Privacy

Throughout this privacy policy, there are words and phrases that have a specific meaning or that we are using in a special way. They are:

"Personal data" “Personal Data” means any information relating to an identified oridentifiable natural person (“data subject”); an identifiable natural person isone who can be identified, directly or indirectly, in particular by referenceto an identifier such as name, an identification number, location data, anonline identifier or to one or more factors specific to the physical,physiological, genetic, mental, economic, cultural or social identity of thatnatural person.

Please note this set of characteristics above is not exhaustive:any information that could be used to identify you, “the data subject” ispersonal data, and this information can be found in any format. This canencompass photographs, correspondence, physical media and so on.
"Special category data" meanspersonal data about a person’s race, ethnic origin, politics, religion, tradeunion membership, genetics, biometrics (where used for ID purposes), health,sex life or sexual orientation.
"You", “Your”, “The data subject” means theperson whose personal data is being processed.
"Data controller" means the organisation which is responsible for processing dataand ensuring that personal data is processed in accordance with data protectionlaw.
"Data Processor" means a natural or legal person, public authority, agency or anyother body which processes personal data on behalf of the controller
“Processing” means any operation or set of operations whichis performed upon personal data or sets of personal data, whether or not byautomated means, such as collection, recording, organisation, structuring,storage, adaptation or alteration, retrieval, consultation, use, disclosure bytransmission, dissemination or otherwise making available, alignment orcombination, erasure or destruction.

Prospect

Most of the information we process comes from you. We process it so we can reply to you, and when you contact us again, we know what you asked before, what you were sent, and what you told us.

Typically, we are collecting name, contact details, how we came across you, and background information from you or published by you on social media or freely accessible on the internet, on why you might be interested in our services or a relevant contact for our business.

If we email you or respond to an email sent to us at any of our business email addresses, a copy of that email will also be stored.

If you make an enquiry via our website, we will keep details of that enquiry and response for our data retention period.

We do not routinely keep special category data. To the extent we hold this, it was supplied or made publicly available by you.

Customers

Once you buy something from us, we will collect information from you at the point of sale. This will include the information we collect from Prospects (above). We collect your email address, phone number and postal address so we can provide what we have contracted to, invoice you and keep proper records of our business relationship.

We process your data to support the delivery of the services you have bought. We keep records of the services provided to you, and information you give us, so we can support you when needed and advise you of any additional services you may need.

When we are processing data about you on behalf of a customer, we are operating under the banner of our customer’s data privacy policy. We will refer any enquiry from you to them, as they are the “data controller” responsible for dealing with your query. But we will support that by providing relevant information to our customer for passing to you.

Associate Business Coaches and Suppliers

We collect information on potential and actual Associate Business Coaches and suppliers. This is mostly provided by you, but we do add to it the same kind of data we use for Prospects (see above).

If you become an Associate Business Coach or supplier, we keep a copy of the contract between us and your bank details so we can pay you. We also keep a record of invoices/payments for accounting purposes.

We keep a record of the work you undertook for us/our customers along with any comments, reviews or suggestions about that work including complaints (if any) and their resolution.

This information is all needed to manage our customer relationships and our supply chain.

Learners

We collect information about potential and actual Learners, in the first instance this information may be passed to us by your employer. Depending on the type of learning programme you embark on with OTD Ltd, you may add to this over time. This could be in the form of learning portals or other necessary documentation to sustain the learning.

The data we hold on you is added to during the course of your learning journey, such data will be added by your Associate Business Coach and / or employer.

Unless otherwise agreed at the beginning of your learning journey, your information will not be shared with another third party, or your employer unless the reasons for doing so are to enable us to continue your development, and to fulfil our contract with your employer.

We will keep a record of the learning you undertook with us, with any comments, reviews or suggestions to support your learning journey. This information will be held securely on a learner management system.

Work Experience Learners

In some circumstances, we also work with individuals undertaking work experience placements. This may include individuals under the age of 18.

In addition to the information outlined above, we may collect and process information to support the delivery of the placement. This may include CV information, strengths or skills profiling outputs, programme schedules, and materials produced during the placement such as presentations or written work.

As part of the placement, we may also document progress and outcomes, which can include recordings or summaries demonstrating development over the course of the programme. Any recordings or similar materials will only be created and used where appropriate consent has been obtained. Where required, this will include consent from a parent or guardian. Participation in such activities is entirely optional and there will be no detriment if consent is not provided.

All information is used solely for the purpose of supporting the individual’s development, delivering the placement, and where appropriate, demonstrating the impact of the programme. We take additional care when handling information relating to younger individuals and ensure that appropriate safeguards are in place, including limiting access to the data and retaining it only for as long as necessary in line with our retention policy.

Financial and credit card details

We do not receive or store your credit card details. Credit card payments are handled by an external secure processor in accordance with their data security policies. We receive limited information from our processor for us to tie up your payment with your invoice.

When you pay us by BACS or direct transfer, we know only what the bank tells us, which is usually the name of the person (Company) who paid us and how much and the reference number.

We do not keep credit scores nor use credit reference agencies.

‍

In this Section, we have summarised the rights that you have under General Data Protection Regulation. Some of the rights are complex, and not all the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.

Your principal rights under the General Data Protection Regulation are:

Right to object

Right of access

Right to be informed

Right to rectification

Right to erasure

Right to restrict processing

Right to data portability

The right to object

You can exercise this right if:

Processing relies on legitimate interest

• Processing is for scientific or historical research

• Processing includes automated decision making and profiling

• Processing is for direct marketing purposes

The right of access

• You or any third party acting on your behalf with your authority may request a copy of the personal data we hold about you without charge.

•We will ask to verify your identity or request evidence from the third party that they are acting on your behalf before releasing any personal data we hold about you.

The right to be informed

•We are required, to provide clear and transparent information to you about how we process your personal data. This privacy notice addresses this right.

The right of rectification

•If you believe the personal data we hold about you is incorrect or incomplete you have the right to correct this and you may exercise this right along with the right to restrict processing until these corrections are made.

The right to erasure

• If there is no legal basis or legitimate reason for processing your personal data, you may request that we erase it.

The right to restrict processing

• You may ask us to restrict the processing of your personal data. This means we will still hold it but not process it. This is a conditional right which may only be exercised when:

• Processing is unlawful

• We no longer need the personal data, but it is required for a legal process

• You have exercised your right to object to processing and require processing to be halted while a decision on the request to object is made.

• If you are exercising your right to rectification

The right to data portability

• You can request that your personal data is transferred to another controller or processor in a machine-readable format if:

• Processing is based on consent

• Processing is by automated means (i.e. not paper based)

• Processing is necessary for the fulfilment of a contractual obligation

If you have any question about these rights, please see "additional information", section 15 of this policy.

‍

Privacy Policy