This Privacy Notice deals with how we collect, handle and use your data within our business. We aim to comply with the General Data Protection Regulation 2016 (GDPR) and the Data Protection Act 2018 in all respects including in the spirit of the need to treat your personal data with respect and to keep it safe. We will only collect and use your personal data in the ways that are described here, and in a way that is consistent with our obligations and your rights under the law.
Business name: Wiseup Networks Limited ("Wiseup").
Registered address: 2 Henson Grove, Timperley, Altrincham, Cheshire, England WA15 7QA.
Registered number and where registered: 11885945, Registered in England & Wales.
Contact phone: 0333 3601968.
Data subject or “you” or “your”: A data subject is an “identifiable natural living person who can be directly or indirectly identified in particular by reference to an identifier”. “Identifier” covers almost any information that we might have that could identify you as an individual. It also means that data subjects include employees/associates/ individual customers or individuals within customer organisations – any individual that our organisation holds personal data on.
Personal Data: This is any information or data relating to a data subject that can be used to identify them or is information relating to them which makes that data personal to the data subject. So, this will include names, addresses, other contact details, date of birth, driver’s license, financial information e.g. credit cards, CCTV, emails, online identifiers (provided by their devices, applications and tools such as IP addresses, cookie identifiers etc.).
Special Category Data: This includes race or ethnic origin, religion, philosophical or political opinions, health information, genetic or biometric data, sexual orientation or sex life and trade union membership. Because of the nature of Special Category Data there are special rules for lawful processing.
Data Controller: A data controller determines the purposes and means of how your personal data is processed.
Data Processor: A data processor is any person other than an employee of the data controller who processes the data on behalf of the data controller.
Data Processing: Data processing covers just about anything that we do with your personal data including both automated electronic processing and manual processing within a structured filling system including collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
This Privacy Notice explains how we, where we act as a Data Controller, use your personal data and Special Category Data and sets out how that data is collected, how it is held and how it is processed. Please note that we may at times use a third party to process your data, but they will be also bound under the rules of the GDPR that protect your personal data. This notice also explains your rights under the law relating to your data.
We can collect data in the following ways from customers who purchase from us, suppliers who we deal with and from others who interact with us via:
a) Personal Data:
We may process the following Personal Data regarding you when providing services via our online mentoring platform:
We may process the following Personal Data when providing Services that are not delivered on our online mentoring platform:
Clients: Your name and date of birth;Job title and place of work;Your contact details including email, phone, location, other contact means that you wish to use Financial information relating to payment for services Mentors:
b) Special Category Data:
We will not normally process any Special Category Data unless required to do so by you as part of a contract. PLEASE NOTE: Messages sent under Our Online Messaging System are stored by Wiseup – if you include any Special Category Data (as defined under Clause 2) then this will be processed by Wiseup and you are deemed to have given consent to this. If You do not give consent then please do not use the Online Messaging System for any Special Category Data.
The GDPR sets out 6 principles governing how we must process your personal data – it must be:
7. What Are Your Rights Concerning Personal Data?
Under the GDPR, you have the following rights, which we will always aim to uphold:
You can obtain further information about your rights from the Information Commissioner’s Office. If you have any cause for complaint about our use of your personal data, you also have the right to lodge a complaint with the Information Commissioner’s Office.
The GDPR requires us to have a lawful justification to process data. The following is a summary of the possible lawful justifications:
a) Consent of the data subject. Consent under the GDPR requires it to be:
b) Processing the data is necessary for the performance of a contract between us and the data subject. This allows the lawful processing of your personal data:
c) Processing the data is necessary for compliance with a legal obligation. This requires that the legal obligation must be laid down by either UK or EU law.
d) Processing the data is necessary for the purposes of our “legitimate interests” or those of a 3rd party including wider benefits to society. This requires us to review our legitimate interests and to ensure that they do not conflict with the fundamental rights and freedoms of the data subject.
e) Processing the data is necessary to protect the vital interests of the data subject or someone else. This is used where we would need to process your personal data to protect either your or another person’s life or wellbeing.
f) Processing the data is in the public interest.
In addition to the justifications given in section 8 for ordinary personal data the GDPR lays down more stringent requirements regarding the processing of your personal sensitive data. In this regard we will only process your Special Category Data if:
10. What Justification Do We Have For Processing Your Personal Data?
Under the GDPR, we must always have a lawful justification for using personal data. Your personal data will be used for the following purposes:
a) Clients and Mentors (including Mentor Companies):
In order to do this, we justify such processing of ordinary personal data on the basis of:
In the event that we are required to process Special Category Data then we will only do so on the basis of the justifications given above together with your explicit consent.
If you require further information on these justifications, then please contact us via [email protected].
With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email AND/OR telephone AND/OR text message AND/OR post with information, news, and offers on our products AND/OR services. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications Regulations 2003, and you will always have the opportunity to opt-out.
We will not keep your personal data for any longer than is necessary for the purposes for which it was initially collected. Data required for the fulfilment of a contract will be kept for 6 years in line with the statute of limitations for contract law. Mentor CVs will be deleted once they have been verified and accepted as a mentor.
We will only store your personal data in the UK or the European Economic Area which means that your data will be fully protected under the GDPR or the equivalent jurisdictional law.
We will not share any of your personal data with any third parties for any purposes unless:
a) We are required to do so by law;
b) We may contract with the following third parties to supply products AND/OR services to you on our behalf. These may include payment processing, delivery, and marketing. In some cases, those third parties may require access to some or all of your personal data that we hold.
If any of your personal data is required by a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the GDPR.
We may contract with third parties (as described above), and those third parties are located outside of the UK or the European Economic Area. If any personal data is transferred to a third party outside of the EEA, we will take suitable steps (including seeking your explicit consent) in order to ensure that your personal data is treated just as safely and securely as it would be within the UK and under the GDPR.
In accordance with the GDPR you are entitled to know:
Accessing such data or finding out if we have any data concerning you is known as a “subject access request” (SAR). SARs should be made in writing and sent via either email or post to the contact details given below. We have a standard Subject Access Request form for you to use which can help in making the request clear. However, you do not have to use this form if you do not wish to.
There is normally no charge for a subject access request. However, the law allows us to make a reasonable charge to cover our administrative costs if your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests).
We will respond to your subject access request within 1 calendar month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.
Cookies are small text files that we store on your computer whilst you are visiting our website. There are 4 basic types of cookie:
Since 2011 there has been a requirement for us to obtain subscribers’ or users’ consent to the use of certain types of cookie. There are 4 categories of cookie that can be used:
If you wish to contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details:
For the attention of Joe Wood
Email address: [email protected]
Telephone number: 07530208692
Postal Address: 2 Henson Grove, Timperley, Altrincham, Cheshire, WA15 7QA.
We may change this Privacy Notice from time to time to accommodate changes in the law or if we change the way we do business in a way that affects personal data protection.