Privacy Notice
Last updated: 3rd October 2024
1.1 The Strategy Sessions (“we”, “us”, or “our”) respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, store, and protect your information when you visit our website [www.thestrategysesssions.co.uk], use our services, or engage with us in any way.
1.2 We may sometimes need to update this Privacy Notice, to reflect any changes to the way our goods are provided or to comply with new business practices or legal requirements. You should check this Privacy Notice regularly to see whether any changes have occurred.
2 WHO WE ARE
2.1 We are The Strategy Sessions, registered in England and Wales with company number 16275922 and registered address at 29, The Hill Avenue, Worcester WR5 2AW (we, us or our).
2.2 For all visitors to our Website and for users who engage with our services, we are the controller of your information (which means we decide what information we collect and how it is used).
3 CONTACT DETAILS
3.1 If you have any questions about this Privacy Notice or the way that we use information, please get
in touch using the following details: jules@thestrategysessions.co.uk
4 THE INFORMATION WE COLLECT ABOUT YOU
4.1 Personal data means any information which does (or could be used to) identify a living person. We have grouped together the types of personal data that we collect, and where we receive it from, below.
4.2 Type of personal data:
Identity Data: your first and last name. Contact Data: your email address. Feedback: information and responses you provide when completing surveys and questionnaires. Marketing and Communication Data: includes your preferences in receiving marketing from us and our third parties and your communication preferences.
5 HOW WE USE YOUR INFORMATION
5.1 We are required to identify a legal justification (also known as a lawful basis) for collecting and using your personal data. There are six legal justifications which organisations can rely on. The most relevant of these to us are where we use your personal data to: fulfil our contract with you; and/or comply with a legal obligation that we have.
5.2 Below is set out the lawful basis we rely on when we use your personal data. If we intend to use your personal data for a new reason that is not listed below, we will update our Privacy Notice.
5.2.1 Contract
To administrate or perform our contract with you;
To process your payment information in connection with any contract we have with you;
To send you updates about the services you have bought (eg, confirmation of order, arrival time).
5.2.2 Legal Obligation
Recording your preferences (eg, marketing) to ensure that we comply with data protection laws. Where we send you information to comply with a legal obligation (eg, where we send you information about your legal rights). Where we retain information to enable us to bring or defend legal claims.
5.3 Where we need to collect your personal data (for example, in order to fulfil a contract we have with you), failure to provide us with your personal data may mean that we are not able to provide you with the services. Where we do not have the information required about you to fulfil an order, we may have to cancel the service ordered.
6 WHO WE SHARE YOUR INFORMATION WITH
6.1 We will never sell your personal data. We may share it with: Trusted service providers (e.g. email hosting, analytics, CRM tools), Professional advisors (accountants, legal counsel), Regulators, if legally required. All providers must keep your data secure and act in line with data protection law.
7 WHERE YOUR INFORMATION IS LOCATED OR TRANSFERRED TO
7.1 We store your personal data on our servers in the UK.
7.2 We will only transfer information outside of the UK or EEA where we have a valid legal mechanism in place (to make sure that your personal data is guaranteed a level of protection, regardless of where in the world it is located, eg, by using contracts approved by the ICO or the UK Secretary of State).
7.3 If you access our Website whilst abroad then your personal data may be stored on servers located in the same country as you or your organisation.
8 HOW WE KEEP YOUR INFORMATION SAFE
8.1 We use technical and organisational measures to protect your data against loss, misuse, or unauthorised access.
8.2 If there is an incident which has affected your personal data and we are the controller, we will notify the regulator and keep you informed (where required under data protection law). Where we act as the processor for the affected personal data, we notify the controller and support them with investigating and responding to the incident.
8.3 If you notice any unusual activity on the Website, please contact us jules@thestrategysessions.co.uk
9 HOW LONG WE KEEP YOUR INFORMATION
9.1 Where we act as the controller, we will only retain your personal data for as long as necessary to fulfil the purposes we collected it for.
9.2 To decide how long to keep personal data (also known as its retention period), we consider the volume, nature, and sensitivity of the personal data, the potential risk of harm to you if an incident were to happen, whether we require the personal data to achieve the purposes we have identified or whether we can achieve those purposes through other means (eg, by using aggregated data instead), and any applicable legal requirements (e.g. minimum accounting records for HM Revenue & Customs).
9.3 We may keep Identity Data, Contact Data and certain other data (specifically, any exchanges between us by email or any other means) for up to seven years after the end of our contractual relationship with you.
9.4 If you browse our Website, we keep personal data collected through our analytics tools for only as long as necessary to fulfil the purposes we collected it for.
9.5 If you have asked for information from us or you have subscribed to our mailing list, we keep your details until you ask us to stop contacting you.
10 YOUR LEGAL RIGHTS
10.1 You have specific legal rights in relation to your personal data.
10.2 We can decide not to take any action in relation to a request where we have been unable to confirm your identity (this is one of our security processes to make sure we keep information safe) or if we feel the request is unfounded or excessive. Usually there is no cost for exercising your data protection rights, but we may charge a fee where we decide to proceed with a request that we believe is unfounded or excessive. If this happens we will always inform you in writing.
10.3 We will respond to your legal rights request without undue delay, but within one month of us receiving your request or confirming your identity (whichever is later). We may extend this deadline by two months if your request is complex or we have received multiple requests at once. If we need to extend the deadline, we will let you know and explain why we need the extension.
10.4 We do not respond directly to requests which relate to personal data for which we act as the processor. In this situation, we forward your request to the relevant controller and await their instruction before we take any action.
10.5 If you wish to make any of the right requests listed below, you can reach us at jules@thestrategysessions.co.uk
10.6 Your rights include:
Access: You must be told if your personal data is being used and you can ask for a copy of your personal data as well as information about how we are using it to make sure we are abiding by the law. Correction: You can ask us to correct your personal data if it is inaccurate or incomplete. We might need to verify the new information before we make any changes.
Deletion: You can ask us to delete or remove your personal data if there is no good reason for us to continue holding it or if you have asked us to stop using it (see below). If we think there is a good reason to keep the information you have asked us to delete (e.g. to comply with regulatory requirements), we will let you know and explain our decision.
Restriction: You can ask us to restrict how we use your personal data and temporarily limit the way we use it.
Objection: You can object to us using your personal data if you want us to stop using it. If we think there is a good reason for us to keep using the information, we will let you know and explain our decision. Portability: You can ask us to send you or another organisation an electronic copy of your personal data. Complaints: If you are unhappy with the way we collect and use your personal data, you can complain to the ICO or another relevant supervisory body, but we hope that we can respond to your concerns before it reaches that stage. Please contact us at jules@thestrategysessions.co.uk