AGM Transitions (“we” or “us”) understands that your privacy is important to you and is committed to protecting and respecting it. Our business is built on and thrives on confidentiality. The Managing Partner, Mark Pearson, is the data controller for the business and can be contacted on firstname.lastname@example.org.
This policy sets out the basis on which any personal data we collect from you (our clients, prospective clients, network contacts, associates and suppliers), or that you provide us with, (including but not limited to name, contact details, information gathered as part of our sessions with you) will be stored and processed by us. Personal data is defined as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’. We will use the General Data Protection Regulation (EU Regulation 2016/679) (“GDPR”) to standardise best practice in how we process data globally.
Use of data
Any personal data we collect will only be used as permitted by law. We undertake to ensure that any data we collect, store or process is accurate, confidential, appropriate for the task and relevant. By submitting personal data to us, you agree to us using your data as follows:
To provide you with information, products or services that you request from us which we feel may interest you
To carry out our obligations arising from any contracts entered into between you and us
To notify you about changes to our service
To invite you to relevant networking events that we believe will be of interest to you
To keep a record of any correspondence with us
To comply with a legal obligation to which the data controller is subject to
For the purposes of our legitimate interests, except where such interests are overridden by your interest or fundamental rights and freedoms which require protection of personal data.
Storage and security
Any data that we hold on you in hard copy (e.g. signed contracts, session notes etc) are kept in a secure, locked filing cabinet within our locked premises.
Retention of Records
We have many clients who return to work with us after many years. We contractually commit to our clients to maintain alumnus opportunities for them over time and in this context we will maintain records for 10 years.
AGM Transitions will not disclose your personal data to third parties without first obtaining your consent except where is required to comply with an obligation, enforce our terms of business or business principles, or to protect the rights, property, or safety of us or any of our customers, or others.
Breach of Privacy
The data controller should be contacted if you consider your data has not been managed lawfully, fairly and transparently. The data controller will notify the ICO within 72 hours of any breach of privacy including any loss, alteration, unauthorised disclosure of or access to personal data which is a risk to your rights and freedoms.
Subject Access Request
If you wish to raise a subject access request to understand what data we hold on you, please contact the data controller with clear instructions about what data that we store in relation to you that you would like to have access to. There is not normally any charge for a subject access request unless your request is ‘manifestly unfounded or excessive’ and an administrative cost is incurred in responding.
We ask that any third-party providers who supply us (e.g. telephone providers, cloud storage, email and IT platforms), also comply with the GDPR in relation to your data.