Our privacy statement

Our committment to your privacy

Privacy statement.

Edgecumbe Consulting Group Limited of Whitefriars Business Centre, Lewins Mead, Bristol BS1 2NT is committed to protecting the privacy of the data that we process and hold and complying with GDPR.

We hold personal data about our clients and their employees; this document explains what information we hold, how we use it and your rights regarding that information.

What data do we hold?

We collect and process personal data in order to provide our services as contracted with you / your employer. The data we hold may include some or all of the following:

  • Identifying Information – name
  • Contact Information – email address, phone number
  • Professional Information – job title, CV / biography, education level, job grade or level, employment start date, department/ function, location (your place of work), contract type, working hours, performance rating, income level
  • Ethnicity Information – nationality, race
  • Physical Characteristics – age, gender, disability
  • Religion, sexual orientation
  • Behavioural Information – psychometric data, attitudinal data (e.g. survey responses), 360⁰ feedback (from self, senior colleagues, peers, direct reports, other stakeholders)
  • Preference information – consultant notes taken during an assessment

Where did we get your data from?

  • The personal data that we hold is provided to us by you or your employer as agreed in our contract.

Why are we holding this data?

  • We may hold your data to fulfil a contract we have with our client (usually this would be your employer).
  • We may hold your data if you have given us your consent to do so.
  • We may hold your data if we are legally required to do so.
  • We may hold your data (in an anonymised format) for research purposes, where this has been agreed in our contract with you / your employer.

How we use your personal data?

  • The personal data we hold is used to deliver contracted services and products, and only for the stated purpose.  In carrying out these services we may do one or more of the following:
    • We may use your details so that we can communicate with you by email or phone.
    • We may use data provided by completing psychometric questionnaires to prepare a report which summarises your personality profile. This may include showing how your responses compare to those of a comparison or norm group, so that your profile can be interpreted fairly and objectively.
    • We may use data provided by completing 360⁰ feedback to provide an external view of an individual’s behaviours and performance.
    • We may use data provided via an employee survey to help organisations measure and improve their employees’ experiences at work and the organisation’s performance.
    • We may use data provided during assessments alongside the results of psychometric and/ or 360⁰ feedback to provide a dispassionate, professional opinion in a report prepared by a consultant / psychologist.
    • We may aggregate data collected on individuals within a team in order to provide a report on the team as a whole, in order to help with the team’s development and performance.
    • We may use personal data in order to conduct organisational research to help our clients to improve their organisation’s culture and/or performance.
    • We may use personal data in order to provide analyses of trends and patterns in different data sets for an individual, team or organisation (e.g. to track changes over time).
  • We may use personal information (in an anonymised format) for our own internal research purposes if agreed in our contract in order to:
    • produce relevant norm groups so that individuals, teams and organisations can compare themselves to others;
    • improve the quality of our services and products;
    • provide thought leadership in our field.
  • The personal information we hold is stored and processed securely in line with the UK government’s guidelines for Cyber security controls, Cyber Essentials*
  • Your personal information is held and processed in the UK.
  • Your personal information may also be held and processed in the EU.
  • If your personal information is transferred outside the EEA, we ensure that this is agreed in our contract and that the level of protection provided is sufficient to meet the requirements of the relevant EU directives.

What we don’t do with your personal data.

  • We do not use any automated decision-making systems relating to your personal data.
  • We do not sell your personal data to any third party.
  • We do not transfer your personal data to any parties other than sub-contractors agreed in our contract and necessary for us to carry out our contracted service.
  • We do not use your personal data for any purposes other than those agreed in our contract.
  • We do not store credit card details, nor do we share customer details with any 3rd parties

How long do we keep your personal data?

  • The information we use to communicate with you will be kept until you notify us that you no longer wish to receive information from us or you want us to delete your personal data.
  • Any personal data that we hold will be kept in line with the requirements of the Data Controller (this is usually your employer), or if the Data Controller has not provided a deletion policy we will hold the data until we are requested to delete it.

What are your personal rights?

If at any point you believe the personal data we hold on you is incorrect, you want us to correct or delete that information, or you no longer want us to hold that information or contact you, you can exercise your rights under the current Data Protection laws. These rights include:

  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restriction of processing
  • Right to data portability
  • Right to object

For more information about your personal data rights please visit the Information Commissioner Office website at: https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/individuals-rights/

Who do I contact if I have an issue with or question about the personal data that you hold about me?

  • Please contact our Data Protection Officer, Johannah Palmer on 0117 3328255 or email us at GDPR@edgecumbe.co.uk

How do I make a complaint about how my personal data is being held or processed?

  • If you wish to raise a complaint regarding the way we have handled your personal data, you can contact our Data Protection Officer (details above) who will investigate the matter.
  • If you are not satisfied with our response or believe we are processing your personal data in a manner which is not in accordance with the instructions of the Data Controller or the law, you can contact the Information Commissioner’s Office (ICO) https://ico.org.uk/ Their Helpdesk number is 0303 123 1113.

* For more information about Cyber Essentials please visit: https://www.gov.uk/government/publications/cyber-essentials-scheme-overview

Privacy statement.

Edgecumbe Consulting Group Limited of Whitefriars Business Centre, Lewins Mead, Bristol, BS1 2NT is committed to protecting the privacy of the data that we process and hold, and complying with GDPR.

We hold some personal details about you, this document explains why we have that information, how we use and handle it and your rights to that information.

What Information do we hold?

We currently hold personal information in order to provide our services as contracted with you/ your employer. This could include some or all of the following:

  • Identifying Information – Name, GMC number
  • Contact Information – email address
  • Professional Information – Location of work (where you are based), Job title, Specialty, Place of qualification, year of qualification
  • Ethnicity Information – nationality, race
  • Physical Characteristics – age, gender
  • Behavioural Information – 360⁰ feedback (from self, peer, support/ junior, patient, senior colleague, junior colleagues)

Where did we get your data from?

The personal data that we have is either provided to us by you, your respondents to your 360° feedback or your employer as agreed in our contract.

Why are we holding this personal information?

We may hold your data to fulfil a contract we have with our client (usually this would be your employer).

We may also hold your personal data if we you have given us your consent to do so.

We may also hold your personal data if we are legally required to do so.

We may also hold your personal data (in an anonymised format) for research purposes, as agreed in our contract.

How we use your personal information.

The information we hold will be used principally to deliver contracted services and products, and only for the stated purpose. In carrying out these services we may do one or more of the following:

  • We may use your details so that we can communicate with you by email or phone.
  • We may use your details provided in the form of behavioural questionnaires to provide a comparative data sheet (data presented numerically and in charts, showing how a person measures against a comparable norm group), so that each person receives objective and fair developmental feedback and comments.
  • We use feedback requested during 360⁰ from colleagues, peers and patients to support the revalidation process for hospital doctors and GPs.
  • We include your name and email address in the colleague nominations address book for each organisation or Primary Care area portal on the system where you have previously either started a feedback exercise or been nominated to give colleague feedback.
  • We may use information collected on individuals within a team in order to provide a report on the team as a whole, and to help with the team’s development and performance.
  • We may use personal information in order to provide organisational research to help our clients to improve their organisation’s culture and/or performance.
  • We may use personal information in order to provide analysis on trends over time for an individual, team or organisation.
  • We may use personal information (in an anonymised format) for our own internal research purposes if agreed in our contract in order to:
    • produce relevant external norm groups so that individuals, teams and organisations can compare themselves to others;
    • further development of our services and products;
    • provide thought leadership in our field
  • The personal information we hold is stored and processed securely in line with the UK government’s guidelines for Cyber security controls, Cyber Essentials*
  • Your personal information is held and processed in the UK.
  • Your personal information may also be held and processed in the EU.
  • If you elect to pay for services using the Stripe system (i.e. you elect to pay by credit/debit card), the personal data provided to complete the transaction will be transferred outside of the EEA. To see further information about Stripe’s privacy policy, please click here. Stripe Inc. is certified under the EU-US privacy shield framework.

What we don’t do with your personal information.

  • We do not use any automated decision-making systems relating to your personal data.
  • We do not sell your data to any third party.
  • We do not transfer your data to any parties other than sub-contractors agreed in our contract and necessary for us to carry out our contracted service.
  • We do not use your data for any purposes other than those agreed in our contract.
  • We do not store credit card details, nor do we share customer details with any 3rd parties.

How long do we keep your personal data?

The information we use to communicate with you will be kept until you notify us that you no longer wish to receive information from us, or you want us to delete your personal data.

Any personal data that we hold will be kept in line with the requirements of the Data Controller, or if the Data Controller has not communicated this with us we will hold the data until we are requested to delete it.

What are your personal rights?

If at any point you believe the personal information we hold on you is incorrect, you want us to correct or delete that information, or you no longer want us to hold that information or contact you, you can exercise your rights under the current Data Protection laws. These rights include:

  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restriction of processing
  • Right to data portability
  • Right to object

For more information about your personal data rights please visit the Information Commissioner Office website at:

https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/individuals-rights/

Who do I contact if I have an issue with or question about the personal information that you hold about me?

Please contact our Data Protection Officer, Johannah Palmer on 01173 328 255 or email us at GDPR@edgecumbe.co.uk

How do I make a complaint about how my personal data is being held or processed?

If you wish to raise a complaint regarding the way we have handled your personal data, you can contact our Data Protection Officer (details above) who will investigate the matter.

If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can contact the Information Commissioner’s Office (ICO). Their Helpdesk number is 0303 123 1113.

* For more information about Cyber Essentials please visit: https://www.gov.uk/government/publications/cyber-essentials-scheme-overview

Privacy statement.

Edgecumbe Consulting Group Limited of Whitefriars Business Centre, Lewins Mead, Bristol BS1 2NT is committed to protecting the privacy of the data that we process and hold and complying with GDPR.

We hold personal data about our clients and their employees; this document explains what information we hold, how we use it and your rights regarding that information.

What data do we hold?

We collect and process personal data in order to provide our services as contracted with you / your employer. The data we hold may include some or all of the following:

  • Identifying Information – name
  • Contact Information – email address, phone number
  • Professional Information – job title, CV / biography, education level, job grade or level, employment start date, department/ function, location (your place of work), contract type, working hours, performance rating, income level
  • Ethnicity Information – nationality, race
  • Physical Characteristics – age, gender, disability
  • Religion, sexual orientation
  • Behavioural Information – psychometric data, attitudinal data (e.g. survey responses), 360⁰ feedback (from self, senior colleagues, peers, direct reports, other stakeholders)
  • Preference information – consultant notes taken during an assessment

Where did we get your data from?

The personal data that we hold is provided to us by you or your employer as agreed in our contract.

Why are we holding this data?

  • We may hold your data to fulfil a contract we have with our client (usually this would be your employer).
  • We may hold your data if you have given us your consent to do so.
  • We may hold your data if we are legally required to do so.
  • We may hold your data (in an anonymised format) for research purposes, where this has been agreed in our contract with you / your employer.

How we use your personal data.

The personal data we hold is used to deliver contracted services and products, and only for the stated purpose. In carrying out these services we may do one or more of the following:

  • We may use your details so that we can communicate with you by email or phone.
  • We may use data provided by completing psychometric questionnaires to prepare a report which summarises your personality profile. This may include showing how your responses compare to those of a comparison or norm group, so that your profile can be interpreted fairly and objectively.
  • We may use data provided by completing 360⁰ feedback to provide an external view of an individual’s behaviours and performance.
  • We may use data provided via an employee survey to help organisations measure and improve their employees’ experiences at work and the organisation’s performance.
  • We may use data provided during assessments alongside the results of psychometric and/ or 360⁰ feedback to provide a dispassionate, professional opinion in a report prepared by a consultant / psychologist.
  • We may aggregate data collected on individuals within a team in order to provide a report on the team as a whole, in order to help with the team’s development and performance.
  • We may use personal data in order to conduct organisational research to help our clients to improve their organisation’s culture and/or performance.
  • We may use personal data in order to provide analyses of trends and patterns in different data sets for an individual, team or organisation (e.g. to track changes over time).
  • We may use personal information (in an anonymised format) for our own internal research purposes if agreed in our contract in order to:
    • produce relevant norm groups so that individuals, teams and organisations can compare themselves to others;
    • improve the quality of our services and products;
    • provide thought leadership in our field
  • The personal information we hold is stored and processed securely in line with the UK government’s guidelines for Cyber security controls, Cyber Essentials*
  • Your personal information is held and processed in the UK.
  • Your personal information may also be held and processed in the EU.
  • If your personal information is transferred outside the EEA, we ensure that this is agreed in our contract and that the level of protection provided is sufficient to meet the requirements of the relevant EU directives.

What we don’t do with your personal data.

  • We do not use any automated decision-making systems relating to your personal data.
  • We do not sell your personal data to any third party.
  • We do not transfer your personal data to any parties other than sub-contractors agreed in our contract and necessary for us to carry out our contracted service.
  • We do not use your personal data for any purposes other than those agreed in our contract.
  • We do not store credit card details, nor do we share customer details with any 3rd parties.

How long do we keep your personal data?

The information we use to communicate with you will be kept until you notify us that you no longer wish to receive information from us or you want us to delete your personal data.

Any personal data that we hold will be kept in line with the requirements of the Data Controller (this is usually your employer), or if the Data Controller has not provided a deletion policy we will hold the data until we are requested to delete it.

What are your personal rights?

If at any point you believe the personal data we hold on you is incorrect, you want us to correct or delete that information, or you no longer want us to hold that information or contact you, you can exercise your rights under the current Data Protection laws. These rights include:

  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restriction of processing
  • Right to data portability
  • Right to object

For more information about your personal data rights please visit the Information Commissioner Office website at: https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/individuals-rights/

Who do I contact if I have an issue with or question about the personal data that you hold about me?

Please contact our Data Protection Officer, Johannah Palmer on 01173 328 255 or email us at GDPR@edgecumbe.co.uk

How do I make a complaint about how my personal data is being held or processed?

If you wish to raise a complaint regarding the way we have handled your personal data, you can contact our Data Protection Officer (details above) who will investigate the matter.

If you are not satisfied with our response or believe we are processing your personal data in a manner which is not in accordance with the instructions of the Data Controller or the law, you can contact the Information Commissioner’s Office (ICO) https://ico.org.uk/. Their Helpdesk number is 0303 123 1113.

* For more information about Cyber Essentials please visit: https://www.gov.uk/government/publications/cyber-essentials-scheme-overview