Soar Counselling

Privacy Policy

This privacy policy sets out how Soar Counselling Ltd collects, uses and protects your personal information.

We are committed to ensuring that your privacy is protected and that all personal data obtained and processed by us is done so in accordance with the General Data Protection Regulations (GDPR) and UK data protection laws.

‘Personal Information’ means data that relates to a natural individual who can be identified from that information or together with other information which is held by or is likely to be held by the company. Whilst GDPR does not cover information that identifies an organisation, it does cover personal and sensitive information relating to individuals within it (e.g. directors, beneficial owners or other controlling officials).

 

Who we are

The company responsible for the processing of your personal information is Soar Counselling Ltd.

This privacy policy sets out how Soar Counselling Ltd collects, uses and protects your personal information.

We are committed to ensuring that your privacy is protected and that all personal data obtained and processed by us is done so in accordance with the General Data Protection Regulations (GDPR) and UK data protection laws.

‘Personal Information’ means data that relates to a natural individual who can be identified from that information or together with other information which is held by or is likely to be held by the company. Whilst GDPR does not cover information that identifies an organisation, it does cover personal and sensitive information relating to individuals within it (e.g. directors, beneficial owners or other controlling officials).

 

What we might collect

Data is only obtained, processed or stored when we have met the lawfulness of the processing requirements of the GDPR. We may collect the following information to effectively and compliantly carry out everyday business transactions:

  • Name and job title.
  • Addresses including all site locations.
  • Contact details including email address, mobile and landline numbers.

 

How the information is collected

Most of the personal information we hold about you is that which we collect directly from you. Personal data can be collected in one or more of the following ways:

  • When you communicate through email, phone or website.
  • When you apply to open an account.
  • Each time you purchase our products or services.
  • If you interact with us, respond to communications or surveys, or enter competitions.
  • When you accept cookies on our website.

 

What we do with the information we gather and the legal basis for processing

We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:

  • It is necessary for the performance of a contract between you and us, and essential for our legitimate interests and legal obligations including payment details.
  • To process payments and assess financial risks by carrying out credit reference checks, etc.
  • Fulfill our obligations owed to a relevant regulator, tax authority or revenue service as is necessary for compliance with our legal and regularity obligations.
  • We may use the information to improve our products and services.
  • To send communications about new products, services, company news and promotions or other information which we think you may find interesting using the email which you may have provided.

 

Information sharing

We will not pass personal data to third parties for marketing, sales or any other commercial purposes without your prior explicit consent. We only share personal data where we are required to do so by law, where it is necessary to fulfil our statutory obligations and in limited circumstances with certain third parties acting on our behalf in order to provide a service you have requested from us.

We undertake to share only information which is relevant and necessary for the provision of the relevant service. People we share your information with are obliged to keep your details securely and use them only to fulfil your request.

In limited and necessary circumstances, your information may be transferred outside of the EEA or to an international organisation to comply with our legal or contractual requirements.

If it is necessary to transfer personal information outside of the EEA, we will make sure that it is protected in the same way as if it was being used in the EEA and we will use one of these safeguards:

Transfer it to a non-EEA country with privacy laws that give the same protection as the EEA.
Put in place a contract with the recipient that means they must protect it to the same standards as the EEA.

 

Security

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.

If you suspect any misuse or loss of or unauthorised access to your personal information please let us know immediately by emailing the Data Controller at info@soarcounselling.co.uk.

 

Data breach

The GDPR defines a personal data breach as “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data”.

This includes breaches that are the result of both accidental and deliberate causes. Personal data breaches can include:

  • Access by an unauthorised third party.
  • Deliberate or accidental action (or inaction) by a controller or processor.
  • Sending personal data to an incorrect recipient.
  • Computing devices containing personal data being lost or stolen.
  • Alteration of personal data without permission.
  • Loss of availability of personal data.

 

If there is a data breach which leads to the loss of highly sensitive data and poses a risk to that data, we will notify the relevant Information Commissioner Office within 72 hours of first becoming aware of that breach. The data subject will also be notified.

 

How long do we keep personal data?

We will retain your personal data for as long as is necessary to allow us to carry out our business or where appropriate as required to be kept by law, regularity requirements or in in connection with any anticipated litigation.

 

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy policy.

You should exercise caution and look at the privacy statement applicable to the website in question and make sure you are satisfied how that information is collected and shared.

 

Your rights

Under the GDPR and the Data Protection Act (DPA) 2018 you have a number of rights with regard to your personal data. You have the right to request from us access to and rectification or erasure of your personal data, the right to restrict processing, object to processing as well as in certain circumstances the right to data portability.

You have the right to obtain access to and copies of personal information we hold about you which you have provided to us, including for the purpose of you transmitting that data to another data controller. 

You have the right to require us to update and amend personal information we hold about you which you have provided to us.

You have the right to request us not to send you marketing communication.

You have the right to request us to erase all your personal information (the right to be forgotten).

If you no longer wish to receive marketing information from us, this can be done by clicking on the unsubscribe link in the relevant marketing communication or by contacting the data controller at info@soarcounselling.co.uk.

Please note that these rights may be limited by data protection legislation, and we may be entitled to refuse requests where exceptions apply. If, for any reason, we are unable to act in response to a request for erasure, we always provide a written explanation to the reasons why.

If you are not satisfied with how we are processing your personal information, you can make a complaint to the Information Commissioner and you can find out more about your rights under data protection legislation from the Information Commissioner’s Office website: www.ico.org.uk.