sheridan worldwide
Data Protection and Privacy Policy
Introduction
This Policy describes the ways in which Sheridan Worldwide collects, processes and protects the
personal data of individual and associates (collectively, “personnel”) and individual clients.
We take our responsibilities and obligations to protect the personal data of our personnel and clients very seriously. The measures we take to this end are monitored and reviewed in order to meet our professional responsibilities and the needs of our clients and to protect the personal data of our personnel.
In line with the transparency requirements of Articles 13 and 14 of the EU General Data Protection Regulation (“GDPR”), this Privacy Notice sets out the following information:
- Identification of the Data Controller;
- Contact Details of our Data Protection Officer;
- Sources of Personal Data;
- Categories of Personal Data Processed; Purposes and Legal Bases for our Processing of Personal Data;
- Retention of Personal Data;
- How We Share Your Data within the business and with Third Parties;
- Rights of Individuals in Relation to their Personal Data.
1. Identification of the Data Controller
The principal data controller for your personal data is Sheridan Resolutions Ltd t/a Sheridan Worldwide.
Our Dublin office operates as a joint controller in regard to some processing activities relating to the personal data of our personnel and clients. It will collaborate with our other office as necessary, to respond to any requests by data subjects to exercise their rights under the GDPR, as set out in Section 8 below.
Our main establishment for purposes of compliance with the GDPR is Sheridan Resolutions Ltd t/a Sheridan Worldwide, Level 30, The Leadenhall Building, 122 Leadenhall Street, London, EC3V 4AB. Company no. 7946371 | VAT no. 132372931
2. Contact Details of Sheridan Resolutions Ltd. t/a Sheridan Worldwide
Sheridan Worldwide is a trading name of Sheridan Resolutions Ltd. Registered Company Number: 07946371
The core business of Sheridan Worldwide is the provision of leadership strategies, executive coaching and mentoring, inclusion and wellbeing, resolution and mediation services to corporate clients and does not involve the large-scale processing of personal data.
The contact details for any GDPR-related enquiries are as follows:
By post: Data Protection Officer
Sheridan Resolutions Ltd. t/a Sheridan Worldwide Level 30, The Leadenhall Building
122 Leadenhall Street London EC3V 4AB England
By email: caroline.sheridan@sheridanworldwide.com
Please direct all general communications or queries relating to this Privacy Notice or the Company’s compliance with the GDPR to our DPO. With regard to the exercise of data subject rights under the GDPR, a specific email address is provided in Section 8 below for the convenience of individuals wishing to submit a data subject request.
3. Sources of personal data
Personal Data Provided by You
The Company collects personal data directly from its personnel and clients for a variety of purposes outlined below. The data may be provided electronically, in writing or verbally. You will be asked for relevant information when you begin your relationship with the Company, whether as associate or client.
If you elect not to provide us with your personal data of if you provide incomplete personal data that is necessary for the performance of our contract with you, or to fulfil a legal obligation, we may not be able to engage in, or continue, a contractual relationship with you.
Personal Data Generated by Us
The Company may process data that includes your use of e-mail and other IT systems for security and IT maintenance purposes.
Personal Data Received from Third Parties
The Company may receive personal data from your colleagues or supervisors in the context of coaching or mediation assignments as well as from the clients with which you work. We may also receive personal data from third parties that provide services to us.
4. Categories of Personal Data Processed; Purposes and Legal Bases For The Company’s Processing of Personal Data
We process various categories of personal data for the purposes discussed above and identified in this section. Our legal basis for doing so will vary with the type of data processing activity involved, and will typically include the following:
- where necessary for us to carry out our responsibilities under the associate agreement or coaching, mediation or leadership development contract to which you are a party;
- where necessary for us to pursue our legitimate interests or those of our clients, provided that those interests are not overridden by your interests, fundamental rights and freedoms; or
- where necessary for us to comply with our legal obligations.
On some occasions, we may rely on your consent in cases where you are given a clear option to accept or reject the processing activity in question.
Your personal data will not be used for automated decision-making or profiling.
If the processing of your personal data is a statutory or contractual requirement, we will point out whether you are obligated to provide the personal data and/or authorise us to process it, and the possible consequences of your failure to do so, at the time of data collection.
The data processing activities identified below cover the most important areas relevant to our personnel and clients. Processing activities that are infrequent, limited in purpose or specific to a particular client may be addressed in supplemental notices.
Associate Management
The categories of personal data that the Company processes about associates, for this purpose, include the following:
• Identification data (such as name, and place of residence), fee data, telephone number, bank account details and emergency contact information (name and phone number of the contact person.
Associate Management |
|
We may use your personal data to: | Our lawful basis for doing so is: |
Establish a contractual relationship with you. | Necessary for performance of our contract with you. |
Manage that relationship | Compliance with legal obligations where data collection is required by law. Otherwise, as necessary for performance of our contract with you. |
Finance – Accounts Payable and Processing of Bank Account Details
The categories of personal data that the Firm processes about you, for this purpose, include the following:
- Name, bank account
Finance – Accounts Payable and Processing of Bank Account Details | |
We may use your personal data to: | Our lawful basis for doing so is: |
Maintain the Firm’s accounting system and to provide payment(s) to personnel. | Necessary for performance of our contract with you. |
Operation of Proprietary or Licensed Information Technology (“IT”) Systems
The categories of personal data that the Company may process about you, for this purpose, include the following:
- Name, email address, business contact information,
Business Development and Marketing
The categories of personal data that we process about you, for this purpose, include the following:
- Name, position, phone number, email address, photos and details provided in your professional
Business Development and Marketing |
||
We may use your personal data to: |
Our lawful basis for doing so is: |
Our legitimate interests in doing so are: |
Administer our business development activities such as publishing articles on blogs, Maintaining the marketing materials Publishing or sharing your professional CV with clients, potential clients, conference organisers, etc. |
Legitimate interests. |
To promote our brand (and your own profile) and make clients and potential clients aware of our international and local services and qualifications, prepare proposals to clients for requested services, etc. |
5. Retention of Personal Data
It is our general policy to retain key personnel records until the end of your association with us as well as to cover the relevant statutory period and, where applicable, the duration of any relevant legal proceedings.
6. How We Share Your Personal Data Within the Company and With Third Parties
The purposes for which we share personal data relating to our personnel or clients with trusted third- party vendors and business partners, are set out below.
Intra-Group
Relevant personal data concerning individual clients and our personnel are shared with authorised personnel in order to manage and administer our business.
Third Parties
We may also share the personal data of our clients and personnel with trusted service providers (processors) pursuant to contractual arrangements with them, which will include appropriate safeguards to protect any personal data that we share with them. The data recipients may include, for example, IT service providers, accountants, marketing and events management platforms.
As client, your personal data may also be shared with our associates and other business partners, acting as independent data controllers, to provide services to you. These companies may include, for example: accountants; telecommunications and conference companies; travel agencies, hotels, etc.
7. Rights of Individuals in Relation to Their Personal Data
The GDPR and Data Protection Act 2018 provide various rights to data subjects subject to certain conditions. These include the right subject to certain statutory exceptions to require us to:
- provide details about the personal data that we process, and obtain a copy of the data that we hold about them;
- correct or update their personal data;
- transmit personal data that the data subject has provided to us, in machine readable format, to another party;
- erase the data that we hold about them;
- restrict a processing activity; and
- limit or discontinue processing:
- decline to consent or withdraw your consent, if consent is the basis for processing your personal
In some cases, the exercise of these rights (for example, erasure, objection, restriction or the withholding or withdrawing of consent to processing) may make it impracticable or impossible for us to achieve the purposes identified in Section 0 of this Privacy Notice in relation to your engagement as client or associate with our business and in such circumstances we will not be obliged to continue with that engagement.
To assist us in complying with our obligation to maintain the accuracy of your personal data, please notify us in writing of any changes to your personal data. Where you have notified us, or we otherwise become aware of, an inaccuracy in your information, we will take appropriate steps to rectify the inaccuracy.
Anyone wishing to assert his or her rights under the GDPR should address the relevant request to: By post: Caroline Sheridan
Sheridan Worldwide
Level 30, The Leadenhall Building 122 Leadenhall Street
London EC3V 4AB England
By email: caroline.sheridan@sheridanworldwide.com
You also have the right to submit a complaint concerning the processing of your personal data to the appropriate supervisory authority.