We take your data privacy seriously. We focus on delivering coaching to help you meet your business or personal goals. In order to provide you with our services we collect and use personal data which means that we are a ‘Data Controller’ and we are responsible for and committed to protecting your privacy and complying with the UK General Data Protection Regulations (GDPR), Data Protection Act 2018 and any subsequent laws or regulations applicable.
In this Privacy Notice, we want to inform you about what information we collect, how we use it and what rights individuals have in relation to the collection and processing of their personal data. Our contact details Name: Jay Jupp Address: Brookfield Court Selby Road, Garforth, Leeds, England, LS25 1NB, E-mail: jay.jupp@innerreachcoaching.co.uk
If you have any questions in respect of this Privacy Notice or how we manage your personal data, please contact us using the contact details above.
The type of personal information we collect
We currently collect and process the following information:
• General contact details such as, name, address, email address, telephone number
• Job title or Role of the person whose information we are processing
• Business Activities and job descriptions
• Details of Services provided to you
• General Communications between you and us
• Financial Details – such as payment or bank details
• For recruitment work or interview support: work and education history
• Information collected through our use of cookies
• Your marketing preference
How we get the personal information and why we have it?
In most cases we collect personal information we process provided to us directly by you for one of the following reasons:
• To provide leadership coaching, talent coaching, career coaching, interview support be that CV writing, interview prep
• To provide support or greater self-awareness using tools such as MBTI Emotional Intelligence report, and other personality tools. Each provider will have their own privacy and data policy which we are not responsible for.
• You may provide personal information through our website’s online ‘contact us’ form or via WhatsApp Chat and this is usually limited to first name, surname, telephone and or email address.
• Provide information during a meeting or Consultation to discuss our services
• Speak to us on the telephone to discuss our services
• Email or write to us
• In relation to working freelance or employment with us
• Send us a CV
Whose information do we collect?
We collect personal data while delivering our services. This can belong to clients, enquirers, contracted associates, suppliers, and individuals nominated as points of contact. We also receive personal information indirectly, from the following sources in the following scenarios:
• Social Media Sites including LinkedIn
• Public sources – demographic data, Market Research
• Credit Agencies and publicly available company data such as Companies House
• Or if you are nominated as a point by your organisation
• Where you are a participant in one of our programmes delivered on behalf of your employer – on those occasions your employer is the Data Controller, and we act as the Data Processor on their behalf.
We use the information that you have given us to carry out the services listed above in ‘How we get the personal information and why we have it’ section. If we need to share personal information with anyone or an organisation, we will always seek the data subject's permission first.
Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information.
Why we do we collect your information?
Where we collect and process personal data, we identify both the purpose and legal basis for doing so. There are 6 possible legal bases which are:
(a) Consent: Where we have consent from the individual to process their personal data for one or more specific purpose. Consent can be removed at any time. You can do this by contacting: jay.jupp@innerreachcoaching.co.uk.
(b) Contract: Where the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into contract.
(c) Legal obligation: The processing is necessary for compliance with a legal obligation to which we are subject.
(d) Vital interest: Where the processing is necessary to protect the vital interests of the data subject or another natural person.
(e) Public Interest: Where the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
(f) Legitimate interest: Where the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
Our purpose and legal basis for the information we collect, and process allows us to:
To understand your requirements prior to entering into a contract of service with clients - The processing is necessary for the performance of an anticipated Contract.
To understand all requirements to ensure that any contract of service or programme meets our clients’ needs - The processing is necessary for the performance of a Contract.
To fulfil our contract and provide clients with the agreed services therein - The processing is necessary for the performance of a Contract.
To manage our business operations and comply with any internal policies and procedures - It is in our legitimate interests to use your personal information to ensure that we provide and adapt our services.
To notify you about changes to our service - It is in our Legitimate Interests to use your personal information to keep you informed about any changes that may affect you.
For Marketing of similar services to existing customers - It is in our Legitimate Interests to use your personal information for marketing purposes where the services being marketed are relevant to you.
For electronic Marketing of services to new customers via personal business email addresses - It is in our Legitimate Interests to use your personal business email addresses for marketing purposes where we can support individual’s rights.
For Marketing of similar services to new customers - We rely on Consent for direct marketing to previously unknown individuals.
To comply with our legal obligations, law enforcement, court and regulatory bodies requirements - To comply with our Legal Obligations.
To identify and prevent fraud - It is in our Legitimate Interests to act as a responsible business.
To decide whether to enter into a contract of employment - The processing is necessary when considering an employment Contract.
To carry out background and reference checks in relation to recruitment - The processing is necessary when considering an employment Contract.
To communicate with you about a potential or existing contract (for service or employment) - The processing is necessary for the performance and compliance with any Contract of employment.
International data transfers
We may work with Associates who may be located outside of the UK. In addition, with today’s modern technology including Cloud Storage and software, some recipients of your personal data can be located outside your country or have offices in countries where data protection laws may provide a different level of protection than the laws in your country.
Where this is the case, we make sure that additional safeguards are in place such as ensuring that those countries have a decision of adequacy or those associates, and providers have entered into standard contract clauses with us in their terms to support the ongoing protection of your data. Automated decision-making or Profiling
We do not process personal data for automated decision making or profiling.
How long do we keep personal data for?
We will retain personal data in accordance with legal and regulatory requirements and for no longer than is necessary to fulfil the purposes set out in this privacy policy. We maintain and review a detailed retention policy which documents how long we will hold different types of data. The time period will depend on the purpose for which we collected the information and is never on an indefinite basis. Subsequently, we will delete your personal data in accordance with our data retention and deletion policy or take steps to properly render the data anonymous, unless we are legally obliged to keep your personal data longer (e.g. for tax, accounting or auditing purposes).
The following details the criteria used to establish the retention period set out within our policy:
Where it is still necessary for the provision of our Services
This includes the duration of any contract for services we have with you and for a period of 3 years after the end of any contract with a view to maintaining and improving the performance of our products, keeping our systems secure, and maintaining appropriate business and financial records. Most of our retention periods are determined on the basis of this general rule.
Where required by Statutory, contractual, or other similar obligations
corresponding storage obligations may arise, for example, from laws or regulation. It may also be necessary to store personal data regarding pending or future legal disputes. Personal data contained in contracts, notifications and business letters may be subject to statutory storage obligations depending on national law. Where this is the case will retain the data in accordance with our obligations.
Who do we share your information with?
From time to time, we may share your personal information with the following third parties for the purposes set out above:
• Our Accountant or Payment Service Providers
• Associates or Freelance Service Providers
• Regulators and Governing bodies, Lawyers and other Professional Services
• Software and Cloud storage providers
• Fraud detection Agencies
• Police and Law Enforcement agencies where reasonably necessary for the prevention or detection of crime
• Regulators and governing bodies such as HMRC in respect of employment & Payroll data
• Selected Third Parties in connection with any future sale, transfer, or disposal of our business.
Your data protection rights Under GDPR, data protection law, you have rights including:
Your right of access - You have the right to ask us for copies of your personal information.
Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing - You have the the right to object to the processing of your personal information in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. Please contact us at jay.jupp@innerreachcoaching.co.uk, or write to us at Brookfield Court Selby Road, Garforth, Leeds, England, LS25 1NB if you wish to make a request.
Cookies & similar technologies When you visit our website, we use cookies and similar technologies to provide you with a better, faster and safer user experience or to show you personalised advertising. Cookies are small text files that are automatically created by your browser and stored on your device when you visit or use the Website. To learn more about how to manage your browser cookie settings in general please see www.allaboutcookies.org.
Remember: When clicking on external links via our website or when you find us via social media platforms, you are visiting or redirected to the domain of those websites. We have no control over the privacy settings on these websites or the cookies they set, so please bear in mind that you should set your preferences in line with their own policies and cookie controls separately.
Data security We store customer records in cloud-based services and data centres which have controlled and restricted access. We also operate internal policies and procedures detailing physical security, cloud storage security monitoring, access control and password security measures.
Changes to our Privacy Notice
All businesses change from time to time. At Inner Reach Coaching we keep our Privacy Notice under regular review. This Privacy Notice was last updated on 01 September 2022.