Below is my GDPR Compliant Privacy Policy

 

Who Is The Data Controller?

 

I, Sarah Walsh, am the data controller for Not Another Life Coach. It is important that the information I hold about you is accurate and up to date. Please let me know if at any time your personal information changes by emailing me at coaching@notanotherlifecoach.com

 

What data do I collect about you and why?

 

Personal data means any information capable of identifying an individual. It does not include anonymized data. I may process the following categories of personal data about you:

 

Communication Data - This includes any communication that you send to me, such as through email, text, social media messaging or social media posting. I process this data for the purposes of communicating with you, for providing services, for record-keeping and for the establishment, pursuance or defence of legal claims. My lawful ground for this processing is a legitimate interest which in this case is my business interest.

 

Customer Data - This includes data relating to any purchases of services such as your name, title, billing address, email address, phone number, contact details, purchase details and your card details. I process this data to supply the services you have purchased and to keep records of such transactions. My lawful ground for this processing is the performance of a contract between you and me.

 

I will only use your personal data for the purpose it was collected for. Should I need to use your details for an unrelated new purpose, I will inform you and explain the legal grounds for processing. I may process your personal data without your knowledge or consent where this is required or permitted by law.

 

How I Collect Your Personal Data

I collect data about you by you providing the data to me (for example by sending me e-mails or through your response to social media adverts). I may also receive data from other organisations such as Facebook based outside the EEA, or providers of scheduling and payment services such as Acuity Scheduling or Stripe, also based outside the EEA.

 

​

Disclosure of Your Personal Data

I may need to share your personal data with other parties, such as lawyers, auditors and insurers. I may also need to share it with professional bodies such as, but not limited to, The International Coaching Federation and The Association for Coaching solely for accreditation purposes.

 

International Transfers

Some service providers I use, such as Stripe and Acuity Scheduling, are based outside the European Economic Area (EEA) and the United Kingdom (UK), meaning their processing of your personal data will involve a transfer of data outside the EEA and the UK. As these companies operate within the EEA and the UK, they are also subject to the General Data Protection Regulation (GDPR). Stripe’s privacy policy can be found here: https://stripe.com/gb/privacy and Acuity Scheduling’s here: https://help.acuityscheduling.com/hc/en-us/articles/360003334751

 

Data Security

I take appropriate technical and organisational measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorisation.

 

Data Retention

I will only retain your personal data for as long as necessary to fulfil the purposes I collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

  

For tax purposes, the law requires that I keep basic information about clients (including contact, identity, financial and transaction data) for 6 years after they stop being a client. The terms of my professional insurance provider require that I keep the above, as well as coaching session notes, for 6 years after sessions have ended.

 

Your Legal Rights

Under data protection laws you have rights in relation to your personal data. You can see more about these rights at:

https://ico.org.uk/your-data-matters/

If you wish to exercise any of the rights set out above, please email me at coaching@notanotherlifecoach.com