Privacy Policy
Introduction
The Thrivelihood is a private company registered in England & Wales. We are committed to safeguarding the privacy of information provided to us and information about visitors to our website. The Thrivelihood is the data controller of any personal information provided to us when you use our services as set out below.
This Privacy Policy explains why and how we may collect and use information that we obtain about you, and your rights in relation to that information. It applies to personal data provided to us, both by individuals themselves and by others. Your use of our online services or your provision of information to us constitutes your acknowledgment of the terms of this Privacy Policy. Please do not send us any of your information if you do not want it to be used in the ways described in this Privacy Policy.
Personal data is any information relating to an identified or identifiable living person. When collecting and using personal data, our policy is to be transparent about why and how we process personal data. The personal data that is provided to us is provided either directly from the individual concerned, from a third party acting on behalf of, or connected to, an individual, or from publicly available sources (such as internet searches, and Companies House).
Scope of Privacy Policy
This Privacy Policy applies when we receive any personal information from you, our clients or other third-parties, including in the following circumstances:
when you request information from us or provide information to us (by whatever means, for example email, notes of telephone calls etc);
when you or the organisation you work for engages our services;
when you apply for a role or work placement opportunity, open day or recruitment event with us;
when you attend our seminars or other hosted events;
when you provide information via surveys or any other form of data collection, including on the website or through social media;
when we conduct open source searches on you in connection with our business acceptance or business development processes;
when you visit our website and online services (including any mobile apps); and
when you subscribe to our mailing list to receive publications and other marketing emails or complete any other form on the website.
Collection of data
We may collect personal information from you in the course of our business, including through your use of our Website, when you contact or request information from us, when you engage our services or as a result of your relationship with one or more of our staff and clients.
Personal data we may collect about you includes:
Your name (including prefix or title), address and telephone number;
Identification and background information provided by you or collected as part of our business acceptance processes, e.g. your date of birth or passport details;
Electronic contact details, e.g. your email address and mobile phone number;
Your title or position and your relationship to a person;
Information relating to the services for which you are engaging us;
Financial information, such as payment-related information;
I.P address and identifiers about the device if you visit our website and we store cookies, including logs of visits made;
Your publicly available social media activity or analytics on you provided by social media platforms;
Personal information provided to us by or on behalf of our clients or generated by us in the course or providing services to them, which may include special categories of data;
Details of your professional online presence, e.g. your LinkedIn profile or age & gender; and
Any other information relating to you which you may provide to us.
We may also collect special categories of data (such as race and ethnicity etc) which we will not process without your explicit consent.
This personal data is required to enable us to provide our service to you. If you do not provide the personal data we ask for, it may delay or prevent us from providing our services to you.
How your personal data is collected
We collect most of this information from you (for example, when you contact us, use our Website or by any other means). However, we may also collect information:
from publicly accessible sources, e.g. Companies House;
from a third party with your consent, e.g.: your bank or building society, another financial institution or advisor; consultants and other professionals we may engage in relation to your matter; your employer and/or trade union, professional body or pension administrators; your doctors, medical and occupational health professionals;
via our information technology (IT) systems.
How and why we use your personal data
Under data protection law, we can only use your personal data if we have a proper reason for doing so, e.g.:
to comply with our legal and regulatory obligations;
for the performance of our contract with you or to take steps at your request before entering into a contract;
for our legitimate interests or those of a third party which is not overridden by your interests or your rights and freedoms; or
where you have given consent.
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
The following section explains what we use (process) your personal data for and our reasons for doing so:
To provide our services to you for the performance of our contract with you (or the organisation you work for) or to take steps at your request before entering into a contract. Where individuals make use of our services this personal data will usually be provided to us by the individual directly, or may be from the person or organisation with whom they are in dispute. Where organisations make use of our services, the information that they provide us may also include personal data about individuals, employees or advisers who are involved in a particular matter.
Processing necessary to comply with any professional, legal and regulatory obligations that apply to our business, to comply with our legal and regulatory obligations
Ensuring business policies are adhered to, e.g. policies covering security and internet use for our legitimate interests or those of a third party, i.e. to make sure we are following our own internal procedures so we can deliver the most appropriate service to you
Operational reasons, such as improving efficiency, training and quality control for our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the most appropriate service to you
Ensuring the confidentiality of commercially sensitive information for our legitimate interests or those of a third party, i.e. to protect our intellectual property and other commercially valuable information; and to comply with our legal and regulatory obligations
Statistical analysis to help us manage and administer our business, e.g. in relation to our financial performance, client base, work type or other efficiency measures for our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the most appropriate service to you
Preventing unauthorised access and modifications to systems for our legitimate interests or those of a third party, i.e. to prevent and detect criminal activity that could be damaging for us and for you; and to comply with our legal and regulatory obligations
Client management for the purpose of assessing the needs of actual or prospective clients so we can deliver the most appropriate service to you
Updating and enhancing client records for the performance of our contract with you or to take steps at your request before entering into a contract; to comply with our legal and regulatory obligations; and for our legitimate interests or those of a third party, e.g. making sure that we can keep in touch with our clients about existing and new services
Ensuring safe working practices, staff administration and assessments to comply with our legal and regulatory obligations; and for our legitimate interests or those of a third party, e.g. to make sure we are following our own internal procedures and working efficiently so we can deliver the most appropriate service to you
Marketing our services to existing and former clients; third parties who have previously expressed an interest in our services; and third parties with whom we have had no previous dealings for our legitimate interests or those of a third party, i.e. to promote our business to existing and former clients
Processing and responding to requests, enquiries or complaints from you so we can deliver the most appropriate service to you
The data that is processed is dependent on the service that is being provided and on the recipient of this service. The above section does not apply to special category personal data, which we will only process with your explicit consent.
Promotional communications
We may use your personal data to send you updates (by email, text message, telephone or post) that might be of interest to you and/or information about our services, including exclusive offers, promotions or new services or products.
We have a legitimate interest in processing your personal data for promotional purposes. This means we do not usually need your consent to send you promotional communications. However, where consent is needed, we will ask for this consent separately and clearly.
We will always treat your personal data with the utmost respect and never share it with other organisations for marketing purposes.
We may ask you to confirm or update your marketing preferences if you instruct us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business.
Who we share your personal data with
We will not sell or swap your information with any third party. We may share the personal data that we obtain about you with the following third parties:
our clients, your professional advisers and your employers or place of business;
third parties involved in the provision of services to clients and/or any matter where necessary to carry our your instructions;
suppliers and third party service providers used by us in providing services including accounting, external document storage facilities, IT service providers, legal, financial and business consulting, website hosting and management, social media, research, banking, data processing, insurance and marketing services etc;
third party technology organisations, including cloud service providers, such as data storage platforms; financial organisations, including our bank, debt collection, credit reference and tracing agencies;
our professional advisers and insurers;
trade associations, professional bodies and business associates;
third parties with whom we have co-promotional arrangements (such as jointly sponsored events); or
third parties who carry out research and analyses of our services and products on our behalf.
We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data.
We may disclose your personal information to third parties if we are required to do so through a legal obligation (for example to the police or a government body); to enable us to enforce or apply our terms and conditions or rights under an agreement; or to protect us, for example, in the case of suspected fraud or defamation.
Please be aware that your personal information may be accessed by third parties from countries whose laws provide various levels of protection for personal data which are not always equivalent to the level of protection that may be provided in your own country. Where we transfer your information internationally we will take reasonable steps to ensure that your information is treated securely and the means of transfer provides adequate safeguards.
Some of your personal information may be stored with, and managed by a cloud service provider located in a different country to the United Kingdom.
If you have any questions in relation to the transfer of your personal information, please contact us at privacy@thethrivelihood.co.uk.
Where your personal data is held
Information may be held at our offices and those of our third party service providers, representatives and agents as described above (see ‘Who we share your personal data with’).
How long your personal data will be kept
We retain your personal data for as long as is considered necessary for the purpose(s) for which it was collected (including as required by applicable law or regulation). Where it is no longer necessary to retain your personal data, we will delete it or anonymise it.
In determining the appropriate period for the retention of personal data we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve these purposes through other means and the applicable legal requirements.
Keeping your personal data secure
We take seriously the security of all the data that we hold and we maintain a culture of confidentiality. We take precautions to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
Your rights regarding your personal information
You have a number of rights as a data subject. These include the following:
Access: The right to be provided with a copy of your personal data
Rectification: The right to request us to correct any mistakes in your personal data (for example where your personal data is incomplete or inaccurate)
Deletion: The right to request us to delete your personal data - in certain situations
Restriction of processing: The right to request the restriction of processing of your personal data - in certain circumstances, e.g. if you contest the accuracy of the data.
Processing: The right to be informed in a clear, transparent and easily understandable way about how we use your personal data.
Withdrawal of consent: The right to withdraw consent to those circumstances where we have been relying on your consent to the collection, processing and transfer of your personal data for a specific purpose.
To object: The right to object at any time to your personal data being processed for direct marketing (including profiling); and in certain other situations to our continued processing of your personal data, e.g. processing carried out for the purpose of our legitimate interests where we do not have a compelling legitimate basis for doing so which overrides your rights, interests and freedoms.
Please note that your objection (or withdrawal of any previously given consent) could mean that you may not be able to make use of the services and products offered by us. Please also note that we may be able to continue to process your personal information even after you have chosen to withdraw your consent to the extent required or otherwise permitted by law.
Further information on your rights may be obtained from the Information Commissioner’s Office. For example, see Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
If you wish to review, verify, correct or request the deletion of your personal data, object to the processing of your personal data, withdraw your consent to the processing of your personal data please contact privacy@thethrivelihood.co.uk.
Personal information we hold about you should be accurate and up to date. Please advise us of any changes to your information by email to privacy@thethrivelihood.co.uk. We will respond to your request as soon as we can.
Cookies
We use cookies on our online services.
Third Party Sites
Our Website contains links to other sites which are controlled by third parties and are not subject to our privacy policy.
If you do not want to receive marketing information from us
If you receive marketing materials relating to our services by email, you may withdraw your consent for us to send these to you at any time, by using the “unsubscribe” option included in the email. Alternatively, you can let us know your preferences by sending an email to privacy@thethrivelihood.co.uk.
How to complain
If you consider we are using your personal information in a way which breaches applicable data protection legislation, you have the right to complain to us. If we cannot resolve any query or concern you may raise about our use of your information, the General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns or telephone: 0303 123 1113. The ICO's address is: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.
Changes to this privacy policy
This privacy policy was published on 9 October 2020.
We may change this privacy policy from time to time, when we do these changes will be posted on our website and where appropriate notified to you by email.
How to contact us
Please contact us by email if you have any questions about this privacy policy or the information we hold about you by email at privacy@thethrivelihood.co.uk.