Privacy Policy
Part 1: Data We Hold
Client Sensitive Data
What do we hold? We hold client dates (business information, coaching notes, psychometrics etc.)Why do we hold it? To enable us to use and recall client- centred information in and around out coaching conversations and training programmes.For how long? For the period we are actively working together + 6 months.What happens next? After this period all data (soft and hard copies) will be deleted.How do we tell them? We tell coaching or training clients this in their coaching or training contracts.Who else might we share it with? No sensitive data is passed onto external contacts. Internally, information may be shared with Indigo Leadership associates working on the contract. For the purposes of on-going CPD, anonymised client data may be shared with a coaching supervisor or the professional body (ICF or AOC)
Client Contact Details
What do we hold? We retain client contact details (email address, mobile phone no., business address and home address) indefinitely.Why do we hold it? To enable us to contact clients before, during and after we work with them.For how long? As long as necessary to maintain the relationship.What happens next? Nothing, unless they ask to be forgotten in which case we will comply within 48 hours.How do we tell them? We tell coaching and training clients this in their coaching or training contracts. Our privacy policy is referenced in our terms of business and is published on our website.Who else might we share it with? No information is passed onto external contacts, with the potential exception of their email address to external providers of psychometric and feedback tools, and for on-going CPD. If applicable this will be specified in the contract.
Potential clients and sponsors
What do we hold? We retain their contact details.Why do we hold it? To keep in touch.For how long? As long as necessary to maintain the relationship.What happens next? Nothing, unless they ask to be forgotten in which case we will comply within 48 hours.How do we tell them? We tell them as part of our initial discussions. Our privacy policy is referenced in our terms of business and is published on our websiteWho else might we share it with? Internally, information may be shared with Indigo Leadership associates working on the potential client or sponsor.
Part 2: How do we hold data?
Our digital data is held securely on password-protected computers and mobile phones, backed up digitally. Our paperwork is held in locked cabinets.Part 3: Response StrategyWe will do everything possible to avoid or minimise the impact of any breach of privacy. In the unlikely event of a breach then we commit to: www.indigo-leadership.org May 2018
Within 72 hours, contacting the person whose details have been compromised to inform them of
the nature of the breach
the information that may have been compromised
the actions we are taking
how we will keep them up to date
Where appropriate, inform the Information Commissioner’s Office (ICO) of the same.
Part 4: External Parties
All Indigo Leadership associate consultants/coaches are required to confirm that they are GDPR compliant before working on any Indigo coaching or training projects.
Part 5: Changes to this Policy
We reserve the right to change this Privacy Policy as we may deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the website and will be communicated via email to all affected parties.
Part 6: How to contact us
Everyone has the right to “be forgotten”, to be able to have their information updated and to see what we hold that relates to them. Should anyone need to contact us regarding any of the above or any matter relating to GDPR, we can be contacted on sks@btconnect.com. We commit to reply promptly but certainly within one week.