Privacy Policy
This notice relates to:
Clear Thinking Consultancy Limited (CTC)
registered at
64 Grafton Road,
New Malden
Surrey KT3 3AA
www.clearthinkingconsultancy.co.uk
Kita Ikoku is the designated Data Protection Officer who is the main point of contract for data protection matters and is contactable on 07930 300 158 and kita@clearthinkingconsultancy.co.uk
1. Principles
Clear Thinking Consultancy and its associates, in the course of our work, access and store information about people for business and /or other non-household purposes; how we do this, therefore, is governed by the Data Protection Act 2018 and the General Data Protection Regulation (GDPR).
CTC is committed to ensuring that we uphold the highest professional standards in our gathering, processing and use of personal data. In this context, processing includes the collection, organisation, structuring, storage, alteration, consultation, use, communication, combination, restriction, erasure or destruction of information about people. We recognise that this is part of the fundamental right to privacy, and the right of people to have control over their identity and interactions with others.
We subscribe to the seven key principles of the GDPR: lawfulness, fairness and transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality (security), and accountability.
This policy sets out the fair and proper use of information about people, and should be updated every three years or sooner, if our role in relation to the personal data changes.
2. Responsibilities and scope of policy
The Director of CTC is responsible for updating this policy and for ensuring that CTC staff and all individuals and organisations contracted to deliver work on CTC’s behalf are aware of this policy and their respective obligations therein.
This policy applies to all CTC staff, associates and contracted organisations who are responsible for upholding this policy and implementing its procedures.
3. The type of information we have
We currently collect and process the following information:
- Personal identifiers, contacts and characteristics; this includes full names, job titles, email addresses and contact telephone numbers.
For the purposes of Ampacc, our excel-based financial analysis and costings workbook and support provision, we currently collect and process the following information relating to your organisation’s employees and other individuals providing support for the operation of your business:
- Personal identifiers, for example names, job titles and employee data such as details of pay
- Location data, for example for the full address of your organisation and location details, by unitary authority, of where your services are carried out
4. How we get the information and why we use it
The personal information we process is researched by us using publicly available sources. We also receive personal information from the following sources in the following scenarios:
1. Details of individuals researched or provided to us by our contractors for the purposes of inviting to participate in an evaluation or research contract within the parameters of our contractual obligation to our contractor.
2. Researching personal information for organisations who provide funding to enquire about the relevance of that fund, using publicly available data, on the behalf of a partner organisation to whom we have a contractual obligation to meet fundraising outputs.
3. We also carry out research to identify key contact details for organisations, using publicly available information for charities, who may be able to benefit from our services.
If we contact an individual three times without response, our policy is to mark their details on our database as ‘inactive’ and only resume contact if explicit consent has been provided by them or on their behalf.
In the course of providing our Ampacc tool, most of personal information processed is provided to us directly by you for one of the following reasons:
- Input into the excel workbook to provide a costings of your charge out rate and inform your management information to support you to produce accurate project budgets
- To contact you directly regarding your license with Clear Thinking Consultancy or with suggested updates or upgrades to your service
- To compile anonymised benchmarking data to reflect on the state of the sector’s finances on a local, regional and national level
We will not share your personal data with any third party.
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:
- Your consent. You are able to remove your consent at any time. You can do this by contacting the designated Data Protection Officer who is the main point of contact for data protection matters and is contactable on 07930 300 158 and kita@clearthinkingconsultancy.co.uk
- We have a contractual obligation
- We have a legitimate interest
5. What we do with the information and how it is stored
Information is stored within shared systems using CTC’s Sharepoint storage which the Director of CTC has sole administration rights over how it is accessed. With the exception of researched personal information for organisations who provide funding, no personal information will be shared with any third party. Personal information relating to funding will only be shared with the contractor to whom we have a contractual obligation to meet fundraising outputs.Within 30 days of the end of a contract, we ensure that all personal details relating
to that contract are removed from these shared systems. All information used for the purposes of delivering our contractual obligations is only shared between those who are expressly listed as having consent by our partner organisation
Our Ampacc workbooks are currently stored on Clear Thinking Consultancy’s Dropbox Cloud storage. This information is kept indefinitely as is used anonymously for benchmarking purposes. Within 12 months of completion, the front page, which identifies the data to the organisation will be anonymised.
6. Your data protection rights
Under data protection law, you have rights including:
- Your right of access – You have the right to ask us for copies of your personal information
- Your right to rectification – You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
- Your right to restriction of processing – You have the right to ask us to restrict the processing of your information in certain circumstances.
- Your right to object to processing – You have the the right to object to the processing of your personal data in certain circumstances.
- Your right to data portability – You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact the designated Data Protection Officer who is the main point of contact for data protection matters on 07930 300 158 and kita@clearthinkingconsultancy.co.uk if you wish to make a request.
7. How to complain
You have a right to complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Helpline number: 0303 123 111