, taking part in surveys, post on our message boards, post any blogs, enter any competitions or prize draws, or any other communications
  • Interact with us using social media eg Twitter, Facebook, LinkedIn, Google+, Instagram
  • By corresponding with us by phone, email or otherwise using our contact details

Typically, the personal data you give us may include name and email address, and any personal details required to resolve any enquiries or complaints.


When Customers or Users contact us for support or other customer service requests, we maintain support tickets and other records related to the requests, including any information provided by Customers or Users related to such support or service requests.


We use personal data provided by you to provide the services and for business purposes such as processing and fulfilling orders, marketing, and for other general purposes.

We will never share your personal data, or otherwise make your personal data available to any third parties for the purposes of marketing or targeting you. We will not sell, rent, or exchange your personal data with any third-parties. If, for whatever reason this needs to change in the future, we would never do so without your express permission.

We use your personal data we collect to:

  • Conduct and develop our business with you
  • Operate, evaluate, maintain, improve and develop the websites (including by monitoring and analyzing trends, access to, and use of the websites for advertising and marketing)
  • Monitor, carry out statistical analysis and benchmarking (i.e. Google Analytics for sites pages tracking), provided that in such circumstances it is on an aggregated basis which will not be linked back to you or anyone else
  • Engage and educate you about our services
  • Provide you with documentation or communications which you have requested
  • Correspond with you to resolve your queries or complaints
  • Provide you with any services you request
  • Send you marketing communications, where it is lawful for us to do so
  • Protect and ensure safety of the all data collected


All of your Personal Data remain private and confidential. The security of your Personal Data is extremely important to us.

We follow generally accepted standards to protect personal data submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security. All our websites use SSL to encrypt any data that is transmitted from you to our websites, also any forms that are sent from our websites are also encrypted.

However, we adopt physical, technical, organisational and policy measures to ensure that your Personal Data is protected, including the prevention of their alteration, loss, damage, unauthorised processing or access, having regard to the nature of the Data, and the risks to which they are exposed.

We will never request your account credentials. You should never share your account information with anyone else, including your username and password. We recommend that you use a unique password for your appropriate accounts that you have with us on our various services, that is not in any way associated with other websites. You should check your account regularly to ensure that your Personal Data has not been tampered with or altered.

Any suspicious activity regarding your account, including automated messages from parties you cannot identify, should be reported to your website Administrator and us using the contact information below.


We use various 3rd party services to the collection, management and processing of our data.

Our commitment to data protection and information privacy demands the use of 3rd party services that are also committed to the same end.

All our 3rd party services will be GDPR compliant and will themselves have their own applicable privacy policies.

All such 3rd parties and their relevant policies are listed at the end of this policy notice.


Where lawful to do so, and subject to your consent where required, we may communicate with you about our services. If you wish to unsubscribe from receiving these kind of communications, you may do so at any time.


Cookies are small text files that are placed on your computer by websites that you visit. These text files can be read by these websites and help to identify you when you return to a website. Cookies can be “persistent” or “session ID” cookies. Persistent cookies remain on your computer when you have gone offline, while session ID cookies are deleted as soon as you close your web browser.

We may use both session ID cookies and persistent cookies. For session ID cookies, once you close your browser or log out, the cookie terminates and is erased. A persistent cookie is a small text file stored on your computer’s hard drive for an extended period of time.

In general, cookies are used to retain user preferences, store information, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser.

For the detailed information about how we use cookies, please read our Cookie Policy (Hyper-link).


Our websites, documentation pages or blog might include links to other websites whose privacy practices may differ from those of our own. If you submit information to any of those sites, your information is governed by their respective privacy policies. We encourage you to carefully read the Privacy Policy of any website you visit before engaging with them in any way.

We absolutely cannot take responsibility for any interaction you have with 3rd parties or services that are not directly our own.


As our Customer or User, you have the right to:

  • Be informed about the processing of your personal data
  • Object or restrict the processing of your personal data
  • Ask for a copy of the information about the data we store on you at any time.
  • Correct, update, amend, or remove personal data. If you no longer want to use our services, you may request it to be deactivated at any time.
  • Rights in relation to automated decision making which has a legal effect or otherwise significantly affects you
  • The right to complain to the Information Commissioner’s Office which enforces data protection laws: . You can also contact us using the details below.


It is important to note that you also have responsibilities when it comes to Data Protection.

One such important case is where you may request from us a copy of the information about the data we store. We are obliged to ensure that the request is legitimate and does in-fact originate from you.

In this regard, we will undertake steps in an attempt to verify the legitimacy of the request, before releasing such information. If you do not cooperate in this, or we cannot satisfiably verify legitimacy, we may not release such information in a timely manner. To act otherwise could represent a significant breach of privacy. As such, we request your full cooperation in this regard – any requests on our part to verify your request will be undertaken solely to protect against breach of your personal information.


Where we’re relying upon your consent to process personal data, you can withdraw this at any time by contacting us using the details below.


We sometimes make decisions about you using only technology, where none of our employees or any other individuals have been involved.

We’ll do this where it is necessary or is based on your explicit consent.


Data Retention Period is the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period.

Unless we explain otherwise to you, we’ll hold your personal information based on the following criteria:

  • for as long as we have reasonable business needs, such as managing our relationship with you and managing our operations
  • for as long as we provide services to you
  • retention periods in line with legal and regulatory requirements or guidance

If none of these criteria apply, we commit to purging any Personal Data no later than 16 months following your latest interaction/exchange with our services.


We are required by law to be able to report sales and tax information for up to 7 years. In this case we must retain any pertinent information of these transaction. We will have no choice to but to refuse any requests to erase this type of information from our records as they are required by law.


We may change this Privacy Notice from time to time by updating this page in order to reflect changes in the law and/or our privacy practices. We encourage you to check this Privacy Notice for changes whenever you visit our websites.


We are a dedicated data controller of your personal data. We have a Data Protection Officer you can reach any time by using the details below.


If you have any questions about this Privacy Notice or complaints about how we process your Personal Data and you want to contact our Data Protection Officer, you can do that by going to the Contact Us section of our websites or send email to (mailto:). Your issue will be resolved as quickly as possible.



The term ‘BUSINESS NAME’, ‘SHORT BUSINESS NAME’, ‘SHORTER BUSINESS NAME’ or ‘OTHER NAME’ refers to the owner of this website whose registered office is BUSINESS ADDRESS, United Kingdom. Our company registration number is BUSINESS NUMBER.

Last Update: DAY MONTH 2018 @ XX:XX am/pm