Privacy Policy

This Privacy Notice sets out how The Clear Thinking Partnership Ltd (the Data Controller) collects and uses your personal data.  When we refer to “we”, “us” “our” or “controller” in this Privacy Notice we mean The Clear Thinking Partnership Ltd.

Our Privacy Notice is structured in a way for you to easily find the specific details of what we do with your personal data, depending on which processing activity you want to find out more about.

Part 1 of our Privacy Notice is information we must tell everyone regardless of your relationship with us.  The remaining parts give specific information on how we use your personal data for each of the different processing activities we undertake.

PART 1 – GENERAL INFORMATION

Our contact details

The Clear Thinking Partnership Ltd is the data controller for the personal data we process about you.

You can contact us regarding the use of your personal data via the following ways:

  • Postal Address:
    The Clear Thinking Partnership Ltd,
    13 Rossall Road,
    Thornton Cleveleys,
    Lancashire, FY5 1AP
  • Telephone: 07896 558416 / 07730 571442
  • Email: hello@clearthinkinguk.com 

 

Our Data Protection Officer Contact Details.

We are not legally obliged to appoint a Data Protection Officer under UK GDPR.  However, a member of our team does oversee our data protection compliance with the UK General Data Protection Regulation, the Data Protection Act 2018 and other relevant privacy laws (e.g. the Privacy & Electronic Communication Regulations 2003).  The various ways you can contact us to discuss any data protection issues or concerns are shown in the “Our contact details” section.

How we get your personal data

We obtain your personal data either directly from you or indirectly from publicly available sources or third parties.

Directly

We obtain personal data directly from you.  This is when you have directly given your details to us, examples of when you may do this include when you:

  • enquire about our products/services;
  • purchase any of our products/services;
  • opt in to receive our newsletters/discounts/promotional offers/etc;

 

If we have met you at a networking event, business club or some other form of social meeting you may have provided your business card details to us.

Indirectly

Generally, we do not collect any personal data about you from publicly available sources or third parties.

However, there may be occasions when we have obtained your details by word of mouth referrals, for example another business has given us your details or introduced us to each other.

 

The legal basis to process your personal data

When gathering and using your personal data we must have a legal basis to do so – this is a requirement of data protection law.

The legal basis we rely on to process your personal data varies depending on the processing activity undertaken.  The full details of the processing activities we undertake along with the legal basis we rely on to process your personal data are given in the specific Parts of this privacy notice.

Where we process your personal data for us to comply with a legal/regulatory requirement we will rely on the legal basis of “legal obligation” as the processing is necessary for us to fulfil our legal obligation to which we are subject to.

 

Your rights

Depending on the purpose and legal basis we rely on for processing your personal data, there are various rights available to you.  You can:

  • access the personal data we keep about you and be given specific information about the processing.  This right always applies regardless of the processing activity we undertake.  
  • ask us to rectify personal data we hold about you that you think is inaccurate.  This right always applies regardless of the processing activity we undertake. 
  • ask us to delete your personal data.  This right only applies in specific circumstances. 
  • ask us to restrict the processing of your personal data.  This right only applies in specific circumstances apply. 
  • object to the processing when we have relied on legitimate interest to undertake that processing activity and you believe we have infringed your rights. 
  • transfer your personal data from us to another service provider or give it to you.  This right only applies to personal data you have given to us and when the processing is based on your consent or contractual basis and the processing is automated. 

We do not undertake any solely automated decision making, including profiling, about you.

To find out more about how to exercise your rights please refer to the guidance on the Information Commissioner’s Office website.

You do not pay a fee to us to exercise any of your rights.  However, if your request is manifestly unfounded or excessive, we may either charge a reasonable fee or refuse the request.

We shall respond to a valid request within one month of receiving it.

If you wish to exercise one of your rights, please contact us via one of the methods shown in the “Our contact details” section.

 

How to make a complaint about us to the Information Commissioner’s Office

If you are not happy with how we are processing your personal data or you believe we have not dealt with one of your rights correctly you are entitled to make a complaint to the Information Commissioners Office (ICO).  The ICO has several ways in which you can get in touch with them, including post, email, and online forms.  For full details how to make a complaint please refer to their website.

 

Sharing your personal data with other businesses

We do not share, sell or rent your personal data to third parties for them to use for their own marketing purposes.

We may share information in the following ways:

  • with third party businesses who help us fulfil our services/delivery of goods to you; and
  • with other businesses who we deliver our services in partnership with;

 

Using data processors

We may use data processors to help us fulfil the delivery of our services or products to you.

When we do use other businesses to process personal data on our behalf (these are known as data processors) we ensure we have appropriate GDPR compliant contracts in place with each one. 

The data processor is not allowed to do anything with your personal data other than what we have instructed them to do with it. They will not share your personal data with any business apart from us, unless they are required to do so by law. They will hold it securely and retain it for the period we instruct.

Our data processors include:

  • Website host providers;
  • Email host providers;
  • Card payment provider;
  • Accountant;
  • CRM provider;

 

Transferring personal data outside of the UK

Sometimes it is not possible for us to store or process your personal data wholly in the UK.  When your personal data does need to be transferred or stored outside of the UK we make sure we comply with the specific requirements set out in UK GDPR for us to undertake this.  We will only transfer personal data outside of the UK when one of the following provisions are in place to safeguard your personal data:

  • An “adequacy decision” is in place with the country where the personal data is being transferred to. 
  • The UK has “adequacy regulations” in relation to the following countries and territories:
    • The European Economic Area (EEA) countries;
    • EU or EEA institutions, bodies, offices or agencies;
    • Gibraltar;
    • Countries, territories and sectors covered by the European Commission’s adequacy decisions (in force at 31 December 2020).
  • An “appropriate safeguard” as set out in UK GDPR is in place. These include standard contractual clauses and binding corporate rules.
  • An “exception” as set out in UK GDPR can be relied on if there is no adequacy decision or appropriate safeguard in place. For example, we could rely on your explicit consent to make the transfer of personal data.

 

Children’s information 

We do not collect and process personal data relating to children.

 

Cookies

Please refer to our Cookie Policy for more information.

 

Links to other websites

Our website may provide links to websites of other organisations.   Our Privacy Notice does not cover how those organisations process your personal data when you visit their website.  We advise you to read their Privacy Notices.

 

Changes to our Privacy Notice

We keep our Privacy Notice under review to ensure it remains accurate and up to date and we reserve the right to modify this policy at any time.  Changes to this policy will be posted on our website and you should endeavour to review the policy frequently.

If you have any questions about our Privacy Notice, please contact us via one of the ways shown in the “Our contact details” section.

This Privacy Notice was last updated on 8th July 2021.

 

IF YOU MAKE MEANINGFUL ENQUIRIES ABOUT OUR SERVICE OR PURCHASE ONE OF OUR SERVICES

What personal data do we need?

When you use one of our services we need to collect the following type of personal data from you:

  • Full name
  • Postal address
  • Email address
  • Telephone numbers (landline and/or mobile)

 

How do we get your personal data?

We gather your personal data directly from you when you either enquire about our services or enter into a contract with us to purchase one of our services.

 

Why do we need your personal data and which legal basis do we rely on for the processing?

We use your personal data to:

  • provide information, at your request, on the services we offer;
  • provide the service package you have purchased;
  • provide updates regarding the service we are providing to you; and
  • send you marketing information relating to our services in general and the work we do.

 

The legal basis we rely on for these purposes are:

Contractual obligation (GDPR Article 6(1)(b))

The services we provide to you are done so under contract or with a view to entering into a contract with you.  We require certain information from you to enable us to fulfil our contractual obligation.  If you are not able to provide all the information we need we may not be able to provide the service to you and the arrangement may be terminated.

Legitimate interests (GDPR Article 6(1)(f)

GDPR allows us to use legitimate interests for direct marketing purposes in certain circumstances.  We have undertaken a legitimate interest assessment, which balances our business purposes for the processing against your right to privacy.  The outcome of the balancing test justifies our use of legitimate interests for this purpose as it would not be an unreasonable expectation for anyone who either enquired about our services with a view to purchasing them, or is an existing customer using our services to receive information from us about our services.

This also complies with e-Privacy laws, currently the Privacy & Electronic Communication Regulations 2003, which governs how a business can undertake electronic direct marketing.  We can rely on soft opt-in for “individual subscribers” for email marketing to prospective and existing customers.  We do not need consent or soft opt-in for “corporate subscribers”.

We always give you the opportunity to object to receiving marketing communications from us, when we first collect your personal data and with every marketing communication thereafter.

 

How long do we keep your personal data?

When we have concluded the provision of our service to you we will keep your data for a period of 3 years before it is securely disposed.

Marketing contact details are held for as long as you want to remain on our marketing contact list.

 

Do we use any data processors?

Yes, we use the following data processors to deliver our service to you:

  • Mailchimp
  • Google
  • Paypal
  • reCaptcha
  • Dropbox
  • iCloud
  • Website Provider

 

Who do we share your personal data with?

Your personal data is used by internal employees, contract staff and business associated for the purposes as set out in ‘why we need your personal data’.

 

IF YOU PURCHASE ANY OF OUR MERCHANDISE/GOODS WE SELL ONLINE (including ordering by telephone)

What personal data do we need?

When you purchase one of our products we need to collect the following personal data from you:

  • Full name
  • Postal address
  • Billing Address
  • Email address
  • Telephone number (landline or mobile)

 

How do we get your personal data?

We gather your personal data directly from you when you enquire about our products or place an order with us to purchase one of our products.

 

Why we need your personal data and the legal basis we rely on for the processing

We use your personal data to:

  • provide information, at your request, about the products we offer;
  • send you with the products you have purchased;
  • provide any updates regarding the products you have purchased; and
  • send you marketing information relating to our products in general and the work we do.

 

The legal basis we rely on are:

Contractual obligation (GDPR Article 6(1)(b))

The products we sell to you are done so under contract or with a view to entering into a contract with you.  We require certain information from you to enable us to fulfil our contractual obligation.  If you are not able to provide all the information we need we may not be able to provide the products to you and the arrangement may be terminated.

Legitimate interests (GDPR Article 6(1)(f)

GDPR allows us to rely on legitimate interests for direct marketing purposes.  We have undertaken a legitimate interest assessment, which balances our business purposes for the processing against your right to privacy.  The outcome of the balancing test justifies our use of legitimate interests for this purpose as it would not be an unreasonable expectation for anyone who has enquired about our products or made a purchase to receive news and information from us.

This also complies with e-Privacy laws, currently the Privacy & Electronic Communication Regulations 2003 (PECR), which governs how a business can undertake electronic direct marketing.  We can rely on soft opt-in for “individual subscribers” (as defined by PECR) to undertake email marketing to both existing and prospective customers. 

We always give you the opportunity to object to receiving marketing communications from us, when we first collect your personal data and with every marketing communication thereafter.  You can change your marketing preferences at any time by clicking the “unsubscribe” link in the marketing email you receive.

 

How long do we keep your personal data?

We keep product purchasing data for a period of 3 years from the date you make a purchase from us.

Marketing contact details are held for as long as you want to remain on our marketing contact list.

 

Do we use any data processors?

Yes, we use the following data processors to deliver our service to you:

  • Paypal

 

Who do we share your personal data with?

Your personal data is used by internal employees and contract staff for the purposes as set out in ‘why we need your personal data’

 

IF YOU ATTEND ONE OF OUR TRAINING/WORKSHOP SESSIONS

What personal data do we need?

We need to collect some or all of the following information from you:

  • Name of individuals attending the training / workshop session;
  • Additional details of individuals who are attending the training / workshop session, this may include:
    • Email address;
    • Telephone number;
    • Job title;
    • Accessibility requirements;
    • Dietary requirements (if refreshments are being served);
    • Other information as necessary for accredited training courses
  • Organisation name and postal address;
  • Name of individual we are liaising with at your organisation;
  • Contact details of individual we are liaising with at your organisation; and

 

How do we get your personal data?

We will gather your details either directly from you or we will obtain your details from the individual who is liaising with us from your organisation to arrange the training.

 

Why do we need your personal data and which legal basis do we rely on for the processing?

We need your personal data to:

  • provide you with information about our training packages at your request;
  • enter into a contract with you to enable us to provide the chosen training package to your organisation;
  • deliver the training package to your staff members who are attending the training;
  • process financial transactions relating to the purchase of the training package;

 

The legal basis we rely on are:

Contractual obligation (GDPR Article 6(1)(b))

The data we obtain to process your enquiry about our training packages is necessary in order to take steps at your request prior to entering into a contract with you.

The data we obtain to process your order to deliver one of our training packages to your organisation and to provide you with service updates in relation to that order is necessary for the performance of a contract to which you have entered into.

We require certain information from you to enable us to fulfil our pre-contractual and contractual obligations.  If you are not able to provide all the necessary information we need we may not be able to process your enquiry or provide our training services to you.

 

How long do we keep your personal data?

We keep records relating to provision of training for 3 years from when the training took place.

 

Do we use any data processors?

Yes, we use the following data processors to deliver our service to you:

  • Mailchimp
  • Trello
  • Dropbox
  • Ticket Tailor
  • Zoom
  • Microsoft Teams
  • DeckHive
  • Miro

 

Who do we share your personal data with?

Your personal data is used by internal employees and contract staff for the purposes as set out in ‘why we need your personal data’

If you have any secondary purposes such as adding contact details to your mailing list you need to add this to this section.  You can refer to the text in “IF YOU MAKE MEANINGFUL ENQUIRES ABOUT OUR SERVICES OR PURCHASE ONE OF OUR SERVICES” section.

 

 

IF YOU JUST WANT TO RECEIVE OUR NEWSLETTERS, MARKETING, PROMOTIONAL OFFERS, etc

What personal data do we need?

To receive marketing communications from us we need the following personal data:

  • Full name
  • Email address

 

How do we get your personal data?

We gather your personal data directly from you when you sign up to receive marketing information from us.

 

Why we need your personal data and the legal basis we rely on for the processing

We need your personal data to be able to send you relevant news about us and our services and products, etc that you have subscribed to receive.

 

The legal basis we rely on is:

Consent (GDPR Article 6(1)(a)

By submitting your contact details to receive marketing from us you have given your consent for us to use your personal data for this purpose.

You always have the right to withdraw your consent to receive marketing, you can do this by clicking the “unsubscribe” link in the marketing email you receive.

 

How long do we keep your personal data?

Marketing contact details are held for as long as you want to remain on our marketing contact list.

 

Do we use any data processors?

Yes, we use the following data processors:

  • Mailchimp
  • Google
  • Paypal
  • reCaptcha
  • Website Host
  • TicketTailor

 

Who do we share your personal data with?

Your personal data is used by internal employees and contract staff for the purposes as set out in ‘why we need your personal data’

 

IF YOU ARE ONE OF OUR SUPPLIERS OR CONTRACTORS

For us to pay you for the service or goods you have provided to us we need to collect and use a small amount of information about you and your business, this is also likely to include some information about the individuals who work at your business.  The personal data we are likely to need is:

  • Your business name;
  • The name (first and last name) of the person who we are liaising with at your business (in some cases this may be several staff members details);
  • Business postal address;
  • Business email address;
  • Business telephone number;
  • Business mobile number;
  • Bank details to enable payment to be made;

 

How do we get your personal data?

We obtain your data directly when we start to use your services or have purchased goods from you.  We gather the relevant information from you to enable us to process payment to you for those services and goods.

We also obtain some data, such as your business name and contact details, indirectly from publicly available sources or recommendations from 3rd parties to enable us to contact you to enquire about the services and goods you provide prior to us making a purchase.

 

Why we need your personal data and the legal basis we rely on for the processing

We need your personal data to either enquire about the services or goods you provide that we may be interested in purchasing or to make a purchase.  We then use your personal data to pay for those goods and services when you invoice us or to raise any queries about the payment.

 

The legal basis we rely on are:

Contractual obligation (GDPR Article 6(1)(b))

The services or goods you have provided to us are done so under contract or with a view to entering into a contract (i.e. we have asked you for a quote for the goods or to undertake the service for us).

We require certain information from you to enable us to fulfil our part of the pre-contractual and contractual obligations, e.g. we need to have certain information to make the purchase and to process payment.  If you are not able to provide all the necessary information for us to do this, we will not be able to purchase the goods or services you provide or be able to make payment once purchased.

Legal obligation (GDPR Article 6(1)(c))

We have a legal obligation to pay for any services or goods we have purchased.

 

How long do we keep your personal data?

We keep all financial data (which includes supplier information) for 6 years from end of the financial year it relates to.

 

Do we use any data processors?

Yes, we use the following data processors:

  • Mailchimp
  • Zoom
  • Microsoft teams

 

Who do we share your personal data with?

Your personal data is used by internal employees and contract staff for the purposes as set out in ‘why we need your personal data’

 

The Clear Thinking Partnership Ltd,
13 Rossall Road,
Thornton Cleveleys,
Lancashire, FY5 1AP

Company Reg No: 058993953