Important information about using this website
We are committed to protecting and respecting your privacy. We are responsible for protecting your personal information as a “data controller” under applicable data protection legislation.
Our nominated person for data protection is Charles Brook, Managing Partner and their contact details are firstname.lastname@example.org.
4.1) What information do we collect?
We collect personal data as defined by applicable data protection legislation (‘personal information’).
The personal information we collect might include name, date of birth, email address, postal address, telephone number, credit/debit card details, the company you work for and the industry you work in.
4.2) How do we collect information?
We obtain personal information from you when you enquire about our activities, register with us, send or receive an email, ask a question or otherwise provide us with personal information. We may also receive information about you from third parties, for example from our service providers or from a friend who wants to tell you about our websites or the activities we carry out.
We also gather general information about the use of our website, such as which pages users visit most often and which services, events or facilities are of most interest. We may also track which pages users visit when they click on links in emails. We may use this information to personalise the way our websites are presented when users visit them, to make improvements to our websites and to ensure we provide the best service for users.
Wherever possible we use aggregated or anonymous information which does not identify individual visitors to our websites.
4.3) Why do we collect this information?
We collect this information for the purposes described in section 4.4. The lawful basis for which we process your information is:
- your consent;
- processing is necessary for the performance of a contract to which you are a party. If you fail to provide this information we may be unable to perform the contract;
- processing is necessary for compliance with our legal obligations;
- processing is necessary for the purpose of the legitimate interest pursued by us, except where your rights as a data subject override our legitimate interest.
4.4) How do we use this information?
We will use your personal information:
- to provide you with the services, products or information you have requested;
- to create an account for you if you register with us;
- to contact you about services we offer and resources we provide; and
- for administration purposes.
As part of this, we may analyse the personal information we collect to create a profile of your interests and preferences so that we can contact you in the most appropriate way and with the most relevant information.
If you enter your contact details in one of our online registration forms, we may use this information to contact you even if you do not "send" or "submit" the form. We will only do this to see if we can help with any problems you might be experiencing with the form or with our websites.
We will only use your personal information for electronic marketing purposes if we are allowed to do this by law or if we have your consent. If you agree to us providing you with marketing information, you can always opt out at a later date. If you do not wish to receive such messages please let us know by contacting us using our Contact Form .
4.6) Your choices
You have a choice about whether you want to receive information about our services. We will not use your personal information for marketing purposes or share your information with any third party if you have indicated that you do not wish to be contacted in this manner. You can change your marketing preferences at any time by contacting us using our Contact Form . Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
4.7) Will we disclose the information we collect to outside parties?
We may pass your information to our data processors, agents and associated organisations for the purpose of providing services to you and for the other purposes listed at 4.4 above. Where we use data processors we will make sure there are appropriate controls in place.
We may also need to disclose your information if required by law (for example to government bodies and law enforcement agencies) or if we have your permission to do so.
We will not sell any information about you or your web browsing activity.
We may transfer your information to Australia, Belgium, Brazil, China, France, India, Italy, Malaysia, Netherlands, Peru, Romania, Turkey, United Arab Emirates and the USA, by sharing it with our other TPC Leadership offices. We do this by using the European Commission’s model clauses.
4.8) How long do we keep your information for?
We keep your information for no longer than is necessary, as required by data protection law. We will retain your information for any period required by law, for example for compliance with HMRC requirements. Where we are not under a legal obligation to retain your information, we will determine what is necessary by reference to the lawful basis for processing set out above and our legitimate interests.
How do we protect personal information?
We take appropriate technical and organisational measures to ensure that the information disclosed to us is kept secure, accurate and up to date and kept only for so long as is necessary for the purposes for which it is used. We protect your information in accordance with our Data Protection Policy.
You should be aware that the use of the Internet is not entirely secure and although we will do our best to protect your personal data we cannot guarantee the security or integrity of any personal information which is transferred from you or to you via the Internet. Any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features such as encryption to try to prevent unauthorised access
We may change the terms of this privacy statement from time to time. If we do so, we will post the changes here, so please check from time to time. By continuing to use our websites you will be deemed to have accepted such changes.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree.
Cookies contain information that is transferred to your computer's hard drive.
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies.
However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.
We use the following cookies:
- Google Analytics (analytical / performance cookie) - used to estimate our audience size and usage pattern.
- Google Adwords (analytical / performance cookie) - used to track sales and data capture arising from use of Google Adwords advertising
- Facebook (analytical / performance and targeting cookie)- used to track sales and data capture arising from use of Facebook advertising, and show target ads on Facebook to site visitors.
5) Your rights
If you have created an account with us, you can sign into your account to access and update your information.
You have a right to ask us to confirm whether we are processing information about you, and to request access to this information (‘ right of access ’). You also have the right to be informed of the safeguards we have in place relating to any transfers of your information to another country or to an international organisation.
You may ask us, or we may ask you, to rectify information you or we think is inaccurate, and you may also ask us to remove information which is inaccurate or complete information which is incomplete (‘ right to rectification ’). If you inform us that your personal data is inaccurate, we will inform relevant third parties with whom we have shared your data so they may update their own records.
We want to ensure that your personal information is accurate and up to date. If any of the information that you have provided us with changes, for example if you change your email address, name, payment details, or if you wish to cancel your registration, please let us know using the contact details at the end of this policy.
You have a right to obtain your personal data from us and reuse it for your own purposes, perhaps for another service, without hindering the usability of the data (‘ right of portability ’). This right does not apply where processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
You have a right to seek the erasure of your data (often referred to as the ‘ right to be forgotten ’). You may wish to exercise this right for any reason, for example where it is no longer necessary for us to continue holding or processing your personal data you may withdraw your consent. You should note that we are entitled to and reserve the right to retain your data for statistical purposes. This right is not absolute, as we may need to continue processing this information, for example, to comply with our legal obligations, or for reasons of public interest.
You have a right to ask us to restrict our processing of your information (‘ right to restriction ’) if:
- you contest its accuracy and we need to verify whether it is accurate
- the processing is unlawful and you ask us to restrict use of it instead of erasing it
- we no longer need the information for the purpose of processing, but you need it to establish or defend legal claims
- you have objected to processing of your information being necessary for the performance of a task carried out in the public interest, or for the purposes of our legitimate interests. The restriction would apply while we carry out a balancing act between your rights and our legitimate interests.
- you exercise your right to restrict processing, we would still need to process your information for the purpose of exercising or defending legal claims, protecting the rights of another person or for public interest reasons.
You have a right to prevent us from processing your data for the purposes of marketing.
If you would like to exercise any of your rights above, please let us know using the contact details at the end of this policy. We will act in accordance with your instructions as soon as reasonably possible and there will be no charge.
You have a right to report any of your concerns about our use of your data to the Information Commissioner’s Office. You may do so by calling their helpline at 0303 123 1113.
You have the right to ask for a copy of the information we hold about you (for which we may charge a small fee) and to have any inaccuracies in your information corrected. If you wish to exercise these rights, contact us using our Contact Form .
5.1) Strictly necessary cookies
These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
5.2) Analytical/performance cookies
They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
5.3) Functionality cookies
These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
5.4) Targeting cookies
These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
6) Acceptable Use
This acceptable use policy sets out the terms between you and us under which you may access the Site. This acceptable use policy applies to all users of, and visitors to, the Site.
Your use of our site means that you accept, and agree to abide by, all the policies in this acceptable use policy, which supplement our Terms.
6.1) Prohibited Uses
You may use our site only for lawful purposes. You may not use our site:
- In any way that breaches any applicable local, national or international law or regulation.
- In any way that is unlawful or fraudulent, or has any unlawful or fraudulent purpose or effect.
- For the purpose of harming or attempting to harm minors in any way.
- To send, knowingly receive, upload, download, use or re-use any material which does not comply with our content standards at 6.3 below.
- To transmit, or procure the sending of, any unsolicited or unauthorised advertising or promotional material or any other form of similar solicitation (spam).
- To knowingly transmit any data, send or upload any material that contains viruses, Trojan horses, worms, time-bombs, keystroke loggers, spyware, adware or any other harmful programs or similar computer code designed to adversely affect the operation of any computer software or hardware.
You also agree:
- Not to reproduce, duplicate, copy or re-sell any part of our site in contravention of the provisions of our terms of website use.
- Not to access without authority, interfere with, damage or disrupt:
- any part of our site;
- any equipment or network on which our site is stored;
- any software used in the provision of our site; or
- any equipment or network or software owned or used by any third party.
6.2) Interactive Services
We may from time to time provide interactive services on our site, including, without limitation:
- a facility to comment on our blog posts; and
- interactive webinars.
Where we do provide any interactive service, we will provide clear information to you about the kind of service offered, if it is moderated and what form of moderation is used (including whether it is human or technical).
We will do our best to assess any possible risks for users (and in particular, for children) from third parties when they use any interactive service provided on our site, and we will decide in each case whether it is appropriate to use moderation of the relevant service (including what kind of moderation to use) in the light of those risks. However, we are under no obligation to oversee, monitor or moderate any interactive service we provide on our site, and we expressly exclude our liability for any loss or damage arising from the use of any interactive service by a user in contravention of our content standards, whether the service is moderated or not.
The use of any of our interactive services by a minor is subject to the consent of their parent or guardian. We advise parents who permit their children to use an interactive service that it is important that they communicate with their children about their safety online, as moderation is not foolproof. Minors who are using any interactive service should be made aware of the potential risks to them.
Where we do moderate an interactive service, we will normally provide you with a means of contacting the moderator, should a concern or difficulty arise.
6.3) Content Standards
These content standards apply to any and all material which you contribute to our site ( contributions ), and to any interactive services associated with it.
You must comply with the spirit of the following standards as well as the letter. The standards apply to each part of any contribution as well as to its whole.
- Be accurate (where they state facts).
- Be genuinely held (where they state opinions).
- Comply with applicable law in the UK and in any country from which they are posted.
Contributions must not:
Contain any material which is defamatory of any person.
- Contain any material which is obscene, offensive, hateful or inflammatory.
- Promote sexually explicit material.
- Promote violence.
- Promote discrimination based on race, sex, religion, nationality, disability, sexual orientation or age.
- Infringe any copyright, database right or trade mark of any other person.
- Be likely to deceive any person.
- Be made in breach of any legal duty owed to a third party, such as a contractual duty or a duty of confidence.
- Promote any illegal activity.
- Be threatening, abuse or invade another's privacy, or cause annoyance, inconvenience or needless anxiety.
- Be likely to harass, upset, embarrass, alarm or annoy any other person.
- Be used to impersonate any person, or to misrepresent your identity or affiliation with any person.
- Give the impression that they emanate from us, if this is not the case.
- Advocate, promote or assist any unlawful act such as (by way of example only) copyright infringement or computer misuse.
6.4) Suspension And Termination
We will determine, in our discretion, whether there has been a breach of this acceptable use policy through your use of our site. When a breach of this policy has occurred, we may take such action as we deem appropriate.
- Immediate, temporary or permanent withdrawal of your right to use our site.
- Immediate, temporary or permanent removal of any posting or material uploaded by you to our site.
- Issue of a warning to you.
- Legal proceedings against you for reimbursement of all costs on an indemnity basis (including, but not limited to, reasonable administrative and legal costs) resulting from the breach.
- Further legal action against you.
- Disclosure of such information to law enforcement authorities as we reasonably feel is necessary.
- We exclude liability for actions taken in response to breaches of this acceptable use policy. The responses described in this policy are not limited, and we may take any other action we reasonably deem appropriate.
Changes To The Acceptable Use Policy
We may revise this acceptable use policy at any time by amending this page. You are expected to check this page from time to time to take notice of any changes we make, as they are legally binding on you. Some of the provisions contained in this acceptable use policy may also be superseded by provisions or notices published elsewhere on our site.
Data Protection Policy
1.1) TPC Leadership holds personal data about clients, employees, suppliers, job applicants, and other individuals for a variety of business purposes. For the purposes of this policy, TPC Leadership includes each of the TPC Leadership offices around the world, regardless of which part of the TPC Leadership group they are in. TPC Leadership has legal obligations to protect that personal data and to use it in a fair and lawful way. Processing personal data fairly and lawfully helps TPC Leadership to meet client expectations and protects the reputation of the business and its staff.
1.2) This policy is based on the data protection laws of the European Union (the GDPR), but it applies to TPC Leadership offices globally. This ensures a consistent approach and facilitates the transfer of data between TPC Leadership businesses within and without the European Economic Area (EEA)
1.3) This policy sets out how TPC Leadership seeks to comply with its data protection obligations and to ensure staff understand the rules governing their use of personal data to which they have access in the course of their work.
1.4) In particular, this policy requires staff to ensure that the Managing Partner of their local office or the International Chair of TPC Leadership should be consulted before any significant new data processing activity is initiated to ensure that relevant compliance steps are addressed.
1.5 The International Chair of TPC Leadership is responsible for the monitoring and implementation of this policy.
2.1) This policy applies to all staff, which for these purposes includes employees, temporary and agency workers, other contractors, and anyone else who works for TPC Leadership.
2.2) All staff must be familiar with this policy and comply with its terms.
2.3) This policy supplements TPC Leadership’s other policies relating to staff use of the internet and TPC Leadership IT systems.
2.4) TPC Leadership may supplement or amend this policy by additional policies and guidelines from time to time. Any new or modified policy will be circulated to staff before being adopted.
3.1 In this policy:
business purposes means the purposes for which TPC Leadership uses personal data. These purposes are: to provide coaching services to clients, to promote TPC Leadership’s services to existing and potential clients, to maintain TPC Leadership’s own accounts and business records, and to support and manage staff;
personal data means information relating to identifiable living individuals. This includes expression of opinion about the individual and any indication of someone else's intentions towards the individual;
sensitive personal data means personal data about an individual's racial or ethnic origin, political opinions, religious or similar beliefs, trade union membership (or non-membership), physical or mental health or condition, sexual life, criminal offences, or related proceedings. Any use of sensitive personal data must be strictly controlled in accordance with this policy;
processing data means obtaining, recording, holding or doing anything with it, such as organising, using, altering, retrieving, disclosing or deleting it.
4.1) TPC Leadership businesses will maintain any necessary registrations with the data protection regulators in the countries where they are based.
5) General principles
5.1) TPC Leadership’s policy is to process personal data in accordance with the applicable data protection laws and rights of individuals as set out below. All employees have personal responsibility for the practical application of TPC Leadership’s data protection policy.
5.2) TPC Leadership will observe the following principles in respect of the processing of personal data:
5.2.1) to process personal data fairly and lawfully in line with individuals’ rights;
5.2.2) to make sure that any personal data processed for a specific purpose is adequate, relevant and not excessive for that purpose;
5.2.3) to keep personal data accurate and up to date;
5.2.4) to keep personal data for no longer than is necessary;
5.2.5) to keep personal data secure against loss or misuse;
5.2.6) not to transfer personal data outside the EEA (which includes the EU member states, Norway, Iceland and Liechtenstein) without adequate protection.
5.3) The practical steps that TPC Leadership can take to comply with these principles are explained in the rest of this policy.
6) Fair and lawful processing
6.1) Staff should generally not process personal data unless:
6.1.1) the individual whose details are being processed has consented to this;
6.1.2) the processing is necessary to provide a service that the individual has requested;
6.1.3) the processing is necessary to perform TPC Leadership’s legal obligations or exercise legal rights; or
6.1.4) the processing is otherwise in TPC Leadership’s legitimate interests and does not unduly prejudice the individual’s privacy.
6.2) When gathering personal data or establishing new data protection activities, staff should ensure that individuals whose data is being processed understand who is gathering their data and what the data will be used for.
6.4) There are limited exceptions to this notice requirement. In any case of uncertainty as to whether a notification should be given, staff should contact the International Chair of TPC Leadership.
6.5) It will normally be necessary to have an individual’s explicit consent to process ‘sensitive personal data’, unless exceptional circumstances apply or the processing is necessary to comply with a legal requirement. The consent should be informed, which means it needs to identify the relevant data, why it is being processed and to whom it will be disclosed. Staff should contact the International Chair of TPC Leadership for more information on obtaining consent to process sensitive personal data.
7) Accuracy, adequacy, relevance and proportionality
7.1) Staff should make sure data processed by them is accurate, adequate, relevant and proportionate for the purpose for which it was obtained. Personal data obtained for one purpose should generally not be used for unconnected purposes unless the individual has agreed to this or would otherwise reasonably expect the data to be used in this way.
7.2) Individuals may ask TPC Leadership to correct personal data relating to them which they consider to be inaccurate. If a member of staff receives such a request and does not agree that the personal data held is inaccurate, they should nevertheless record the fact that it is disputed and inform the Managing Partner of their local office.
7.3) Staff must ensure that personal data held by TPC Leadership relating to them is accurate and updated as required. If personal details or circumstances change, staff should inform the HR team so TPC Leadership’s records can be updated.
8.1) Staff must keep personal data secure against loss or misuse. In particular, staff must follow the security measures set out below.
8.2) Where TPC Leadership uses external organisations to process personal data on its behalf additional security arrangements need to be implemented in contracts with those organisations to safeguard the security of personal data. Staff should consult the Managing Partner of their local office to discuss the necessary steps to ensure compliance when setting up any new agreement or altering any existing agreement.
8.3) Home-working Security:
8.3.1) Staff who work from home must take sensible precautions to keep their homes secure, such as locking doors and windows8.3.2 Documents containing confidential information and equipment displaying confidential information should be positioned in a way to avoid them being seen from outside the home or by visitors.
8.3.3) When not in use all paper documents, backup systems and devices containing confidential information must be securely locked away.
8.4) Computer Security
8.4.1) Use password protection and encryption where available on TPC Leadership systems to maintain confidentiality.
8.4.2) Computers and other electronic devices must be password protected and those passwords must be changed on a regular basis. Passwords should not be written down or given to others.
8.4.3) Computers and other electronic devices should be locked when not in use to minimise the risk of accidental loss or disclosure.
8.4.4) Confidential information must not be copied onto removable hard drive, CD or DVD or memory stick/ thumb drive or any other forms or portable media without the express permission of the Managing Partner of the local office, and even then it must
be encrypted. Data copied onto any of these devices should be deleted as soon as possible and stored on TPC Leadership’s computer network in order for it to be backed up.
8.4.5) All electronic data must be securely backed up at the end of each working day.
8.4.6) Staff should ensure they do not introduce viruses or malicious code on to TPC Leadership systems. Software should not be installed or downloaded from the internet without it first being virus checked. Staff should contact the IT team for guidance on appropriate steps to be taken to ensure compliance.
8.5) Security in other places:
8.5.1) Staff should be careful about maintaining confidentiality when speaking in public places.
8.5.2) Documents and devices containing confidential information should not be left unattended in public places or at venues where staff are delivering events.
8.6) Securely sending personal data:
8.6.1) Postal, fax and email addresses and numbers should be checked and verified before information is sent to them. Particular care should be taken with email addresses where auto-complete features may have inserted incorrect addresses.
8.6.2) All personal data should be encrypted before being sent by email, or be sent by recorded delivery.
8.6.3) Personal data should not be sent by fax unless you can be sure that it will not be inappropriately intercepted at the recipient fax machine.
9) Data retention
9.1) Personal data should not be retained for any longer than necessary. The length of time over which data should be retained will depend upon the circumstances including the reasons why the personal data were obtained.
9.2) Personal data must be securely destroyed when it is no longer needed. If the data is stored electronically, staff should consult TPC Leadership’s IT team about how to destroy it. If the information is held in paper files it should be securely shredded.
10) International transfer
10.1) Staff should not transfer personal data to non-TPC Leadership businesses outside the EEA (which includes the EU member states, Norway, Iceland and Liechtenstein) without first consulting the International Chair of TPC Leadership. There are restrictions on international transfers of personal data from the EEA to other countries because of the need to ensure adequate safeguards are in place to protect the personal data. Staff unsure of what arrangements have been or need to be put in place to address this requirement should contact the International Chair of TPC Leadership.
10.2) Staff may transfer personal data to other TPC Leadership businesses inside and outside the EEA and to other organisations inside the EEA, provided that doing so complies with the conditions of fair and lawful processing set out in section 5 above. Such transfers should be governed by a contract between the transferor and the recipient, unless the transfer is very low risk. Over-arching agreements have been put in place to allow data transfer to TPC Leadership offices outside the EEA, and staff must comply with the terms of these agreements when transferring personal data between TPC Leadership businesses outside the EEA.
11) Rights of individuals to access their personal data
11.1) Individuals are entitled (subject to certain exceptions) to request access to information held about them. This is known as a Subject Access Request. All such requests should be referred immediately to the Managing Partner of the office at which the request is received. This is particularly important because TPC Leadership must respond to a valid request within the legally prescribed time limits.
11.2) Staff must obtain proof of the identity of any person making a Subject Access Request. This proof should usually be a copy of a photographic identification document such as a driving licence, passport, or other official identity card.
11.3) Staff must not respond to a third party making a Subject Access Request on behalf of another person (for example, if a lawyer writes the request on behalf of a client) without confirming first that the third party has the consent of the person whose information is requested. Any response should generally be sent to the individual and not the third party.
11.4) Responses to Subject Access Requests should be in writing and should include the following information:
11.4.1) the categories of personal data which TPC Leadership processes in relation to the data subject (for example: name, address, qualifications etc);
11.4.2) a description of the personal data of which TPC Leadership processes in each category;
11.4.3) the purposes for which each category of the data subject’s personal data is processed;
11.4.4) where known, the source of any personal data; and
11.4.5) the recipients and types of recipients to whom the personal data is disclosed
11.5) Sometimes the information requested in a Subject Access Request may contain personal data about other individuals. This can create a conflict between the right of the first individual to access information, and the right of the second individual not to have information disclosed. Where this is the case TPC Leadership will try to strike a balance between the rights of the people concerned. Where staff are concerned about this kind of situation they should contact the Managing Partner of their local office.
11.6) Any member of staff who would like to correct or request information that TPC Leadership holds relating to them should contact the Managing Partner of their local office. TPC Leadership may charge a fee for providing the requested personal data, as permitted by law. It should be noted that there are certain restrictions on the information to which individuals are entitled under applicable law.
12) Direct marketing
12.1) Staff must not make direct marketing telephone calls to people who have indicated that they do not wish to receive such calls.
12.2) Staff should not send direct marketing material to someone electronically (eg by email or SMS) unless either the person has given informed consent to receiving such materials from TPC Leadership electronically.
12.3) Before carrying out any direct marketing staff should ensure that the use of the recipients’ data for such marketing complies with the principles in paragraph five of this policy.
12.4) Staff should abide by any request from an individual not to use their personal data for direct marketing purposes and should notify the member of staff managing the direct marketing programme about any such request. Staff should contact the Managing Partner of their local TPC Leadership office for advice on direct marketing before starting any new direct marketing activity.
13) Reporting breaches
13.1) Staff have an obligation to report actual or potential data protection compliance failures to the International Chair of TPC Leadership. This allows TPC Leadership to:
13.1.1) investigate the failure and take remedial steps if necessary; and
13.1.2) make any applicable notifications.
14) Consequences of failing to comply
14.1) TPC Leadership takes compliance with this policy very seriously. Failure to comply puts both staff and TPC Leadership at risk. The importance of this policy means that failure to comply with any requirement may lead to disciplinary action, which may result in dismissal.
14.2) Staff with any questions or concerns about anything in this policy should not hesitate to discuss these with the Managing Partner of their local office or the International Chair of TPC Leadership.