Thinking Alliance takes your privacy seriously. We are committed to safeguarding any personal data we hold about you and we comply with current data protection legislation including the GDPR.
If you have any questions about this statement or our approach to keeping your personal data safe, please contact our data privacy lead at firstname.lastname@example.org
The data we gather
We process and hold personal data such as:
- Your name and email address and, in some instances, other contact details which you have given us such as your telephone number
- Data on how you engage with the content of our website www.thinkingalliance.co.uk
- Information you provide to us while using our services
How we gather data
We may collect data from you in person, through email, text, social media messaging, social media posting or any other communication that you send us; or by you completing and signing or otherwise formally agreeing a client contract; or through you submitting a contact or sign-up form on our website; or through cookies on our website.
We may also receive your data from third parties, for example referrals, from search information providers such as Google, or from online networks such as Facebook or LinkedIn.
What we do with the personal data we gather, and the lawful reasons we collect it
We collect your data exclusively to carry out our work, to serve you, and to communicate about Thinking Alliance and our services and offers. We aim to collect the minimum level of data needed to these ends.
When collecting data, we will ensure that you understand why we are collecting it, how it will be used, and that either we have a legitimate interest for processing it, or we are entering into or fulfilling a contract with you or, as far as reasonably possible, you have granted explicit consent, either written or verbal, or by submitting an online consent form, for your data to be processed.
We only share data with entities that assist us in managing our business, such as MailChimp (our newsletter platform), Eventbrite (our event management system) and QuickBooks (our invoicing system). The only data provided to these entities is that needed to accomplish a specific goal, such as sending out an email or registering someone for an event. We ensure that all entities that process and/or hold data on our behalf are compliant with the GDPR or have equivalent safeguards in place if they are outside the EAA (European Economic Area).
We may process your personal data without your knowledge or consent where this is required or permitted by law.
We are committed to ensuring that your data is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the data we collect.
How long we retain your data
We will retain your data for only as long as it is needed for our business purposes, or until you ask us to delete the data we hold. In addition, you can unsubscribe from our mailing list at any point.
Controlling your personal data
As the subject of personal data held about you, you have:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling.
You can see more about these rights at: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/. If you would like to request details of the personal data which we hold about you, or if you wish to exercise any of the other rights set out above, please email our data privacy lead on email@example.com. If you believe that any data we are holding on you is incorrect or incomplete, please email us at this address. We will promptly correct any data found to be incorrect.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive or refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. If this is the case, we will notify you.
If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.
The Thinking Alliance website may include links to third-party websites, plug-ins and applications. We may also send you links in our communications with you to third-party websites that we think will be helpful to you. We will aim to ensure third-party links are signposted as such. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.
Version control: V1 pub20180524
Next formal review: May 2019