Data Protection Processing & Privacy Policy
Last updated 6th April 2020

Our website address is: https://chrisbartoncoaching.co.uk

Your privacy: information we collect about you and how we use it
This policy tells you what to expect when we collect personal information. Chris Barton Coaching is the data controller of the personal information we collect.

The Data Protection Act 1998 regulates the use of personal information held by us. This means we must comply with eight data protection principles which say that personal data needs to be:

• processed fairly and lawfully
• processed only for specified and lawful purposes
• adequate, relevant and not excessive
• accurate and, where necessary, kept up to date
• not kept longer than necessary
• processed in accordance with an individual’s rights under the Act
• kept secure
• not transferred to non-European Economic Area countries without adequate protection

This notice contains information about:

• Information we may collect
• How we use personal information
• How long we keep information
• How we keep information secure
• How you can find information we hold about you
• Changes to this fair processing policy
• How to contact us

Information we may collect
The type of information we may collect and process about you is
varied and may include:

• your name, address and age
• who you are
• your e-mail address
• telephone, email, correspondence
• GP Information

In addition, we may collect other information and data about you and your business.

Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Some information is defined in the Data Protection Act 1998 as sensitive personal data.
This is information about you which relates to:

• (a) your religious beliefs or other beliefs of a similar nature
• (b) any physical or mental health conditions
• (c) your sexual life

Personal information pertaining to the reasons why you are coming into therapy.

Where we collect personal data, we will not collect or use it unless it is lawful for us to do so. This may mean we need your informed consent to use or share it. However, in some cases it will be lawful for us to do so, for example where it necessary as part of our, or a third party’s, such as our Supervisor or GP (this will only be shared with your GP if you were going to harm yourself or another person.

How we use personal information
This policy applies to information we collect set out below:

• visitors to our website
• complaints
• people who make enquiries or ask for general help
• others connected to our work
• jobs

How long we keep information
We keep personal information for as long as necessary in line with our published retention and disposal policies. We retain personal information if we need it to meet our legal and operational requirements.

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

How we keep information secure
We are under a general duty to keep personal data and information confidential. Where we share information we take all reasonable
steps to keep it secure, use it fairly and ensure that data protection safeguards are in place. We will not share your data with third
parties without your express permission unless required to do so by law.

For the purposes of the Data Protection Act 1998.
We collect, handle and keep information secure to ensure we meet the data protection obligations as well as how we maintain the
confidentiality, accessibility and integrity of information we hold.

How you find out about information we hold about you
The Data Protection Act 1998 gives you a right of access to personal data we hold about you. These are called subject access requests. In some cases we are not required to provide you with information we hold about you. Where this is the case we will let you know.

You can request information by making a request in writing addressed Chris Barton Coaching at 204 North Western Avenue, Watford, Hertfordshire. WD25 0RJ

You will also need to let us have a postal or email address so that we can send you the information. We ask that you mark the covering envelope or email as ‘Confidential’.

Administration charge
There is a charge of £5 payable by cheque. This covers costs we are entitled to charge under the Data Protection Act 1998. We
cannot deal with your request until the fee is paid.

How we provide the information
We usually send a hard copy by special delivery post to your residential address or by email. We can make other arrangements in some cases. Please ask Chris at Chris Barton Coaching, the organisation’s principal, if you would like to agree alternative arrangements.

Can I see all the information held about me?
You may not be entitled to see all the information held about you if an exemption under the Data Protection Act 1998 applies.

Examples of exemptions include information that:

• is about another person.

If an exemption applies we will explain which exemption applies and we tell you if we have removed any information from the copy we send you.

Changes to this fair processing policy
We keep this Policy under regular review.

How to contact us
If you would like to ask for information about our policy you can email or write to us. If you would like a copy of this policy in an alternative format please ask.

Visitors to our website
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Third-party cookies
Some services we use to add value and convenience to those who use our website. The browsers may set cookies on our behalf. These services fall into two broad groups: social media and web analytics.

Social media
We publish some of our video content on YouTube.com, and embed it on our website. When a visitor triggers a video to play, YouTube sets cookies on their browser. Any concerns about those cookies should be checked with Google’s privacy policy.

Some of our web content includes buttons that allow visitors to share content easily with their online networks—using Twitter, Facebook, Instagram and LinkedIn. When visiting these areas Twitter, Facebook, Instagram and LinkedIn may set cookies on a visitor’s browser. We do not control the use of these third-party cookies, and any concerns should be checked with the policies of Twitter, Facebook, Instagram and LinkedIn.

Web analytics
To improve our web-based services we collect and use overall data about the use of our site from a third-party service, Google Analytics. When visitors use our website Google Analytics sets cookies on their browser. We do not control the use of these third party cookies and any concerns should check with Google’s privacy policy.

More information about cookies
To learn more, including how to manage cookies, visit www.aboutcookies.org. If you have any questions or concerns about cookies set by us, please get in touch.

In appropriate cases, personal information may be disclosed to regulators, the Legal Ombudsman, enforcement or government agencies, other regulators or others with a legitimate interest who may keep a record of that information. We only share information where it is lawful for us to do so, such where it is necessary to do so as part of our, or a third party’s, statutory or public function or because the law permits or requires us to.

We may also share personal information with selected third parties which provide relevant services to us, such as outsourced IT services or legal support but only where this helps us to fulfil effectively our legal duties or to ensure the proper administration of the site.

Complaints about us
When we receive complaints about us we create a complaint file.

Usually the file will contain the identity of the person complaining and other people involved in the complaint.

We use personal information to deal with the complaint. We may also use the information to check and improve our level of service.

In appropriate cases, personal information may be disclosed to other regulators, or others with a legitimate interest who may keep a record of that information. We only share information where it is lawful for us to do so, such where it is necessary to do so as part of our, or a third party’s, statutory or public function or because the law permits or requires us to.

Some data is collected when people sign up to newsletters, act as an organisation’s contact, respond to our consultations or register with us for coaching, therapy, training, workshops or other communications.

We use personal data collected in this way to deliver the service we provide or to improve the service we offer. Those responding to our consultations can opt to have their data kept confidential. We do not use your data for marketing purposes. You are always entitled to request the removal of your data from records held. We are required by the Law Society to retain certain data for specified periods of time.