Updated 22 July 2019
This privacy notice is provided in line with the new General Data Protection Regulation (GDPR) and explains you what to expect us to do with your personal data when you decide to make contact with us or use one of our services. Please note that this notice only refers to this website and that shall not cover other web pages or third parties’ websites accessible via external links.
WHO ARE WE
Coaching.ly Ltd. is the Data Controller for the personal data processed and he reserves himself the right to amend or modify, where and if necessary, this present notice, provided that it will duly inform you of such changes, as the case may be. You can contact us sending an email at firstname.lastname@example.org
WHAT PERSONAL DATA WE PROCESS
We collect the following personal data from you:
Contact details: Name, surname, email address, city, country, telephone number/Skype ID.
Age: Date of birth (in order to verify you are at least 16 years old).
Payment: Bank/credit details (when you make a purchase). Your card data are processed by our secure third party payment Processor (‘Stripe Payment Europe Ltd.’).
Online: IP address, login, browser/plug-in, time zone, operating system and platform, clickstream (only under your previous consent).
WHY WE PROCESS YOUR PERSONAL DATA
Your personal data will be processed electronically by the Controller within the limits and for the sole purposes of the provision of the services accessible through the website, in particular:
Events: You wish to attend, or you have attended, an event (webinars, online training, Skype call).
Services: Providing you with the service, products or information you asked for.
Records: Keeping a log of your relationship with us.
Research: Answering our surveys upon your previous consent and that may be of interest to you.
Communications: Upon your previous consent and that may be of interest to you.
OUR LAWFUL BASIS FOR PROCESSING YOUR PERSONAL DATA
Consent: When you have provided your consent to us processing your personal data for: attending live webinars, downloading a case-study or receiving marketing information. You can always withdraw consent by email at email@example.com
Contract: When you are attending an online training session, to provide you appropriate information about products and services that you have requested.
Legitimate interest: To communicate with you about any issue that you raise with us or to provide any further related online/email information in relation to your identified area of interest.
HOW LONG WE PROCESS YOUR PERSONAL DATA
The same personal data we processed, will be kept in a format that allows user identification only for the time strictly necessary to fulfil the purposes for which the data have been originally collected and, in any case, within the limits set forth by applicable laws and regulations.
We also review our retention periods on a regular basis.
WHO ELSE CAN PROCESS YOUR PERSONAL DATA
We do not sell your personal data to third parties or share them for marketing purposes without your specific consent.
We use data processors who are third parties who provide elements of services for us under specific contractual obligations (e.g. payroll system). This means that they cannot do anything with your personal data unless we have instructed them to do it. They will not share your personal data with any organisation apart from us. They will hold it securely and retain it for the period we instruct.
It shall remain intended that the personal data of the user may be communicated to third parties, such as police authorities but only where this is necessary with respect to a law or an order issued from a competent authority.
We also undertake regular reviews of who can access to personal data that we hold to ensure that yours is only accessible by appropriately trained staff and trusted parties.
TRANSFER OF YOUR PERSONAL DATA
If we transfer your personal data outside of the European Economic Area (EEA), we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this notice.
Specifically, our web provider (ClickFunnels), payroll system (Stripe) and online survey provider (SurveyMonkey) store your personal data in the US by virtue of the EU-US Privacy Shield Agreements.
HOW WE PROTECT YOUR PERSONAL DATA
We take steps to ensure that appropriate technical and organisational security measures aimed at reducing the risk of destruction, loss, even accidental, unauthorised access, forbidden or illicit processing are in place and we do anything we can to review them on regularly basis.
Any sensitive data (e.g. credit or debit card details) is encrypted and protected with a 128 bit encryption on SSL. When you are on a secure page, a lock icon will appear next to the URL of web browsers such as Microsoft Internet Explorer or Google Chrome.
WHAT ARE YOUR DATA PROTECTION RIGHTS
As data subject, you have specific rights that can exercise freely, at any time and without hindrance, by means of a written request sent to firstname.lastname@example.org
Right of Access: You have the right to ask us to access for copies of your personal data.
Right of Rectification: You have the right to ask us to rectify personal data you think is inaccurate or incomplete.
Right to Erasure: You have the right to ask us to erase your personal data under certain circumstances.
Right to Restriction: You have the right to ask us to restrict the processing of your personal data under certain circumstances.
Right to Object: You have the right to object to processing if we are processing your personal data based on our legitimate interest (see the ‘Lawful Basis’ section).
Right to Data Portability: You have the right to ask that we transfer personal data you gave us from one organisation to another or give it to you. The right only applies if we are processing personal data based on your consent or contractual obligation by automated means.
Right to Lodge a Complain: If you remain dissatisfied, you can make a complaint about the way we process your personal data to the data protection authority where you are established where you reside in the EEA or where a violation occurred.
We reserve the right to modify this statement at any time. Any changes to this Privacy Notice will be listed in this section, and if such changes are material, a notice will be included on the homepage of the website for a period of time.