fbpx

Privacy and cookies policy

Document Version & History

Version 0.1 —Dated 01.06.2017 until superseded.

Our policy is versioned and dated so our clients (Data Subjects) have full Transparency over the Privacy, Data Protection & Processing terms in which they will have engaged with at the time of their interaction. Policies are not static and need to be updated as and when legal and business needs arise. However, this does not mean that the obligations and rights confided in those historical policies should be forgotten for the Data Subject and TeresaBrooksCoaching as the Data Controller

Purpose

This document sets out the way TeresaBrooksCoaching( Data Controller) and any 3rd parties we engage with (Data Processors) will collect, process and handle your Personal Data and your rights in that relationship as Data Subjects.

Basis in Law

This Policy is written to align with the General Data Protection Regulation (GDPR) Legislation, enacted in April 2016 for EU Member states, and to be enforced as of 25th May 2018. The UK will replace / repeal the Data Protection Act (DPA) and replace it with the GDPR version.

Whilst the UK is currently under the regulation of the DPA, this policy goes much further than is currently required under the obligations of the DPA.

Principles

We will adhere to the following principles of the GDPR with respect to this Policy and our behaviours in which we are Guardians, not owners, of your personal data. These are:

  • Lawfulness, Fairness & Transparency
  • Purpose Limitation
  • Data minimisation & Proportionality
  • Data Quality & Accuracy
  • Storage Limitation
  • Integrity & Confidentiality
  • Accountability

Direct / Active Personal Data Collection

Information Provision by you directly, by being aware of the act of doing so, that contains Personal Data.

We will, where possible BEFORE we collect your data, always notify you of:

  • the Purpose of Data Collection and Processing.
  • the Legal Basis of Data Collection and Processing.
  • the intention to transfer (or not) of Personal Data to a 3rd party or organisation.
  • the intention to transfer (or not) of Personal Data to a 3rd country and the legal basis of that.
  • the duration / time we will store your information.
  • your rights as a Data Subject in terms of your personal data:
    • Right of Access
    • Right to Object
    • Right to Portability
    • Right of Restriction
    • Right to Erasure
    • Right to be Forgotten

Passive / Indirect Personal Data Collection

Information Provision by you, indirectly collected by not necessarily being aware of the act of doing so, that contains your Personal Data.

We will, where possible before we collect your data or within 1 month, always notify you of

  • the Source of the Personal Data collected.
  • the Data Protection Officer (DPO) of DAMM Solutions Ltd and ICO registration.
  • the Purpose of Data Collection and Processing.
  • the Legal Basis of Data Collection and Processing.
  • the intention to transfer (or not) of Personal Data to a 3rd party or organisation.
  • the intention to transfer (or not) of Personal Data to a 3rd country and the legal basis of that.
  • the duration / time we will store your information.
  • your rights as a Data Subject in terms of:
    • Right of Access
    • Right to Object
    • Right to Portability
    • Right of Restriction
    • Right to Erasure
    • Right to be Forgotten

3rd Party Indirectly Acquired Personal Data Collection

Information Provision to us about you indirectly collected whereby you are not aware of the act of doing so, that contains your Personal Data.

We will, as soon as possible and within 1 month, always notify you of:

  • the Source of the Personal Data collected.
  • the Data Protection Officer (DPO) of DAMM Solutions Ltd and ICO registration.
  • the Purpose of Data Collection and Processing.
  • the Legal Basis of Data Collection and Processing.
  • the intention to transfer (or not) of Personal Data to a 3rd party or organisation.
  • the intention to transfer (or not) of Personal Data to a 3rd country and the legal basis of that.
  • the duration / time we will store your information.
  • your rights as a Data Subject in terms of:
    • Right of Access
    • Right to Object
    • Right to Portability
    • Right of Restriction
    • Right to Erasure
    • Right to be Forgotten

Terms

 

TermDefinition
Teresa Brooks Coaching `us’ the company’ Data Controller
3rd Party`Data Processor’ / ‘Contracted Entity’ / ‘Indirect Source’
 Privacy PolicyThis document and its contents
 Personal DataAny information relating to and identified or identifiable natural person
Data CollectionMethod of Personal Data acquired by the Data Controller about the Data Subject.
Data ProcessingMethod by which Personal Data may be manipulated.
Data SubjectThe natural person for which personal data applies to and is processed
Data ControllerThe legal entity or person that makes decisions on collecting and processing personal data. DAMM Solutions & Services Ltd’
Data ProcessorThe legal entity or person that processes personal data on behalf of the data controller. `3rd Party’ Contracted Entity’
3rd Party Indirectly Acquired Personal Data CollectionInformation Provision to us about you indirectly collected whereby you are not aware of the act of doing so, that contains your Personal Data.e.g Bought in marketing details
Passive / Indirect Personal Data CollectionInformation Provision by you indirectly collected by not necessarily being aware of the act of doing so, that contains your Personal Data.e.g Cookies via our website
Direct / Active Personal Data CollectionInformation Provision by you directly by being aware of the act of doing so, that contains your Personal Data.e.g Contact Us website form

Teresa Brooks Coaching – Registered Data Controller with the ICO