Privacy Notice

I respect your privacy and am committed to protecting it. The purpose of this Privacy Notice is to explain what personal or sensitive information I collect and how it may be used. 

Why I collect information about you

I collect information about you to provide you with coaching and training services and because it supports the provision of a safe and professional service. You don’t have to agree to share information with me, however, in many cases the service I can provide will be restricted if you don’t.

I may also collect information about you if I’m providing other services to you including consultancy or for research purposes.

Finally, I may also ask for information on how you found my service for the purpose of my own marketing research and personal development. No information you provide is passed on without your consent. I’ll never sell your information to others.

The information I collect about you

In order to provide a safe and professional service I may collect information about you that includes personal and sensitive information. This information may include:

  • Name

  • Address

  • Telephone number

  • Email address

  • Date of birth

  • Occupation

  • Personal relationships & children

  • Friendships

  • Medical conditions

I also process personal data relating to running my business such as keeping invoices and receipts and documents relating to accounts, VAT and tax returns.

How I collect information about you

I collect information in various different ways:

  • As part of the contracting stage of working with me in order to provide you with the service

  • Through phone or email conversations, social media messaging or any other communication

  • During our coaching and training conversations or research interviews

  • When you complete a contact form or web-based enquiry 

  • When you voluntarily complete surveys or give feedback or enter a competition or prize draw

  • When you leave comments on my website

  • When you subscribe to my newsletter

  • Through user data showing how you use my website and any online services

  • Through technical data showing details such as your IP address, your login data, details about your browser, length of visit to pages on our website, page views and navigation paths, details about the number of time you use my website, time zone settings 

  • Through your marketing and communications process

I may automatically collect certain data from you as you use my website by using cookies and similar technologies.

About data from third parties

I may receive data from third parties such as analytics providers such as Google based outside the EU, advertising networks such as Facebook based outside the EU, such as search information provide such as Google based outside the EU, providers of technical, payment and delivery services, such as data brokers or aggregators.

We may also receive data from publicly available sources such as Companies House and the Electoral Register based inside the EU.

How I use information about you

I use your information to:

  • Respond to your enquiries

  • Communicate with you about our work together

  • Offer high quality coaching, training and online courses

  • Create invoices and contracts

  • Analyse your use of my website and other online services

  • Communicate with you for marketing purposes

  • Deliver relevant content and advertisements to you

  • Understand the effectiveness of advertising 

  • Enable you to take part in promotions, prize draws and free give-aways

  • Protect, investigate and deter against unauthorised or illegal activity

Also, in order to maintain my professional qualifications, the International Coach Federation (ICF) require me to maintain a record of traceable professional work. This includes your name, email address and our coaching time together. 

The further legal reasons for processing your data is my legitimate interest to:

  • Reply to communications sent to us and keep records

  • Establish, pursue or defend legal claims

  • Properly administer my website, online services and my business

  • Grow my business and decide on my marketing strategy

  • Understand how customers use my products/services and develop them

You can withdraw consent to share this information at any time.

How I store and share information about you

I take your privacy very seriously and I’m committed to taking reasonable steps to protect any individual identifying information that you provide to me. Once I receive your data, I make best efforts to ensure its security on my systems. All personal information is stored in compliance with the EU GDPR rules.

Your data may be stored in the following ways:

  • Written session notes. Only initials are written on session notes or in a diary. Whenever possible, notes are transported separately from your contact details and both are kept in locked cabinets. 

  • Email correspondence between us is stored in my email account including your email address and anything you disclosed in emails or attachments. I regularly delete emails, however, please be aware that email is not a secure mode of communication and you may prefer to communicate personal information to me directly in person or on the telephone. My smartphone and computer are password protected.

  • Electronic information is held in highly secure encrypted cloud storage or on an encrypted hard-drive. These are password protected. Malware and antivirus protection is installed on all computing devices. Mobile devices are protected with a passcode. 

  • Your telephone number may be stored in my SMS if we have communicated in this way.  

  • If you chosen to pay me by electronic bank transfer then I may hold a record of this transfer through my bank. This data is secured by the bank’s data security systems. 

How long I keep your information for

I do not keep your data for longer than is necessary.

Administrative data is retained for up to seven years as necessary, in the unlikely event there are queries from HMRC and the VAT commissioner. Where it’s not necessary to retain the data for seven years, it’s destroyed as soon as possible. 

The sensitive personal data defined above is stored, where necessary, for seven years in compliance with professional guidance and indemnity obligations. After this time, this data is deleted at the end of each calendar year. Where this isn’t necessary, it’s destroyed on the conclusion of the work. 

If you leave a comment on my website, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on my website, I also store the personal information you provide in your user profile. All users can see, edit or delete their personal information at any time (except you cannot change your username). Website administrators can also see and edit that information.

Who I share your information with

I take your privacy very seriously and your information is kept confidential at all times. I work to strict professional and contractual codes of confidentiality and where possible, I’ll anonymise information so that individual people can’t be identified. I’ll only use personal information to provide the services you’ve requested from me. The reasons for sharing information may include:

  • To your employer: if your employer is paying for your coaching, training or online course. I do not disclose any information about our coaching without your prior permission

  • To maintain my professional qualifications: I’m required to hold a coaching log with your name and email address and our coaching work together.

  • In supervision: it’s a professional requirement that I have supervision. I therefore discuss my work with supervisors. I do not disclose your name to them.

  • Risk and safeguarding: in certain circumstances, such as where I believe there is a significant risk to you or to others or where a crime is reported to me, I may have a legal and a professional obligation to share information with third parties without seeking your prior permission.

I may have to share your personal data with other parties:

  • Service providers who provide me with IT and system administration services

  • Professional advisers including lawyers, bankers, auditors and insurers

  • Government bodies that require us to report processing activities

  • Third parties to whom I sell, transfer or merge parts of my business or our assets

I require all third parties I transfer your data to to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.

I won’t share your personal information with third parties for marketing purposes.

Third party links and embedded content

This website may include links to third-party websites, plug-ins and applications and embedded content (e.g. videos, images, articles etc.). Clicking on those links or enabling those connections may allow third parties to collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction. I don’t control these third-party websites and am not responsible for their privacy statements. When you leave my website, I encourage you to read the privacy notice of every website you visit.

Your rights

I’m committed to protecting your rights to privacy. These include the right to:

  • Have a copy of all personal information I process about you

  • Be informed about what I do with your personal data

  • Correct any inaccurate information I have about you

  • Be forgotten and have all your personal data destroyed

  • Restrict the processing of your data

  • Object to the processing of your personal data

I try to be as open as I can be in terms of giving people access to their personal information. You can find out if I hold any personal information by making a ‘subject access request’ or ‘Right of Access’ under the Data Protection Act and the General Data Protection Regulation. I will then supply to you: 

  • A description of all data I hold about you

  • Inform you how it was obtained (if not supplied by you)

  • Inform you why or for what purposes, I am holding it

  • Inform you who it could be disclosed to

  • Inform you of the retention periods of the data

  • Inform you around any automated decision making including profiling

  • A copy of the information, if you wish 

To make a request to me for any personal information I may hold please put the request in writing. You may ask me to correct or remove information you think is inaccurate. 

I try to meet the highest standards when collecting and using personal information. For this reason, I take any complaints I receive about this very seriously. I encourage people to bring it to my attention if they think that my collection or use of information is unfair, misleading or inappropriate. If you do have a complaint, contact me at chris@cjmconsultancy.com so I can look into the matter properly.

If you’re not satisfied with my response or believe I’m not processing your personal data in accordance with the law you’ve the right to raise your complaint with the Information Commissioner’s Office (ICO) at https://ico.org.uk.

If you have any questions about anything here, then please don’t hesitate to contact me.