Privacy & Cookies Policy for J Hill Associates
Last updated May 9 2018.
Summary of contents
J Hill Associates is committed to working ethically, including taking your privacy seriously. Our aim is that each person we communicate with feels comfortable to share their data with us and is confident that they have given their explicit permission for the ways in which we use and process that data.
This policy explains when and why we collect personal information from people e.g. from those who visit our website, send us emails, request or receive our services, or attend our events.
2. Policy changes
We may change this policy from time-to-time and updates will be uploaded onto our website.
3. What information is being collected
3.1 Personal data
Name and the contact information that you supply e.g. email addresses, telephone numbers (landline and mobile), linked-in address, Skype address, social media identifiers.
If you are an individual who is a supplier and who has also sent us an invoice, receipt or other financial document, then we will keep a copy of that invoice, which may include your bank details.
Please note that any coaching and mentoring notes taken during J Hill Associates’ coaching and mentoring programmes are held anonymously and cannot be traced back to any individual. They are also held on a storage medium separate from J Hill Associates on-line computer and telephone equipment and are therefore not backed up to the internet. These notes are destroyed at the close of the coaching or mentoring contract.
You can adjust the settings on your computer to decline any cookies if you wish. This can easily be done by activating the reject cookies setting on your computer.
3.2.1 Types of Cookies used on J Hill Associates
Used by Google Analytics to identify the numbers of unique visitors to our site over a period of time.
Used by Google Analytics to determine the visitor session times on our sites. Each time you visit a new page on the site the cookie is set to expire within 30 minutes, if it does not find an existing cookie, a new one is created.
Used in conjunction with __utmb to determine visitor sessions. This cookie does not have an expiry date, it determines whether a new session should be created based on whether you have previously closed your browser, re-opened it and come back to the site.
Used by Google Analytics to determine if the user has come directly to the site or via a search engine or email. This data is use to find out how our users arrive at our website.
4. Who is collecting it
‘We’, ‘us’ and ‘our’ includes Jacqueline Hill, the founder of J Hill Associates, and the network of associates that enable us to deliver our range of services to you. For the purposes of this and other J Hill Associate policies, individuals are considered associates for the duration of their work under contract with J Hill Associates’ clients.
J Hill Associates is based at 48, Hurst Green Road, Hurst Green, Oxted, Surrey, RH8 9AP. Jacqueline Hill is the nominated Data Protection Officer and can be contacted via email@example.com.
5. How we collect information from you
- Contact-us page on www.jhillassociates.co.uk by completing the form or clicking on the email link and cookies (click here for more information on cookies)
- During our work together (we will always ask your permission to do this at the time of storing) e.g. from emails, conversations, texts, Linked-in and Skype contacts, and collaborative work tools such as DropBox
- Through any surveys we might do during our work together, where you enter your personal data.
6. Why it is being collected and how it will be used
We will only use your personal information to provide the services you have requested from us and, occasionally:
- To make you aware of developments at J Hill Associates that we feel are relevant to your work
- To connect you with other people within our network
- To request references required by potential clients.
7. Who it will be shared with
Your personal information will be shared with associates of J Hill Associates working under contract with you for the purposes of the contract only.
We may also wish to connect you with third parties within our network for mutual learning and support purposes, or with potential clients requesting testimonials of our past work with you.
Occasionally we may share your personal information with third parties collaborating with J Hill Associates on new developments. This would be for the purposes of maintaining contact records e.g. ensuring we remove any duplication. Any communication with you will come directly and solely from J Hill Associates, unless you are already a contact registered for the purposes of GDPR with one or more of the third-party organisations.
If you are an individual who is a supplier and who has also sent us an invoice, receipt or other financial document, then we may provide those financial documents to our accountants for accounts and tax purposes.
For personal information unrelated to legal or tax purposes, we will only pass on your contact details to others with your written (email) consent.
Passing on your details will not confer any consent you have given us under GDPR to the third party, who will need to explicitly seek your permission if they wish to store or process your personal data.
J Hill Associates never sells personal data.
7.1 Third party links
Our website or platforms may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
7.2 International transfers
Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria. In the instance of third-party providers based outside the EEA, processing of your personal data may involve a transfer of data outside the EEA.
Our use of internet-based applications may result in your personal data being transferred outside the EEA in ways that are compliant with GDPR requirements. These include:
- The backup platform Live Drive (owned by j2 Global, Inc., an American publicly traded technology company based in California, USA). See www2.livedrive.com/terms-of-use , Data Protection section. We can also provide a copy of Live Drive’s Frequently Asked Questions about GDPR documentation on request.
- The survey provider Survey Monkey (a private company based in California, USA). The EU-US Privacy Shield Program is a means of legalizing the transfer of personal data from Europe to the US. SurveyMonkey is certified under and complies with the EU-US Privacy Shield Program and its principles as set forth by the US Department of Commerce and the European Commission regarding the collection, use, and retention of personal data from EU member states.
- DropBox, a file hosting service operated by American company Dropbox, Inc., headquartered in California, which we use for sharing information when working collaboratively with associates and other co-developers. For GDPR assurances from Drop Box see https://www.dropbox.com/security/GDPR.
Countries outside of the EEA do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria. In the instance of third-party providers based outside the EEA, processing of your personal data may involve a transfer of data outside the EEA. We are currently seeking assurances from Survey Monkey, Drop Box and Live Drive that they meet GDPR transfer criteria.
8. How your information is stored
J Hill Associates currently holds personal data such as your contact details:
- On Microsoft Outlook emails and contact records
- Within emails and contact spreadsheets saved to the hard drive of Jacqueline Hill’s lap top and back-up systems (back-up desk top and internet-based LiveDrive)
- Within Jacqueline Hill's contact database on her mobile telephone
- By our email hosting service.
8.1 Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Should we suspect a personal data breach, we will notify you and any applicable regulator of a breach where we are legally required to do so.
9. How you can opt-out/unsubscribe from J Hill Associates’ communications
You can opt out of/unsubscribe from receiving communication from us at any time by contacting us directly or via our website www.jhillassociates.co.uk/contact.
10. Your rights, and how to help us get it right
Under certain circumstances, you have rights under data protection laws in relation to your personal data. These include the right to:
- Request access to your personal data
- Request correction of your personal data
- Request erasure of your personal data
- Object to processing of your personal data
- Request restriction of processing your personal data
- Request transfer of your personal data
- Right to withdraw consent.
You can see more about these rights at www.ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
If you wish to exercise any of the rights set out above, please email us at firstname.lastname@example.org. Note that you will not have to pay a fee to access your personal data (or to exercise any of the other rights), however we may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within two weeks. Occasionally it may take us longer than two weeks if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.
If you have spotted a problem with how we are handling your data, please do contact us and we will do our best to resolve the issue with you. If we are unable to resolve the issue to your satisfaction you can make a formal complaint to the Information Commissioners Office (ICO) https://ico.org.uk/concerns/