Privacy statement
Complying with GDPR, Pendleton Sexton Limited holds some personal details about you; this document explains why we have that information, how we use and handle it and your rights to that information.
What Information do we hold?
We currently hold personal information in order to provide our services as contracted with you/ your employer. This could include some or all of the following:
Identifying Information – name
Contact Information – email address, phone number
Professional Information – Job Title, CV / BIO, Company Grade or Level, Employment start date, department/ function, location (where you are based), contract type, working hours, performance rating, income level
Ethnicity Information – nationality, race
Physical Characteristics – age, gender, disability
Religion, sexual orientation, education level
Preference information – consultant notes
Where did we get your data from?
The personal data that we have is either provided to us by you or your employer as agreed in our contract.
Why are we holding this personal information?
We may hold your data to fulfil a contract we have with our client (usually this would be your employer).
We may also hold your personal data if we you have given us your consent to do so.
We may also hold your personal data if we are legally required to do so.
We may also hold your personal data (in an anonymised format) for research purposes, as agreed in our contract.
How we use your Personal Information
The information we hold will be used principally to deliver contracted services and products, and only for the stated purpose. In carrying out these services we may do one or more of the following:
We may use your details so that we can communicate with you by email or phone.
We may use the information provided from 360⁰ feedback to provide an external view of an individual’s behaviours and performance.
We may use information collected on individuals within a team in order to provide a report on the team as a whole, and to help with the team’s development and performance.
We may use personal information (in an anonymised format) for our own internal research purposes if agreed in our contract in order to:
further develop our services and products;
provide thought leadership in our field.
The personal information we hold is stored and processed securely in line with the UK government’s guidelines for Cyber security controls, Cyber Essentials*
Your personal information is held and processed in the UK.
Your personal information may also be held and processed in the EU.
If your personal information is transferred outside of the EEA, we ensure that this is agreed in our contract and that the level of protection provided is sufficient to meet the requirements of the EU directive.
What we don’t do with your personal information
We do not use any automated decision-making systems relating to your personal data.
We do not sell your data to any third party.
We do not transfer your data to any parties other than sub-contractors agreed in our contract and necessary for us to carry out our contracted service.
We do not use your data for any purposes other than those agreed in our contract.
How long do we keep your personal data?
In cases where we are the Data Controller, the information we keep about you will be kept for a period of 1 year after completion of contract, or until you notify us that you no longer wish to receive information from us or you want us to delete your personal data.
Where we are the Data Processor, any personal data that we hold will be kept in line with the requirements of the Data Controller, or if the Data Controller has not communicated this with us we will hold the data for a period of 1 year after completion of contract, or until we are requested to delete it.
What are your personal data rights?
If at any point you believe the personal information we hold on you is incorrect, you want us to correct or delete that information, or you no longer want us to hold that information or contact you, you can exercise your rights under the current Data Protection laws. These rights include:
Right of access
Right to rectification
Right to erasure
Right to restriction of processing
Right to data portability
Right to object
Who do I contact if I have an issue with or question about the personal information that you hold about me?
Please contact Emily Sexton on +44 7974311871 or via email to: emilysextoncoaching@gmail.com
How do I make a complaint about how my personal data is being held or processed?
If you wish to raise a complaint regarding the way we have handled your personal data, you can contact our Data Protection Officer (details above) who will investigate the matter.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can contact the Information Commissioner’s Office (ICO). Their Helpdesk number is 0303 123 1113.
* For more information about Cyber Essentials please visit: https://www.gov.uk/government/publications/cyber-essentials-scheme-overview