Our policy

It’s important to us that we respect and protect your privacy, including how we look after it, and what we do with the data we hold about you. This policy sets out how we aim to do this.

Protea Solutions Limited is registered as a data protection fee payer with the Information Commissioner’s Office (ICO).

About us

Protea Solutions was founded to help bring together consultancy support and a range of services. With over 20 years of experience within human resources, we’re dedicated to helping businesses empower people. You can find more information about us on our website: https://proteasolutions.co.uk/about-us/

How to contact us

If you have any questions about how we collect and use your information not covered in this privacy notice, or if you wish to speak to someone about our approach to data protection and privacy, please contact us via email to: marionhewitt@proteasolutions.co.uk

Personal data we may collect and process

 We collect personal data in several ways depending on how you may interact with us (e.g. if you’re a client, use our website, send us an email, etc.). The information you provide is used to carry out the administration relating to the services we provide, to communicate with you regarding enquiries and to manage appointments and events and run our business.

We set out here the kind of personal data we may collect and process about you depending on how you interact with us.

Visitors to our website

Where we collect personal data via our website (https://proteasolutions.co.uk/), we will be upfront about it, and it will be obvious to you that you’re providing personal data and how we will be using it.

We may collect data from you via our website in different ways:

General visitors to our website

When you visit our website, we will collect certain information about your visit. This information is non-identifying and will include information about what pages you visited, how you accessed the website (e.g. the kind of device), what web browser you used, etc. We cannot identify you from this information, and it is common for websites to collect this kind of information.

Information collected via online forms

If you click through to a contact form (e.g. the “Get in touch” button found on most of our pages, or the “Unleash the power today” form) we will collect the minimal amount of information needed. For example, clicking on “Get in touch” will take you to an online form, so you can book some time with us, and we will collect your name and email address, and if you provide it your address, phone number and additional comments. This information will be used purely for the purposes of responding to your interest in our services.

Our use of cookies

When you first visit our website, you will be prompted by our cookie banner about our use of cookies. You have the option to accept all cookies, reject all cookies or customise your options.

By default we use several essential cookies which are necessary for the functioning of our website, otherwise you will be offered the choice as to whether you wish to accept cookies or reject them.

That said, we only use two types of cookies:

Google Analytics

When someone visits our website, we make use of the Google Analytics service to collect standard information about visitors to the sites and their behaviour (e.g. what pages they viewed). The data provided by Google Analytics is anonymised and in no way enables us to identify individual visitors, however, Google Analytics will place a cookie on your device to enable the service. For more information about how Google Analytics cookies work on websites visit: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage.

You can also opt out of the use of Google Analytics across all websites: http://tools.google.com/dlpage/gaoptout.

Hotjar

We also make use of the Hotjar to help us better understand our website users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our website. The service uses cookies and other technologies to collect data on our users’ behaviour and their devices (for example, your device’s IP address, device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website).

The data provided by Hotjar is anonymised and in no way enables us to identify individual visitors, however, Hotjar will place a cookie on your device to enable the service.

For further details, please see the Hotjar privacy policy by clicking on this link https://www.hotjar.com/legal/policies/privacy/. You can also opt-out to the creation of a user profile, storing of data about your usage of our site, and Hotjar’s use of tracking cookies on other websites by following this link https://www.hotjar.com/policies/do-not-track/.

Security of data collected and processed via our website

Should you provide any information via our website either by visiting it or filling out an online form, because we utilise SSL (https) any data you submit is encrypted and therefore protected.

People who receive our newsletters

If you join our email list (via the MPZMail link on the website) you will be asked to submit your name and email address to join the list, and to opt-in to receive the newsletter. We will only use this information for this purpose, and you can unsubscribe at any time.

We use MPZMail to manage our newsletter email list and to send out our newsletters.

If you contact us

Online forms

If you fill out one of our website forms (e.g. the “Get in touch” button found on most of our pages, or the “Unleash the power today” form) the information you submit will be sent to us in an email and processed via our email service provider, which will mean a copy of your email will be stored on any device we use to access our emails. Depending on the form used, the information will also be processed by our form service provider (see below regarding our use of third-party service providers).

We will use the information you submit to respond to your enquiry and will not use the information for any other purpose unless it is lawful for us to do so.

To take one of our services

For our general training / coaching customers, all correspondence is managed via email, and therefore stored and processed via our email service provider and on the devices, we use to access email. We require this information to provide the services to you.

People who contact us via email

Your email will be stored in our email program via our email service provider and on the devices we use to read and process our emails. We use a third-party filtering option to protect our business from unsolicited or harmful emails, but otherwise they are only processed by our email service provider and ourselves. We will use the information you submit to respond to your enquiry and will not use the information for any other purpose unless it is lawful for us to do so.

Our use of social media

If you contact us via social media, we will contact you via direct message and depending on the reason for your contact we may suggest we continue the conversation via email or record your details for further contact in our customer management systems.

We may also reach out to you directly via social media or choose to connect with you if you attend one of our training courses.

Customer data

If you sign up via our website to the Unleashing You programme

The information you provide is processed and stored by an application running within our website. It will be used for the purposes of providing the service and the data will be kept within the website application for as long as lawfully required or allowed (e.g. for tax purposes, or as a legitimate interest to maintain information about the services we have provided). Any payment information you supply is not stored on the website or by us, as it is managed by our third-party payment provider.

We may also add you to our email list which it is lawful for us to do as a legitimate interest. And we may add your details to our customer management system to maintain information about you as a customer.

If you register and attend one of our events

If you sign up for one of our free events, (e.g. via Eventbrite or other event management system), the information you submit to reserve a ticket is used for the management of the event and to keep you updated about the event, in the lead up to the event, and afterwards.

This information is stored within the event management system as part of your use of the Eventbrite account system, and we keep a copy on our devices for the management of the event.

If you participate in associate training

Your information may be passed to us by your employer to allow us to engage with you before, during and after the training, including so we can send you the course materials, and support you during the training.

If you participate in our mental health training via MHFA

You register for the training via the MHFA website. We have access to this information, specifically your name, email and occasionally phone number. We do not keep copies of this information on our own systems but will use the information before, during and after the training, to run the course and support you throughout, including adding your details to our newsletter email list, where it is lawful for us to do so.

If you are a coaching customer

If you make use of our coaching services as well as maintaining the minimal information about you for the purposes of running the coaching sessions (e.g. name, email, phone, and associated notes) we will also keep a record of your coaching hours. It is a legal requirement for us to keep such data, according to the EMCC’s rules.

Supplier or contractor data

If you are one of our suppliers, we will collect the minimal information about you and your services as required to make use of your services and deal with invoices and payments for your services. Such information will be stored within our accounting package for the purposes of our accounts and will be retained accordingly.

Individual employees within our business may also retain your contact details within their email application or via business cards that you may provide to us.

Retention of personal data

Unless stated elsewhere in this document or in our terms of services (for customers) we only store the data necessary to provide the services we provide to you, answer your enquiry, etc.. We will keep this data for as long as it is lawful for us to do so (this may be for as long as you are a customer or because of a legal obligation to retain the information, whichever is the longest.

Third party processing

We do not share any personal data with any third parties unless it is lawful for us to do so, if required by law to do so or if you provide us with permission to do so. We may need to share it to comply with legal obligations.

We also make use of several third-party cloud-based services for the purposes of effectively running our business and providing our services. We also use third-party organisations, e.g. accountants, virtual assistant, etc.

In all cases where we are using a third-party service or company, we will only provide the minimal amount of information for the purposes of delivering the service to us and to meet our requirements.

We always carry out due diligence against all our third-party suppliers for the purposes of ensuring their compliance with data protection, maintaining adequate security of your data, and ensuring they apply adequate data protection principles to the processing of the data we supply. We also make sure a legally binding contract (sometimes called a Data Processing Agreement or DPA) is also in place to protect your data.

Data security

Data retained on electronic systems are saved on password protected systems, with cloud based back up storage. Anti-virus software is also used to protect our systems and info. Where data is transmitted, we will take reasonable steps to ensure it is treated securely. Unfortunately the transmission of information through the internet is not completely secure, so whilst it cannot be guaranteed, we will follow our procedures to try to prevent any unauthorised access. Data kept as paper records are protected and stored securely to prevent unauthorised access.

Your rights

Under current data protection legislation in the UK, you have rights as an individual which you can exercise in relation to the data we store and process about you. You can find more information about your rights on the Information Commissioner’s website: https://ico.org.uk/for-the-public/

If you would like to exercise your rights, or if you have any questions, please use the following contact details: marionhewitt@proteasolutions.co.uk

How to withdraw consent and object to processing

Where we are processing your data and needed to ask your permission to do so, you can withdraw your consent at any time. If you wish to stop receiving our marketing emails or newsletter, you can do so, by clicking on the “unsubscribe” link at the bottom of the email or by contacting us.

You should also contact us, if you wish to raise concerns about the way we are processing your data or would like to raise an objection to the processing.

Keeping your data up to date

It is important that any of your data that we process is kept up to date. We will from time to time ask you to verify your contact details but if you wish to update any information we hold about you, please contact us with your updated details.

Erasure of your data (the “right to be forgotten”)

Under some circumstances you may request us to delete your data from our systems. Where this is possible (e.g. we don’t have any legal purpose for continuing to process your data) we will erase it from our systems. If it’s not possible for us to delete your data, we will explain the reasons why.

Portability

Your right to portability allows you to request a machine-readable format of the data you supplied to us and associated service logs (where we store them).

Access to your data (a Data Subject Access Request)

You have the right to ask us about what data we hold about you, how we process it and to ask us to provide you with a copy of the information, free of charge and within one calendar month of your request.

To make a request for any personal information we hold and process about you, we would prefer it if you could put it in writing or in an email to the addresses above. We will need to verify your identity before providing the information and where necessary may contact you further to ensure we understand what data you are requesting.

Complaints

If you feel this privacy notice does not go far enough in explaining how we have used your personal data, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to marionhewitt@proteasolutions.co.uk

If you want to make a complaint about the way we have processed your personal information, we’d rather you brought it to us in the first instance, but of course you can contact the Information Commissioner’s Office in their capacity as the statutory body that oversees data protection law in the UK – https://ico.org.uk/make-a-complaint/

More information

For more information about your data rights and privacy or data protection in general visit the Information Commissioner’s Office website: https://ico.org.uk

Changes to our privacy notice

We may change or update elements of this privacy notice from time to time or as required by law.