top of page

Privacy Policy 

This privacy policy is served by Andy Stephenson under the website: www.calmcoaching.co.uk.

 

The purpose of this policy is to explain to you how I process, handle, and protect your personal information with Calm Coaching while you browse or use the website. If you do not agree to the following policy you may wish to cease viewing/using the website, and/or refrain from submitting your personal data to me.


I reserve the right to, from time to time, modify, change, or amend this Privacy Policy at my own discretion. Such modification change or amendment will be communicated via the Website. If you do not accept the modifications, changes, or amendments, you are to inform me by sending an e-mail to andy@calmcoaching.co.uk.


1. Policy key definitions:
​

  • “I”, “my” refers to Andy Stephenson

  • “you”, “the user” refers to the person(s) using the website

  • GDPR means General Data Protection Act

  • DPA means Data Protection Act

  • PECR means Privacy & Electronic Communications Regulation

  • ICO means Information Commissioner’s Office

  • SAR’s means Subject Access Requests

  • Cookies mean small files stored on a user’s computer or device

​
2. Key principles of the DPA and UK GDPR:
​
The GDPR mandates how I must process any personal data you submit electronically to me.


This privacy policy embodies the key principles of the DPA-GDPR which are:

 

  • Lawful and Transparent Processing of Personal Data: any personal data that you provide, must be processed in a lawful and transparent manner

  • Legitimate Purposes: Any personal data that is collected will only be processed and then used in a manner that is compatible with your initial request

  •  Integrity and Confidentiality: Personal data will be processed to ensure appropriate security, including protection against unlawful or unauthorised processing

  • Relevant Personal Data: Personal data collected will be relevant, adequate, and limited to what is necessary in relation to the purpose of the data

  • Data Storage: Personal data should be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed

​
3. Processing of your personal data:


Using the key principles of DPA-GDPR from 2 above:

 

  • Lawful basis for processing*: this will be Consent – by contacting me for advice, support or as a general enquiry and providing me with the details in 2 above, this is giving me consent to use your personal data to respond to your enquiry.

  • Legitimate Purposes: Is for the handling of any enquiries sent from users visiting thewww.calmcoaching.co.uk website

  • Integrity and Confidentiality: As I will be the only person receiving your personal data, it will be stored securely on a laptop that is password protected

  • Relevant Personal Data: The only personal data that I will collect from you is: First Name, Last Name and Email Address

  • Data Storage: Personal data will only be kept and processed until you withdraw consent, or it is deemed your consent no longer exists. All legally required documentation will be retained for a period not exceeding 7 years


*If, as determined by me, the lawful basis upon which I process your personal data changes, I will notify you about the change and any new lawful basis which then needs to be applied. I would stop processing your personal data if the lawful basis used is no longer relevant.
​
Your individual rights:
​
Under the DPA-GDPR your rights are as follows. You can read more about your rights in details here from the ICO’s website.
​
​Whilst you will be providing very little personal information about yourself (see 3 above), I will handle any SARs in accordance with the requirements of DPA-GDPR.
​
Internet cookies:
​
I only use essential Cookies for the purposes of operating the website. I do not use any advertising or marketing Cookies, nor do I use Cookies that provide information to a 3 rd Party.
​
Data security and protection:
​
As I will be the only person receiving your personal data, it will be stored securely on a laptop that is password protected. The device is secured when not in use and contains up to date anti-virus and anti-malware software.
​
Marketing:
​
I will not use your personal data for any marketing purposes.
​
Resources & further information:
​

  • The ICO’s Overview of the GDPR – General Data Protection Regulation

  • Gov.UK Data Protection Act 2018

  • Gov.UK Privacy and Electronic Communications Regulations 2003

bottom of page