Privacy Notice (General)
1. PURPOSE OF THIS NOTICE
This notice describes how we collect and use personal data about you, in accordance with the General Data Protection Regulation (GDPR) and any other national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK (‘Data Protection Legislation’).
This privacy notice contains important information on who we are and how and why we collect, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact us or supervisory authorities in the event you have a complaint.
Please read the following carefully to understand our practices regarding your personal data. If you are providing personal information about, or on behalf of, another person, you must make sure that you tell them what you are providing to us and make them aware of this privacy notice before passing any such personal information on to us. You must not provide any personal information to us where you do not have the right to do so.
2. ABOUT US
MEE Consultancy Limited is a Learning and Development Consultancy. We are registered in England and Wales as a limited company under number 785 3929 and our registered office is at Solar House, 282 Chase Road, London, N14 6NZ.
For the purpose of the Data Protection Legislation and this notice, we are the ‘data controller’. This means that we are responsible for deciding how we hold and use personal data about you. We are required under the Data Protection Legislation to notify you of the information contained in this privacy notice.
We have appointed a Data Protection Officer. Our Data Protection Officer is your point of contact and is responsible for assisting with enquiries in relation to this privacy notice or our treatment of your personal data. Should you wish to contact our Data Protection Officer, you can do so using the contact details noted at paragraph 8 (Contact Us) below.
3. HOW WE MAY COLLECT YOUR PERSONAL DATA AND HOW WE USE IT
Most of the personal data we process is provided to us directly by you or your employer for one of the following reasons:
-
To provide you a psychometric assessment, including a Insights Discovery Profile
-
To provide you a workshop
-
To provide you 1:1 or group coaching
We will never sell your personal data to anyone for any purposes, and we will not use your personal data for marketing purposes.
4. THE KIND OF INFORMATION WE HOLD ABOUT YOU
We may hold the following personal data:
-
First Name
-
Last Name
-
Work Email Address
-
Work Telephone/Mobile Number
-
Gender
-
Preference Data and Personality Profile
We may also hold the following two categories of personal data to provide you a Insights Discovery profile.
1. Client data
This is any personal data which is provided to MEE Consultancy directly by yourself or your employer (the ‘Client’), including your first/last names and work email address
The Client is the data controller and the MEE Consultancy is the data processor. MEE Consultancy must only process this personal in accordance with Client’s instructions and as detailed in any contract between the MEE Consultancy and the Client.
If the MEE Consultancy passes this information to Insights, then Insights can only process it the information as permitted in any contract between Insights and MEE Consultancy.
2. Evaluator data
This is the personal data which is collected directly from you when you complete the Insights Discovery Evaluator (the ‘Evaluator’). Insights is the “data controller” for all of the information you enter into the Evaluator.
Once you read and consent to the terms of the Insights’ privacy policy, the Evaluator will ask your for the following personal data from you:
-
First and last names
-
Work email address
-
Gender
-
Responses to the 25 evaluator questions (or ‘Preference Data’).
All personal data collected through the Insights Discovery Evaluator is transmitted securely over the internet using 256-bit TLS encryption protocols or better. The data is stored in the Insights Online database, on secure servers in an ISO 27001-certified data centre in the United Kingdom.
Insights has implemented security policies, rules and technical measures that match or exceed industry-standard protocols to protect your data. These security measures are designed to prevent unauthorised access, improper use or disclosure, unauthorised modification, unlawful destruction and accidental loss.
Insights will use your personal data, for the following purposes:
-
to generate your Personal Profile, and to provide a copy to you as part of a workshop or coaching facilitated by an accredited Insights Discovery Practitioner;
-
where your employer or organisation requests it, to provide them with a “Team Wheel” showing where the Wheel Positions of you and your colleagues sit in relation to each other.
Insights will grant access to the accredited Insights Discovery Practitioner who is delivering the workshop or coaching and who may produce the personal profiles. The practitioner may be an Insights’ employee, a practitioner directly employed by your employer, a MEE Consultancy employee, or another independent accredited Practitioner.
Practitioners may have administrative assistants to help them in preparing to deliver your profile to you. Administrative assistants are only permitted to handle your profile for the purpose of assisting the Practitioner, or to provide a copy directly to you.
After you have attended your workshop or coaching, Insights will keep your data on its secure servers, unless you request that they delete it. Insights use this data for the following purposes:
-
If you complete the Evaluator again later, Insight can provide your previous Personal Profile(s) to you and the accredited Insights Discovery Practitioner facilitating your next workshop or coaching. This would let you see how your preferences might be changing over time.
-
Insight may request feedback from you, and may also send you further information and tips for getting the most from your Personal Profile as you use it in your ongoing learning and development.
At your request, Insight will delete your personal data from their records. Requests for deletion of your personal data should be sent to Insight’s Data Protection Officer by email (dpo@insights.com).
5. DATA SECURITY
We have put in place commercially reasonable and appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
6. DATA RETENTION
We will only retain your personal data for as long as is necessary to fulfil the purposes for which it is collected. When assessing what retention period is appropriate for your personal data, we take into consideration:
-
the requirements of the services provided;
-
any statutory or legal obligations;
-
the purposes for which we originally collected the personal data;
-
the lawful grounds on which we based our processing;
-
the types of personal data we have collected;
-
the amount and categories of your personal data; and
-
whether the purpose of the processing could reasonably be fulfilled by other means.
At your request, we will delete your personal data from our records. Requests for deletion of your personal data should be sent to our Data Protection Officer by email (MEE@consultmee.co.uk).
7. RIGHTS OF ACCESS, RECTIFICATION, ERASURE, AND RESTRICTION
Your duty to inform us of changes
It is important that the personal data we hold about you is accurate and current. Should your personal information change, please notify us of any changes directly or via your employer.
Your rights in connection with personal data
Under certain circumstances, by law you have the right to:
-
Request access to your personal data. This enables you to receive copies of the personal data we hold about you and to check that we are processing it lawfully.
-
Request rectification of the personal data that we hold about you that that you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
-
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to object to the processing of your personal information in certain circumstances.
-
Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
-
Request that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
8. CHANGES TO OUR PRIVACY NOTICE
We may change this Privacy Policy as we may deem necessary from time to time, or as may be required by law.
9. CONTACT US
If you have any questions regarding this notice or if you would like to speak to us about the manner in which we process your personal data, please email our Data Protection Officer, Kate Pheasant – MEE@consultmee.co.uk
You also have the right to make a complaint to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues, at any time. The ICO’s contact details are as follows:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone - 0303 123 1113 (local rate) or 01625 545 745
Website - https://ico.org.uk/concerns