Consent Is Sexy (aka GDPR)
GDPR, data privacy and consent statement
Download this statement here
Last updated 10th March 2021
This statement explains how Mycelium Coaching (aka me, Jane Charlesworth) collects, stores and makes use of any personal information collected about you in connection with subscription to my email newsletter and as part of providing life coaching services, including 1:1 coaching, group coaching, workshops and webinars. This is a legal requirement under the EU’s GDPR legislation, but seeking consent is also an important aspect of my business practices and I am committed to going above and beyond legal requirements regarding protecting and securing your data and requesting consent for any marketing I may do.
Whose data do I collect?
I collect or store data from the following groups of people:
- coaching clients
- prospective coaching clients
- past coaching clients
- people who subscribe to my newsletter, including waitlists for courses.
- people who sign up to and/or attend workshops or webinars offered through this site
- people who purchase online courses or zines that I offer
What information do I collect?
As our coaching work is carried out online, I collect client email addresses, the email addresses of people who subscribe to my email newsletters, who book introductory sessions via my scheduling page or who contact me via email to discuss working together.
Note: I will NEVER add you to my newsletter without your explicit consent, and I will always ask for additional consent regarding any marketing emails for courses or offerings.
How do I process and store your data?
All personal information stored electronically will be secured by encryption and/or password protection. I use ConvertKit for my email mailing lists and you can read more about how they handle some GDPR stuff here.
Any information stored on paper (like notes from intake calls or client sessions) will be protected by restricted physical access.
I (Jane Charlesworth) am the only person who will have access to your personal information. . I am the Data Controller for Mycelium Coaching. You can contact me regarding your personal data at any time by emailing firstname.lastname@example.org
Any notes or recordings taken during our sessions together will be accessible only by myself and to you. Note that for group coaching sessions, workshops and webinar sessions, video/audio recordings and chat transcripts will be made available to all participants, and that by participating in group coaching sessions, workshops or webinars you are granting consent to this. If you do not want recordings of our sessions to be available to other participants in group coaching programmes, please contact me directly. Some webinars may be recorded and used in subsequent course materials, and in this instance the chat will not be retained or shared.
No personal information will be shared with other individuals or organisations unless it is a) at the request of the individual whose personal information it is or b) it is a legal requirement.
I use some additional software on this site to handle blog comments, payments and newsletter sign-ups. You can read more about that here.
How long will I keep personal data?
I will keep personal data for no longer than is legally necessary. Data will be kept up to date and security changes will be made as required. If I cease trading as a coach, all personal data will be deleted or destroyed.
I value your consent deeply. This means that I may send periodic emails checking in to see if you still want to receive email communications from me. If you choose to withdraw consent your personal data will be deleted.
You can ask for your data to be deleted at any time, by emailing me. I will then ensure that all your data is deleted within 14 working days.
If a data breach means that any contact or personal information has been passed to others without consent any individuals whose data has been compromised will be informed of the breach and of any further action that is required and taken to ensure the security of personal information. In the event that this happens it is also my legal obligation to inform the Information Commissioner’s office and to follow their guidance.
Your Information Rights
As in other contexts in which your data are kept on file, you have the following rights under applicable data privacy law in respect of any personal information I collect and use about you:
• The right to access and inspect your personal information or be provided with a permanent copy of the information being held about you.
• The right to request the correction of your personal information or in cases where the accuracy of information is disputed, to supplement the information or give statement that you dispute its accuracy.
• The right to request the erasure of your personal information, particularly where the continued use of the information is no longer necessary.
• The right to object to the use of your personal information, particularly where you feel there are no longer sufficiently legitimate grounds for us to continue processing the information.
• The right to object to the use of your personal information for direct marketing purposes.
• The right to request the restriction of your personal information from further use, e.g. where the accuracy of the information is disputed, and you request that the information not be used until its accuracy is confirmed.
• The right to request that some aspects of your personal information be provided to you or a third party of your choice in electronic form to enable its reuse.
• The right to object to decisions involving the use of your personal information, which have been taken solely by automated means.
• The right to complain to the relevant data protection regulator about our processing of your personal information.
If you have a question about how we are handing your data or wish to make a complaint about the way we use your personal information you should raise this with us by contacting us through one of the following options:
(a) Initially, by emailing one of the designated data controllers – see above
(b) If you are not satisfied with the way we have handled your complaint you have the right to raise the matter with the relevant data protection regulator.
The Information Commissioner’s Office Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Telephone: 0303 123 1113
The Information Commissioner’s Office – Scotland Queen Elizabeth House, Sibbald Walk, Edinburgh EH8 8FT Telephone: 0303 123 1115
Information Commissioner’s Office – Wales 2nd Floor, Churchill House, Churchill Way, Cardiff CF10 2HH
Telephone: 0330 414 6421
The Information Commissioner’s Office – Northern Ireland 3rd Floor, 14 Cromac Place, Belfast BT7 2JB Telephone: 028 9027 8757 / 0303 123 1114