GDPR regulations ensure the fair, lawful and transparent, collection, accuracy and processing of individual’s data.
The data collected and processed by Sycamore Coaching is for a specified and explicit purpose. We hold only the information required for the nature of our business, as well as associated accounting and logistical communications.
The data we collect is processed under legitimate interest or through the personally requested and agreed consent of each individual.
Questions and feedback
We welcome your questions, comments, and concerns about privacy. Please send us any and all feedback pertaining to privacy, or any other issue, to firstname.lastname@example.org.
Or, you may wish to write to us at the following address:
Sycamore Coaching Ltd,165 High Street, Honiton, EX14 1LQ
What information do we collect?
We collect information from individuals in the following situations:
Completing an online diagnostic tool
Sycamore Coaching uses a suite of online diagnostic tools that are not owned by us. The data captured on these portals are secure in their own right, and the organisations who own each diagnostic portal are GDPR compliant. If Sycamore Coaching downloads and saves any results onto our secure cloud service  to have easy access to as part of a programme or piece of work, these are deleted once the project or programme has been completed, or after 2 years.
For some clients, individual summary reports are written using the results of diagnostics and assessment/development activities. The data contained in these reports include the individual’s name and a summary of results. These may also be stored within our GSuite service and are deleted once the project has been completed, or after 2 years.
When it comes to us paying you, or you paying us, we hold organisation and banking information within our secure, password protected cloud-based accounting software, Xero. This information is updated as and when we take on new clients or suppliers, or if current clients or suppliers give us changes to their contact or banking details.
We review all data annually to ensure continued GDPR compliance.
For recruitment-based projects we may be given CV’s as part of the process. These are stored on our GSuite server and will be deleted after the project has finished, or after 2 years, whichever is sooner. They are only accessed by the Sycamore Coaching staff who are working on the project.
How long will we keep your personal data?
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected.
How do we use your information?
We may use the information we collect from you to manage your account on Xero. In the case of reports/results on individuals, this information will be passed onto the relevant client sponsor/contact, as pre-agreed at the start of a programme or project.
How do we protect information?
We implement a variety of security measures to maintain the safety of your personal information. The personal information you provide to us is contained within secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential.
Where we have given you a password or log in details which enables you to complete online diagnostics, you are responsible for keeping this information confidential. We ask you not to share a password with anyone.
What are your rights over your personal data?
You have the right to:
- Request access to the personal data we hold about you.
- Request the correction of your personal data when incorrect, out of date or incomplete.
- Withdraw your consent at any time
- Request that we stop any consent-based processing of your personal data after you withdraw that consent.
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation.
Changes to our policy
 Sycamore Coaching uses GSuite and Microsoft OneDrive– you can read about GPDR compliance for their servers here: https://cloud.google.com/security/gdpr/ and here: https://techcommunity.microsoft.com/t5/microsoft-onedrive-blog/gdpr-compliancy-with-onedrive-and-sharepoint/ba-p/191126