Privacy Policy
Triskelion Associates (UK) Limited (“we“ or "us") are committed to protecting and respecting your privacy.
This notice sets out the basis on which any personal data we collect from you, that you provide to us, or that we obtain about you from other sources, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will use it. By visiting our website, or by providing us with any information about yourself, you are accepting and agreeing to the practices described in this notice.
For the General Data Protection Regulation (Regulation (EU) 2016/679, the “GDPR”) as amended or replaced from time to time (“Data Protection Law”), the data controller is Triskelion Associates (UK) Limited, a company registered in England and Wales with company number 09086539 whose registered office is at 11a Horton Road, Slapton, Bucks, LU7 9DB.
Our Data Protection Officer is Iain Holliday, contactable at by email at iain.holliday@btinternet.com
If you have any queries relating to our collection or use of personal information, please contact us.
We will collect and process the following data about you
Information you give us …
This is information about you that you give us by filling in forms on our website (“our site“) or third party hosted sites (e.g. surveymonkey) or by corresponding with us by phone, e-mail or otherwise. It includes information you provide when you send us an email, call us, register for any purpose on our sites, give us your details at an event, submit an enquiry, request a call-back, use our products and/or services, make a complaint to us, report a problem with our sites or services, and when you apply for a role with us. The information you give us may include your name, address, e-mail address, phone number, work details, education details. As part of work to assist organisations in selecting candidates for awards and development programmes, this could include personal information that you provide in your CV. If you apply for a job with us, then it will include all personal information that you provide in your CV and/or application. If you provide any information about any other individuals such as colleagues or next of kin, you warrant to us that you are entitled to provide that information to us and to authorise us to process it on the same basis as we will process the rest of the data you provide about yourself.
Information we are given or collect about you …
Regarding each of your visits to our sites we will automatically collect the following information:
-
technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform
When working with individuals and organisations, we often find it necessary to gather personal details from you through such channels as our:
-
website
-
email correspondence
-
online surveys and other trusted third parties
-
verbal exchanges
To work with people and build relationships and an appreciation of their work context, we usually need to collect names, contact information and basic employment details such as department or job titles and length of service. When working with individuals for coaching purposes or selection for development programmes, employers may provide us with background information such as operational and personal performance data such as that found on appraisals. Depending on the service we are delivering to you or your company, we may also ask for your length of employment and professional performance goals, health, dietary or any other information we need to be aware of such as disabilities and allergies.
When delivering coaching or mentoring services, we may receive sensitive information through discussions with your coach or mentor. These relationships are bound by strict confidence, and any information retained by us is treated accordingly.
Personal data we obtain is collected in a few key ways - disclosed by the individual; by an authorised third party (i.e. employer) on the individual's behalf; obtained from a linked system or database or it can be generated through user interaction with systems/services.
Where your data is provided to us by an authorised third party such as your employer (i.e. in the form of course delegate lists), it is the third party’s responsibility to ensure they have the correct lawful basis in place to share this data with us.
The purposes of processing personal data
Your data may be used for several purposes including, but not limited to:
-
perform necessary administrative tasks in fulfilment of our contract with you, or your employer, to deliver learning & development programmes
-
assess the quality and effectiveness of our learning & development
-
ensure your safety while working with you
-
legal obligations of the business
-
statistical and marketing analysis
-
customer surveys
You will always be told what we intend to do with any personal data we collect from you, however the principal reasons are to:
-
to carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request from us
-
to provide you with our services where we are contracted to do so by, for example, your employer;
-
to provide you with information about other products and services we offer that compliment those that you have already purchased or enquired about;
-
to provide you with additional information about us or our services that we feel may be of interest to you. If you do not want us to use your data in this way, please tick the relevant box situated on the form on which we collect your data or let us know by contacting us using one of the methods set out in this notice;
-
if you are a “consumer” to send you marketing communications only where we have the relevant consent as required by applicable law;
-
to notify you about changes to our services;
-
to process and deal with complaints or enquiries;
-
to seek feedback in order to improve the services we offer;
-
where you have applied to work with us, to evaluate and manage your application, and if you are successful, to arrange and manage your work with us.
More specifically, these may take the form of the below likely scenarios:
-
For delegates attending a development programme that Triskelion Associates (UK) Limited is contracted to deliver we may need to provide your personal data to:
-
An Approved Practitioner (an associate or independent practitioner authorised to deliver Triskelion Associates (UK) Limited programmes)
-
A Client Practitioner (a colleague in your organisation authorised to deliver Triskelion Associates (UK) Limited programmes) if you are enrolled on a programme delivered by either party for learning & development. Either of these scenarios may involve transmitting your data to a different country.
-
Triskelion Associates (UK) Limited will only keep data for as long as is necessary to meet these purposes. We will never share, sell, or rent individual personal information to an external party without your advance permission, or unless ordered by a court of law. The personal data you provide to us is only available to relevant employees and contracted service providers.
Keeping personal data secure
Our website and online services are protected by firewalls and we have implemented security policies, rules and technical measures to protect the data in our control. These security measures are designed to prevent unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss.
Any information you provide us with when using our services is stored centrally on secure hard drives. Direct access to these databases is restricted to authorised personnel and their appointed agents only. We have taken every reasonable step to ensure that your personal data is always held securely, and that access to these are closely monitored. We use security measures to protect against the loss, misuse and alteration of data within our systems.
Please be aware however, that no internet or email transmission is ever fully secure or error free. You should take special care in deciding what personal data you send to us via email and keep this in mind when disclosing any personal data to us via the internet.
Controlling your personal data
Any personal data we collect from you or we generate because of your interaction with our systems and services belongs to you. Under the data protection laws in the UK you therefore have the right to know if your data is being processed, why and for how long.
We also uphold other rights you hold under the data protection act, namely:
-
The right to request that errors in your personal data processed by us is amended or corrected
-
The right to the deletion of personal data if it is no longer required or you withdraw consent
-
The right to object to processing which could cause damage or distress, or where you may be evaluated or subject to decisions based on automated processing
-
The right to request a copy of the personal data you have provided to us
If any of the information that we hold is incorrect or incomplete, please contact our data information officer, Iain Holliday at iain.holliday@btinternet.com to query any aspect of our data processing procedures.
Data Breach
We have a procedure in place if a breach of security leads to accidental or unlawful disclosure, access to, loss, personal data transmitted, stored or otherwise.
If a breach occurs, we will assess the scope and impact of the breach. Based on the assessment of the likely risks, we will
-
Notify the individuals and/or the connected organisations that a data breach has occurred
-
Notification to individuals will be carried out as soon as possible and will include the following information:
-
Nature of the breach
-
Name and contact details of Data Protection officer
-
Likely consequences of the breach
-
Measures taken by Triskelion Associates (UK) Limited to address it
-
Recommendations for affected individuals to mitigate any adverse effects
-
Individuals will also be provided with advice on how to contact the ICO
If Triskelion Associates (UK) Limited is required to inform the ICO of the breach, we will do so within 72 hours of becoming aware of essential facts of the breach. Such notification must include:
-
your name and contact details
-
date and time of breach
-
date and time, we detected it
-
basic information about the breach
-
basic information about the personal data concerned
-
Who has access to your personal data
The data we collect about you is generally accessed only by Triskelion Associates (UK) Limited authorised employees for legitimate business purposes and for providing services as part of a contract. However, if we work with partners or contractors, they may have limited access to your personal data but only, so they can do their job.
For example, if a delegate has completed a personality diagnostic, the profile produced from this data will not be shared with anyone else without their prior consent. During the programme the accredited facilitator leading the session will perhaps request to share some of the delegate’s information from their profile with the group, however this is their personal choice and done so at their own discretion.
The following outlines who has access to your personal data and under what circumstances
-
Triskelion Associates (UK) Limited employee facilitators and other staff who are involved in arranging and delivering the services you request
-
An Associate/Approved Practitioner who is contracted by Triskelion Associates (UK) Limited to provide services to you on our behalf, and therefore bound under terms within their contract relating to confidentiality and privacy that is to the same standard as Triskelion Associates (UK) Limited employees
How long we hold data
Triskelion Associates (UK) Limited hold personal data for an appropriate period. We have internal guidelines as to how long we retain information detailed in our Data Retention policy. This specifies that we will need to keep certain information about employees, clients, suppliers and other individuals or organisations we interact with over the course of business to carry our certain business functions for up to six years to monitor and improve quality of our service, for our records and to meet certain legal and compliance requirements.
In summary, client personal data will be held for as long as the individual or their employer is in receipt of services from Triskelion Associates (UK) Limited, plus up to a maximum of 6 years.
Links from our website
Our website may contain hyperlinks to other websites. However, once you have used these links to leave our site, you should note that we do not have any control over the other websites and are not therefore responsible for the privacy practices of such other websites.
If you submit personal data and other information to a website to which we link, we are not responsible for its protection and privacy. Always exercise caution when submitting data to websites. Read the sites data protection and privacy policies fully.
Contacting Us
If you have any questions regarding this Policy, please contact iain.holliday@btinternet.com