Privacy Policy

Liberate Management Training is a brand of People Law Ltd.

Introduction

We take your privacy very seriously. Please read this privacy policy carefully as it contains important information on who we are and how and why we collect, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact us or supervisory authorities in the event you have a complaint.

We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK General Data Protection Regulation (UK GDPR) and Data Protection Act of 2018.

This Privacy Notice applies to all users of this website and clients of our services.

Key Terms

We, us, our: People Law Ltd (including Liberate Management Training as a brand within People Law Ltd)
Our Data Protection Lead: Darren Stevens, CEO. You can contact him on 01622 933547 or by email at datahelp@peoplelaw.legal
Personal data: Any information relating to an identified or identifiable individual
Special category personal data: Personal data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership; genetic and biometric data (when processed to uniquely identify an individual); data concerning health, sex life or sexual orientation
Data subject: The individual who the personal data relates to

Personal Data We Collect

Personal data we will collect:

Your name, address and telephone number
Information to enable us to check and verify your identity, e.g. your date of birth or passport details
Electronic contact details, e.g. your email address and mobile phone number
Information relating to the matter in which you are seeking our advice or representation
Information to enable us to undertake an identity, credit or other financial checks on you
Your financial details so far as relevant to your instructions
Information about your use of our IT, communication and other systems, and other monitoring information, e.g. if using our secure online client portal

Personal data we may collect depending on why you have instructed us:

Your National Insurance and tax details
Your bank and/or building society details
Details of your professional online presence, e.g. LinkedIn profile
Your employment status details including salary and benefits
Your nationality and immigration status and information from related documents
Details of your pension arrangements
Your employment records including records relating to sickness and attendance, performance, disciplinary, conduct and grievances
Your racial or ethnic origin, gender and sexual orientation, religious or similar beliefs
Your trade union membership
Your medical records

Information collected through our website:

Basic contact information from enquiry forms and newsletter sign-ups
Business information such as company details, employee count, industry sector
Marketing preferences and communication records
Technical Data such as IP address, browser type, operating system, device information
Usage Data such as pages visited, time spent on pages, links clicked, referring website

We collect and use this personal data to provide legal services, consultancy services, and management training. If you do not provide personal data we ask for, it may delay or prevent us from providing those services.

How Your Personal Data is Collected

We collect most of this information from you directly or via our secure online client portal. However, we may also collect information:

From publicly accessible sources, e.g. Companies House or HM Land Registry
Directly from a third party, e.g. sanctions screening providers, credit reference agencies, identity verification services, client due diligence providers
From a third party with your consent, e.g. your bank, other financial institutions, consultants, your employer, trade union, doctors, medical professionals
Via our website through cookies (for more information on cookies, please see our Cookie Policy)
Via our information technology (IT) systems, e.g. case management, document management and time recording systems, automated monitoring of our website and other technical systems

How and Why We Use Personal Data

Under data protection law, we can only use your personal data if we have a proper reason, e.g.:

Where you have given consent
To comply with our legal and regulatory obligations
For the performance of a contract with you or to take steps at your request before entering into a contract
For our legitimate interests or those of a third party

A legitimate interest is when we have a business or commercial reason to use your personal data, so long as this is not overridden by your own rights and interests.

We use your personal data for the following purposes:

Delivering HR consultancy, legal services and management training
Managing client relationships and contracts
For the operation of client accounts
To provide and improve products and services
For information updates and marketing purposes
For dealing with queries, complaints or claims
Responding to enquiries and consultations
Sending service updates and important notices
Understanding how our website is used
Analysing service effectiveness
Developing new services and features
Ensuring website security and preventing fraud
Meeting regulatory requirements
Responding to legal requests
Protecting our legal rights and interests
Processing enquiry forms and initial consultations
Managing newsletter subscriptions and sending HR updates, insights and industry news (with your consent)

Special Category Personal Data

Certain personal data we collect is treated as a special category to which additional protections apply under data protection law. Where we process special category personal data, we will also ensure we are permitted to do so under data protection laws, e.g.:

We have your explicit consent
The processing is necessary to protect your (or someone else's) vital interests where you are physically or legally incapable of giving consent
The processing is necessary to establish, exercise or defend legal claims

Marketing

We will use your personal data to send you updates (by email, text message, telephone or post) about our services, including exclusive offers, promotions or new services.

We have a legitimate interest in using your personal data for marketing purposes. This means we do not usually need your consent to send you marketing information. If we change our marketing approach in the future so that consent is needed, we will ask for this separately and clearly.

You have the right to opt out of receiving marketing communications at any time by:

Contacting us at datahelp@peoplelaw.legal
Using the 'unsubscribe' link in emails or 'STOP' number in texts

We will always treat your personal data with the utmost respect and never share it with other organisations for marketing purposes.

Who We Share Your Personal Data With

We routinely share personal data with:

Third parties we use to help deliver our services to you, e.g. payment service providers, warehouses and delivery companies
Other third parties (to the minimum extent necessary) that we use to help us run our business, e.g. marketing agencies, accountants, bookkeepers, IT professionals or website hosts
Third parties approved by you, e.g. social media sites you choose to link your account to or third party payment providers
Credit reference agencies and identity verification service providers
Our insurers and brokers
Our bank

We only allow those organisations to handle your personal data if we are satisfied they take appropriate measures to protect your personal data.

We or the third parties mentioned above occasionally also share personal data with:

Our and their external auditors, e.g. in relation to the audit of our or their accounts, in which case the recipient of the information will be bound by confidentiality obligations
Our and their professional advisors (such as lawyers and other advisors), in which case the recipient of the information will be bound by confidentiality obligations
Law enforcement agencies, courts, tribunals and regulatory bodies to comply with our legal and regulatory obligations
Other parties that have or may acquire control or ownership of our business (and our or their professional advisers) in connection with a significant corporate transaction or restructuring

We do not sell, trade, or rent your personal information.

Where Your Personal Data is Held

Personal data may be held at our offices and those of our third party agencies, service providers, representatives and agents as described above.

Some of these third parties may be based outside the European Economic Area.

Transferring Your Personal Data Out of the UK and EEA

The EEA, UK and other countries outside the EEA and the UK have differing data protection laws, some of which may provide lower levels of protection of privacy.

It is sometimes necessary for us to transfer your personal data to countries outside the UK and EEA. In those cases we will comply with applicable UK and EEA laws designed to ensure the privacy of your personal data.

We will transfer your personal data to our service providers located outside the UK in the USA or Canada.

Under data protection laws, we can only transfer your personal data to a country outside the UK where:

The UK government has decided the particular country ensures an adequate level of protection of personal data (known as an 'adequacy regulation')
There are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you
A specific exception applies under relevant data protection law

How Long Your Personal Data Will Be Kept

We will not keep your personal data for longer than we need it for the purpose for which it is used.

As a general rule, if we are no longer providing services to you, we will delete or anonymise your account data after seven years. However, different retention periods apply for different types of personal data and for different services:

Client Records: 6-7 years after the end of our business relationship (for legal and tax purposes)
Marketing Contacts: Until you unsubscribe or request deletion
Website Analytics: 26 months (Google Analytics default)
Web enquiry forms and initial consultations: 12 months from last contact (or until you request deletion), or 6 years if you become a client
Newsletter subscriptions: Until you unsubscribe or request deletion
Prospective client communications: 12-24 months from last contact (unless you request deletion or become a client)

Following the end of the relevant retention period, we will delete or anonymise your personal data.

Keeping Your Personal Data Secure

We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your personal data will do so only in an authorised manner and are subject to a duty of confidentiality.

We implement appropriate technical and organisational measures to protect your personal data, including:

Encryption of data in transit and at rest
Regular security assessments and updates
Access controls and authentication measures
Staff training on data protection
Incident response procedures

However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

We also have procedures to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Your Rights

You have the following rights, which you can exercise free of charge:

Right of access - the right to ask us for copies of your personal information
Right to rectification - the right to ask us to correct or delete personal information if believed to be inaccurate or incomplete
Right to erasure - the right to ask us to delete personal information in certain circumstances
Right to restriction of processing - the right to ask us to restrict the processing of personal information in certain circumstances
Right to object to processing - the right to object to the processing of personal information in certain circumstances
Right to data portability - the right to ask that we transfer the personal information given to us by an individual to another person in certain circumstances, or receive your data in a structured, machine-readable format
Right to withdraw consent - where processing is based on consent

For more information on each of those rights, including the circumstances in which they apply, please see the Guidance from the UK Information Commissioner's Office (ICO) on individuals' rights under the General Data Protection Regulation.

If you would like to exercise any of those rights, please:

Email, call or write to us (see 'How to contact us' below)
Provide enough information to identify yourself (including your full name, address and client or matter reference number if applicable) and any additional identity information we may reasonably request from you
Let us know what right you want to exercise and the information to which your request relates

Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information.

How to Complain

Please contact us if you have any queries or concerns about our use of your personal data (see below 'How to contact us'). We hope we will be able to resolve any issues you may have.

You also have the right to lodge a complaint with the Information Commissioner.

The Information Commissioner may be contacted at:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Helpline number: 0303 123 1113
Website: https://ico.org.uk/make-a-complaint

Changes to This Privacy Policy

We may change this privacy policy from time to time. When we do, we will inform all data subjects by publishing the updated privacy policy on our website.

How to Contact Us

You can contact us and/or our Data Protection Lead by post, email or telephone if you have any questions about this privacy policy or the information we hold about you, to exercise a right under data protection law or to make a complaint.

Our contact details are:

People Law Ltd
Darren Stevens, CEO & Data Protection Lead
Email: datahelp@peoplelaw.legal
Phone: 01622 933547

Do You Need Extra Help?

If you would like this policy in another format (for example audio, large print, braille) please contact us using the details above.