Customer Transformation Privacy Policy July 2019

We take customer privacy very seriously and this document summarises the key points.

Key Customer Messages:

  • We collect and hold a range of personal data about our existing and prospective clients and suppliers
  • We only use personal data if we’ve got a legitimate reason for doing so. Communications will be relevant and proportionate and this will typically be limited to maintaining appropriate business relationships with people and organisations
  • Because we’re a limited company, where we’ve communicated with people in the past, we may hold onto personal data for up to six years
  • Any information held is solely for the use of Customer Transformation and is never shared with third parties

People can ask us about the personal data we hold and, under some circumstances, ask us to delete it.

Anyone who has any questions about privacy can just ask us.

Customer Transformation Policy:

Customer Transformation is a UK-based consultancy run by Martin Knowles. We have a range of clients ranging from individuals with whom we hold mentoring relationships up to international organisations where we are engaged on formal contracts.

We are a customer-focused organisation, placing a high priority on client satisfaction and reputation and our management of personal data is but one aspect of that focus.

Where do we obtain personal data?

  • Social media platforms (e.g. LinkedIn), where contact data is typically shared by other members upon request
  • Business organisations (e.g. networking groups, industry bodies), where membership and attendee lists may be available
  • Business events, where introductions are made and very often business cards exchanged

What data do we hold?

  • Personal data is ordinarily limited to name, address and contact number/email. Business connections are prioritised, but on occasion personal details may be shared and kept
  • Information is usually held in electronic form (typically laptop), though certain documents may also be in hard copy. Storage is at the Company’s registered office, namely Midhurst, Blind Lane, Bourne End. Bucks. SL8 5LF, but details may routinely be taken away from the office on electronic devices (laptop, phone)
  • Notes of meetings and conversations may be kept in hard copy (e.g. notebook) or electronically (e.g. CRM system), which may in turn be kept on cloud-based systems
  • Systems are cleaned after six years to ensure that out of date information is removed and files deleted. This was last conducted on March 31st 2020
  • It is assumed that social media platforms (e.g. LinkedIn) are complying with GDPR and any other relevant Privacy regulation. It is equally assumed that anyone accepting an invite on such platforms has explicitly granted agreement for Customer Transformation to hold personal details shared via the platform
  • It should be noted that LinkedIn connections are with Martin Knowles rather than with Customer Transformation as an organisation and as such may fall outside the scope of this policy
  • Customer Transformation data is never shared with any other third-party organisations

We have completed the assessment process on the ICO website and, as we don’t process data, do not need to register.

What is this information used for?

  • Information is used in compliance with the GDPR regulations and only for legitimate and proportionate reasons
    • Internal record keeping
    • To improve our events and services
    • We may periodically send promotional emails about news events, special offers or other information which we think clients may find interesting using the email address which they provided
    • We may also use information to contact clients for market research purposes. We may contact them by email, phone or mail

What rights do clients have?

Clients may at any time request amendments to certain personal information that is incorrect or irrelevant or to request that we block, erase or otherwise remove personal information by contacting us. They can exercise this right at any time or follow any “unsubscribe” instructions included in our marketing materials.

  1. Right of Access: Clients have the right to access stored personal information on production of appropriate identification. Right of access can be exercised in accordance with GDPR, i.e.
    • Free of charge
    • Within one month of a request
    • In an electronic format if the request is made electronically
    • If the request is “manifestly unfounded or excessive”, for example because the request is repetitive, we can charge a reasonable fee, considering our administrative costs, or we can refuse to respond. If we refuse, we are obliged to explain and inform the client who can complain to the Information Commissioner’s Office (ICO)
  2. Right to Rectification: The right to have information corrected if it’s inaccurate, out of date or incmplete. On request we will:
    • Inform the individual about third parties that have received their data
    • Inform those third parties that the data is being rectified, where possible
    • Comply with a request for rectification within on month
    • If we deide not to act following a request for rectification, we shall explain why and inform them of the compliant procedure to ICO or bring a complaint before a court
  3. Right to Erasure: The right to be forgotten, whereby a request to remove data when there’s no reason to continue processing it can be exercised. We shall also inform third parties, which we have sent such data to, that we are erasing it, unless it’s impossible or will involve a disproportionate effort. However, the right to be forgotten is only under specific circumstances. This includes:
    • Where processing data is no longer necessary for the purpose it was first collected
    • When an individual has objected to having their data processed or has withdrawn consent
    • If the data was unlawfully processed, so is in breach of GDPR

It’s important to know that in certain circumstances, we can refuse a request to erase such data. This includes if it’s being processed to comply with a legal obligation for performing a task that’s been carried out in the public’s interest. Other examples include refusal for public health purposes, or the exercise of legal claims

Cookie Policy

  • Like most websites, we use cookies in order for the site to function correctly.
  • By continuing to use our site, you accept the use of these cookies. You can find out more about cookies here.