Privacy Policy

Enquire here

Who we are

Name: Consulting Company Ltd, registered under 14850036
Registered office: 163 Monks Walk, Buntingford, SG9 9DU
Phone Number: 07860684668
E-mail: enquiries@caldeiraconsulting.com
Date completed 27 October 2023
The type of personal information we collect
We currently collect and process the following information:

  • Personal identifiers, contacts, and characteristics (for example, name and contact details)
  • Employee data for collective groups such as absenteeism data, productivity data, turnover rates, overtime hours, employee satisfaction surveys, computer use data
  • Customer financial information such as bank details and payment details
  • When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
  • An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

If you request a password reset, your IP address will be included in the reset email.

How we get the personal information and why we have it

Most of the personal information we process is provided to us when you have given consent. For example:

  • You have made an enquiry to us;
  • You wish to attend or have attended an event;
  • You subscribe to our newsletters or other marketing sources;
  • You have applied for a job or secondment with us;
  • You are representing your organisation;
  • You visit our website and consent to our use of cookies;
  • To deliver our consultancy programs;
  • For training and quality purposes to improve our programs;
  • For marketing and sales purposes;
  • To comply with our legal and regulatory obligation ; or
  • For the performance of a contract with you or to take steps at your request before entering into a contract
  • For our legitimate interests or those of a third party.

We also receive personal information indirectly, from the following sources in the following
scenarios:

  • From clients regarding employees
  • We have contacted an organisation, or an organisation has contacted us and it gives us your personal information
  • An individual refers to you in their correspondence with us
  • An employee of ours gives out your contact details as an emergency contact or as a referee.
  • During program sessions, information may be given by clients

We use the information that you have given us in order to conduct and deliver the programmess, review the performance of the programmes, for sales and marketing purposes and for training purposes to improve our program delivery.

We may share this information with third parties acting on our behalf as program leads and other contractors acting on our behalf to provide us with business services such as financial and marketing services.

Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are:

(a) Your consent. You are able to remove your consent at any time. You can do this by contacting Amanda Caldeira, amanda.caldeira@caldeiraconsulting.com

(b) We have a contractual obligation between us. Your information is provided to us in order for us to carry out our contractual obligations to you to perform our services.

(c) We have a legitimate interest. (A legitimate interest is when we have a business or commercial reason to use your personal data, so long as this is not overridden by your own rights and interests. We will carry out an assessment when relying on legitimate interests, to balance our interests against your own) We may contact you regarding our services and retain information for marketing purposes, to extend or offer other services and also for quality control of our products and services and for training purposes within our company.

(d) We notify you of changes to our programs and services

How we store your personal information

Your information is stored in the UK. By submitting your Personal Data, you agree to this storing and processing of data.

We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We will not keep your personal data for longer than we need it for the purpose for which it was collected. Note that different retention period applies for different types of personal data.

We will keep your personal information in accordance with our data retention policy which can be obtained from us by email given to us by you.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

INTERNATIONAL TRANSFER

It is sometimes necessary for us to transfer your personal data to countries outside the UK [and EEA]. In those cases, we will comply with applicable UK [ and EEA] laws designed to ensure the privacy of your personal data.

We will transfer your personal data to:
our service providers located outside the UK [ in [insert]]
However, note that we can only transfer your personal data to a county outside the Uk/EEA where:

  • in the case of transfers subject to UK data protection law,] the UK government has decided the particular country ensures an adequate level of protection of personal data (known as an (adequacy regulation) further to Article 45 of the UK GDPR. A list of countries the UK currently has adequacy regulations in relation to is available here.
  • in the case of transfers subject to EEA data protection laws, the European Commission has decided that the particular country ensures an adequate level of protection of personal data (known as an (adequacy decision) further to Article 45 of the EU GDPR.
    A list of countries the European Commission has currently made adequacy decisions in relation to is available here.
  • there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you, or
  • a specific exception applies under relevant data protection law

Where we transfer your personal data outside the UK we do so on the basis of an adequacy regulation however in the event where there are no regulations we cannot or choose not to continue to rely on either of those mechanisms at any time we will not transfer your personal data outside the UK unless we can do so on the basis of an alternative mechanism or exception provided by UK data protection law and reflected in an update to this policy.

Where we transfer your personal data outside the EEA we do so on the basis of an adequacy decision. In the event we cannot or choose not to continue to rely on either of those mechanisms at any time we will not transfer your personal data outside the EEA unless we can do so on the basis of an alternative mechanism or exception provided by applicable data protection law and reflected in an update to this policy

Keeping your personal data secure

We have appropriate security measures to prevent personal data from being accidentally lost or used or accessed unlawfully. We limit access to your personal data to those who have a genuine need to access it.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Your data protection rights

Under data protection law, you have rights including:

Your right of access – You have the right to ask us for copies of your personal information.

Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.

Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.

Your right to object to processing – You have the right to object to the processing of your personal information in certain circumstances.

Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at Amanda.caldeira@caldeiraconsulting.com, 163 Monks Walk, Buntingford, SG9 9DU +44 (0) 7860684668 if you wish to make a request.

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where your data is sent

Visitor comments may be checked through an automated spam detection service.

How to complain

If you have any concerns about our use of your personal information, you can make a complaint to us at amanda.caldeira@caldeiraconsulting.com

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk