Privacy Policy

 

This is the Privacy Policy of Resilient Leaders Elements Limited, a company registered in England and Wales (registered number 12153680) whose registered offices are at Manor House Barn, Mill Road, Peasenhall, Saxmundham, Suffolk, IP17 2LP, UK.

 

This policy contains detailed information on how we handle personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR). We also have privacy notices at various points on our website and other operational systems where personal data is collected. These privacy notices appear as pop-ups or within forms for completion at the relevant points where personal data is collected.

 

Resilient Leaders Elements is committed to protecting and respecting your privacy, and to acting in compliance with current data protection legislation including the General Data Protection Regulation (EU) 2016/ 679 (GDPR). This version has been updated to reflect the strengthened rights of individuals under GDPR, to make it easier to understand and to provide more fairness and transparency to you by making additional information available.

 

This policy (together with our terms of use of website) explain how we collect, use and process the data that you give. We adopt a layered approach to privacy and data protection of which this privacy policy is one aspect. We also have fair collection notices at various points on our website and other operational systems where data is collected. These fair collection notices appear as pop-ups or as forms for completion at the relevant points where data is collected. Users of the service can at any time view our policies on Cookies (see section 8) and Data Protection.

 

Please do not send us any personal data about anyone else without their permission. Whenever you give us personal data via our website, you are consenting to its collection and use in accordance with this privacy policy and any fair collection notice which is notified to you at the time of giving us such data.

This privacy policy comprises:

 

  1. What personal data we collect from you

  2. How and when we collect your personal data

  3. How and why we use your personal data

  4. Who we transfer your personal data to

  5. International transfer of personal data

  6. How we keep your data secure

  7. Data Retention and Anonymisation

  8. How we use Cookies

  9. Your legal rights

  10. Changes to your personal data

  11. How you can obtain personal data we hold about you

  12. How you can contact us

  13. Changes to this policy

  14. Governing law

 

1. What personal data we collect from you

 

Whether you are a customer, supplier or other business contact, respondent, or staff, we will collect and use your personal data in the manner and for the reasons set out in this Privacy Policy. We collect most personal data directly from you however if we collect personal data indirectly, we refer to this explicitly in this Privacy Policy. We have listed the types of personal data likely to be collected from persons according to the relationship that person has with us as follows:

 

1.1  Customers and suppliers (including individual contractors) and other business contacts

 

  • Identity data (including full name, username or similar identifier, title/ gender, job title, role, seniority)

  • Contact data (including billing address, delivery address, email address, telephone numbers)

  • Financial data (including bank account, payment card details)

  • Transaction data (including details about payments to and from you and/or your organisation and other details of products and services you have purchased from us)

  • Technical data (including internet protocol (IP) address, login data, browser type and version and other technology on the device used to access our websites)

  • Profile data (including username, password, purchases or orders made by you, your interests, preferences, feedback and surveyresponses)

  • Usage data (including information about how you use our websites, products and services)

  • Marketing and communications data (including your preferences in receiving marketing from us and your communication and cookie preferences, as well as how you interact with our marketing e.g. click rates)

 

Data will be collected in order for customers, suppliers and other business contacts to receive or supply products and services, as applicable, to manage contractual relationships on an ongoing basis, for account administration, and to provide updates and news about our products and services, events and other information that we think may be of interest to you. We also collect data through the use of cookies. You can find out more about cookies in section 8.

1.2  Respondents including those nominated to provide feedback to you Mandatory data:

  • Identity data (including full name, username or similar identifier, title/ gender)

  • Contact data (including email address)

 

Data will be collected from respondents taking our Resilient Leaders Assessments and Development Programmes, to complete the questionnaire, and for scoring and report generation. Additionally, where feedback is given and/or where you participate in an accreditation or other consultancy engagement run by our team, additional data to that set out above may be provided by you and this will be collected by a practitioner and/or associated organisation or our team, respectively, and used for the purposes of provision of services.

On occasion we collect special category data from respondents taking our questionnaires (where such optional information is given in response to non-mandatory questions prior to completion of the questionnaire and potentially within accreditation or other consultancy engagements. Collection of such special category data is optional and is only provided by the data subject themselves. Special category data is only used in aggregated and anonymised form for research and development purposes (see section 3).

1.3  Visitors to the Resilient Leaders Elements website

 

Data collected may include the following, where provided:

 

  • Identity data (including full name, username or similar identifier, job title, title/ gender)

  • Contact data (including email address, telephone numbers)

  • Technical data (including internet protocol (IP) address, login data, browser type and version and other technology on the device used to access our websites)

  • Usage data (including information about how you use our websites, products and services)

  • Marketing and communications data (including your preferences in receiving marketing from us and your communicationand cookie preferences, as well as how you interact with our marketing e.g. click rates)

 

Simply visiting Resilient Leaders Elements website does not require you to reveal personal data although some cookies recording session data will be collected (see section 8). If however you ask us for information, register with us, sign up to attend any of our events or receive our marketing material or otherwise express an interest in our products or services or report a problem, we collect any personal data you submit to us.

 

1.4  If you fail to provide personal data

Where we need to collect personal data by law or under the terms of a contractual arrangement, and you fail to provide that data when requested as being mandatory, we may not be able to fulfil the terms of the contract or relationship that we have with you.

 

 

2.    How and when we collect your personal data

 

We may collect your personal data in the following direct ways:

 

Customers and suppliers (including individual contractors) and other business contacts

 

Data will be collected:

 

  • Prior to, at commencement, and during the term of a contractual relationship when you request our products and services

  • When you complete forms on our site or for our products and services, including registering to use our site, subscribing to our services, posting material or using further services

  • When you contact us or report a problem to us, or provide feedback to us, or complete a survey

  • When you transact with us through our website or when orders are placed with us over the phone or by email

 

Respondents

Data will be collected when you complete Resilient Leaders Assessments and Development Programmes via Resilient Leaders Elements or otherwise. Data may also be collected from your associated Resilience Consultant. Where feedback is given and/ or where you participate in an assessment or other consultancy engagement run by our team, additional data to that set out above may be provided by you to the Resilience Consultant and/or associated organisation or our team respectively, at the time of such feedback, assessment or engagement.

 

Visitors to the Resilient Leaders Elements website

Simply visiting Resilient Leaders Elements websites does not require you to reveal personal data. If however you ask us for information, register with us, sign up to attend any of our events or receive our marketing material or otherwise express an interest in our products or services or report a problem, we collect any personal data submitted to us at that time.

We also collect data you share with us on blogs or chat forums at the time of submission of such data. 

 

Automated technologies or interactions

When you visit our websites and access resources on our websites, we may automatically collect Technical Data and Usage Data. We collect this data via cookies including, where available, your IP address, operating system and browser type, for system administration. Section 8 has more information on cookies.

Third parties or publicly available sources

 

We may also collect personal data about you from third parties or publicly available sources including:

 

  • Analytics providers (such as Google based outside the UK)

  • Tailored database providers (which supply us with contact information of individuals whose roles relate to the products and services provided by Resilient Leaders Elements).

 

3.    How and why we use your personal data

 

Customers and suppliers (including individual contractors) and other business contacts

 

Personal data of customers (including Identity, Contact, Technical, Usage and Profile Data) will be used:

 

  • To provide you with products and services that you request from us

  • To manage our contractual relationship on an ongoing basis

  • For customer administration including carrying out our obligations arising from any contracts entered into between you and us and including retention of correspondence if you contact us

  • For us to form a view on what we think you may want or need, or what products, services or offers may be of interest to you (referred to as marketing) in order to provide you with information about our other products and services in which you may be interested, including our regular broadcasts

  • To personalise our service to you, including ensuring that content from our site is presented in the most effective manner for you and your computer

  • To seek your views on products and services

  • To enable you to participate in interactive features of our service, when you choose to do so, including live chat features

  • For technical administration of our sites including notifying you about changes to our service

  • With further information on our products and services

 

Personal data of suppliers and other business contacts (including Identity, Contact, Technical, Usage and Profile Data) will be used:

 

  • To receive products and services

  • To manage our contractual relationship on an ongoing basis

  • For supplier administration including carrying out our obligations arising from any contracts entered into between you and us and including retention of correspondence if you contact us

  • To provide updates and news about our products and services as such may be relevant to the services you provide.

 

You will receive marketing communications from us if you have requested information from us or purchased products or services from us or if you provided us or one of our service providers with your details and, in each case, you have not opted out of receiving marketing. Where you opt-out of receiving marketing messages, we may need to communicate with you for administrative or operational reasons and therefore whilst you use our products and services and continue to wish to do so, it is not possible to opt-out of all communications with us, and therefore an opt-out may not apply to personal data provided to us as a result of purchase of products or services or other associated activities or transactions.

Respondents

Personal data collected from respondents taking our Resilient Leaders Assessments and Development Programmes will be used:

 

  • To provide, on request from practitioners and/or your associated organisation, personalised computer-generated reports from completion by respondents of our Resilient Leaders Assessments and Development Programmes, including via our web-based scoring and delivery platform, or otherwise. Sometimes we may combine respondent data with that of other respondents, for example to create team reports

  • Where feedback is given, for the purposes of the feedback session between the respondent and practitioner

  • Where you participate in an assessment or development centre or other consultancy engagement run by our team, additional data provided by you may be used for the purposes of provision of our services

  • For research purposes we use data collected through completion of our Resilient Leaders Assessments and Development Programmes, or otherwise, for research purposes in order to produce statistics of the type described in our product description materials, e.g. norms, validity and effectiveness data. You may be asked, as part of the testing process, to give your consent to the use of your personal data for research purposes, and to answer additional research questions. If you decline from doing so, certain data is not collected or used for research purposes. If you do consent, the personal data collected may include sensitive personal data where you have submitted such but this will only be used for research purposes and only in anonymised form.

Visitors to the Resilient Leaders Elements website

  • Personal data (including Identity, Contact, Technical and Usage) will be used to form a view on what we think you may want or need, or what products, services or offers may be of interest to you (referred to as marketing) in order to provide you with further information on our products and services. You will receive marketing communications from us if you have requested information from us or if you provided us or one of our Resilience Consultants with your details and, in each case, you have not opted-out of receiving marketing. Where you opt-out of receiving marketing messages, this will not apply to personal data provided subsequently if you then choose to purchase products or services and in relation to other subsequent associated activities or transactions.

  • Aggregated data We also use aggregated data, including (i) cookies data (see section 5) and (ii) respondent data taken from the respondent responses to our Resilient Leaders Assessments and Development Programmes for the purposes of research and development. Aggregated data used within our research and development functions is derived from your personal data but no personal data will be published or disclosed since it is aggregated and anonymised for the purposes of research and development, and therefore no person is identified or identifiable from such data.

  • Analytics We also perform analytics, such as trends, sales intelligence, marketing effectiveness (such as click and open rates), uptake and progress.

 

 

4.    Who we transfer your personal data to

 

We may have to share your personal data with third parties for processing or sub-processing purposes. We undertake a selection process and periodic review in relation to processors and sub-processors. We may also share your personal data with controllers. In general, our customers are controllers of both customer personal data and respondent personal data. Our customers may be practitioners or organisations. We enter into data processing agreements with both processors and controllers, as applicable.

4.1. We share your personal data with third parties and for the purposes as set out below: 

 

4.1.1 Third parties (acting as processors):

 

  • Suppliers based in the US and EU who provide IT, database and system administration services as well as suppliers providing web, logistics or other services to you connected to the service we provide

  • Licensors in the US and EU for scoring and report generation in relation to our Resilient Leaders Assessments and DevelopmentProgrammes

  • Enquirers requiring information about practitioners’ certification

  • Professional advisers including lawyers, bankers, auditors, debt collection agencies and insurers based in the Europe who provide banking, legal, insurance and accounting services

  • HM Revenue & Customs, regulators and other authorities based in Europe who require reporting of processing activities in certain circumstances

  • Suppliers based in Europe who provide analytics services

  • Potential acquirers to whom our business or business assets may be transferred

  • Law enforcement agencies or regulators where we believe, in good faith, that it is necessary to comply with the law or regulatory obligation or to protect the safety of Resilient Leaders Elements, our customers or their clients, or the public or to enforce or apply our Terms of Business or other contracts

 

4.1.2 Third parties (acting as controllers):

 

  • Where a respondent completes one of our Resilient Leaders Assessments and Development Programmes under the direction of a practitioner, we will share the respondent’s results with that practitioner in order that they may give appropriate feedback to the respondent. The practitioner may also share the results or a summary, with another practitioner within the same organisation employing the respondent, as applicable and with the organisation employing the respondent as applicable

  • Where respondent data is combined with that of other respondents, for example for the purposes of team reports, this may be similarly shared

 

4.2. We require all third party suppliers to respect the security of your personal data and to treat it in accordance with the law. We do not allow our suppliers to use your data for their own purposes and we require that processing is in accordance with our instructions. We enter into written data processing agreements with suppliers that receive personal data from us.

 

 

5.    International transfer of personal data

 

We share your personal data with third parties, some of whom may be located outside the EEA as follows:

 

  • Suppliers who provide IT, database and system administration services

  • Where personal data is transferred outside the EEA, we take all reasonably necessary steps to ensure that your data is treated securely and in accordance with this Privacy Policy and the requirements of the law. Such measures include, where applicable, by ensuring that the recipients to which it is sent are (i) within countries where the European Commission has made an adequacy decision with respect to the data protection laws of such country, or (ii) certified under the EU-US Privacy Shield Framework or Swiss-US Privacy Shield Framework, or (iii) covered through the entering into of EU standard contractual clauses for transfers of data (also referred to as model contracts) or binding corporate rules, and monitoring such protections to ensure the adequacy of such measures.

 

 

6.    How we keep your data secure

 

We are committed to ensuring the security of processing and the ongoing confidentiality, integrity, availability and resilience of systems and services as such relate to personal data that we hold, in order to prevent accidental or unlawful destruction, loss, alteration or unauthorised disclosure or access.

In our roles as both controller and processor, we implement appropriate technical and organisational measures to ensure a level of information security appropriate to the risk. Our IT infrastructure and software applications are built to provide secure deployment of services, encrypted storage of back-up data with end-user privacy safeguards, encrypted communications between services, and safe operation by customers.

Respondent data is only accessible by certain Resilient Leaders Elements staff that support and administer the scoring and report- generation systems including our web-based scoring and delivery platform. Respondent data access is based on a need to know basis.

 

6.1. Additionally, our staff, associates and Resilience Consultants are bound to comply with confidentiality provisions and Privacy Statements. We have various policies that specifically address responsibilities and expected behaviour with respect to the protection of confidential information.

 

6.2. We have procedures for incident and breach investigation and notification. Where our assessment of the likely risk to the individuals involved concludes a breach of personal data may result in risk to the rights and freedoms of individuals, we shall promptly inform individuals (and associated controllers and the relevant supervisory authority where applicable) of any such breach, as required by law and in accordance with any contractual terms.

 

6.3. You should note that where we have given you (or where you have chosen) a username and/or password which enables you to access certain parts of our websites, or use our products and services, you are responsible for keeping the username and password confidential. You should not share these details with anyone.

 

6.4. This Privacy Policy applies only to information collected by Resilient Leaders Elements. Links within our website to third party sites, plug- ins and applications are not covered by this Privacy Policy. If you link to other websites, we encourage you to read their own privacy policies. We are not responsible or liable for those policies.

 

7.    Data Retention and Anonymisation

 

Every individual has rights as to how their personal data is handled, and we recognise the need to treat all such data in an appropriate and lawful manner, according to the classification of such data. Personal data, including sensitive data, are subject to certain legal safeguards specified in the Data Protection Act 1998 (the Act). At Resilient Leaders Elements, all data (personal and otherwise) that we collect as a result of use of Resilient Leaders Assessments and Development Programmes is handled in accordance with this Privacy Policy, and our Data Protection Statement and Terms of Business of Resilient Leaders Elements Ltd, in the manner set out in our internal Data Protection Policy and Data Retention and Destruction Policy. These set out the types of data that Resilient Leaders Elements collects and the retention periods, archive periods and also destruction method for such data.

In accordance with the Act, personal data should not be kept longer than is necessary for the purpose for which it is collected. This means that data should be destroyed or erased from our systems when no longer required. In accordance with our policies and processes as detailed above, in relation to personal data and sensitive personal data collected as a result of use of Resilient Leaders Assessments and Development Programmes such is generally retained for a period of 18 months, after which it is deleted. Any research data retained thereafter (in order to produce statistics of the type described in our product description materials, e.g. norms, validity and effectiveness data) no longer constitutes personal data as it is anonymised on Resilient Leaders Elements systems prior to research use, at which point no individual is identified or identifiable from such data and the data no longer falls within the scope of the Act.

 

 

8.     How we use Cookies

 

'Cookies' are pieces of information in the form of small text files stored by a user's web browser on your hard drive, when you visit websites. Cookies help to identify the user when he or she visits a particular web page; this enables the website to work more efficiently and your visit to be personalised, for example, to simplify the login process for registered users. They also provide information to the owner of the site. Cookies collect information about internet users such as their names, addresses, email details, passwords and user preferences.

Whilst cookies and the information they transmit may not identify a living individual when taken on their own, it may be possible  to do so in combination with other information held by the owner of the site or a third party. Resilient Leaders Elements websites, along with most other major websites, use cookies, but it is possible to restrict cookies or withdraw consent to use by blocking the cookies which are set by us by turning off the cookie function (see the Help menu on your browser for details). However, if you do this, it will restrict the services you can use or our site may not work for you as well as we intend or at all. You can view more information about cookies at https://ico.org.uk/for-the-public/online/cookies/ where you will also find information on how to delete cookies from your computer.

We use analytical and functionality cookies to allow us to recognise and count the number of visitors to our site and to see how visitors use the site, to enable us to improve how our site works. We also use session cookies and persistent cookies. Session cookies are temporary cookies which exist only in the period you access the site and expire once you close the browser. They allow website operators to link the actions of users during a single browser session and therefore avoid you having to re-enter information. Persistent cookies are cookies which remain on the hard drive of your computer after you have visited the website. These help us to identify you as a unique visitor and enable us to recognise you on future visits. No information is passed to third parties for marketing purposes although we may share information with third parties but only in relation to providing web or other services to you connected to the service we provide, including GoogleAnalytics, Decision Mechanics and TechBanxia (our technical partners), Twitter and YouTube.

We may also collect information about your computer, including where available, your IP address, operating system and browser type, for system administration and to report aggregate information. This is statistical data about our site users’ browsing actions and patterns, and does not identify any individual.

We use cookies in order to:

  • Give us information about the number of visitors to different parts of our site and how visitors use the site

  • Enhance your visit to our site, facilitate user administration including detection of mobile devices and to provide you with content tailored to your interests based on your usage of the site

  • Ease your browsing experience by optimising and improving the use of webforms, analysing user behaviour to improve usability of the site and track your preferences

    • Enable you to order our goods and services through our online shop, including use of a shopping basket

  • Administer a customer online account, including remembering log-in details and language selection for Resilient Leaders Assessments and Development Programmes and other applications

  • Understand how our online advertising and marketing campaigns and promotions are working in order to improve our site design and offers and promotions, and to assess the effectiveness of our marketing campaigns

 

We use first party cookies set by ourselves only. Please note that third party links on our website may use cookies over which we have no control. You may however restrict or block third party cookies through your browser settings and such blocking of cookies of third parties should not affect the functionality and use by you of our website.

 

 

9.     Your legal rights

 

9.1. You have the right to:

 

  • Request access to your personal data (commonly known as a “subject access request” or “SAR”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. We have a Subject Access Request policy which sets out in brief our process for dealing with SARs.

 

  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

 

  • Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

 

  • Object to processing of your personal data. This enables you to object to processing where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

 

  • Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

 

  • Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

 

  • Withdraw consent. You may withdraw consent at any time where we are relying on consent as the legal basis on which we process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdrew your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

 

Where we are a processor in respect of your personal data, we will inform the relevant controller of your request and assist and co- operate with the controller for them to fulfil the request.

9.2  No fee

You will not have to pay a fee to access your personal data (or to exercise any of your other rights). However, if a request is clearly unfounded, repetitive or excessive, we may charge a reasonable fee. Alternatively, in certain circumstances, we may refuse to comply with your request.

9.3. Further information

 

We may need to request specific information from you to help us confirm your identity or verify your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

 

 

10.     Changes to your personal data

 

It is important that the personal data we hold about you is accurate and current. In order for us to ensure this, please keep us informed of any changes at any time to the personal data that we hold about you.

 

 

11.     How you can obtain personal data we hold about you

 

If you wish to request access to the personal data we hold about you, you can request this by writing to or emailing our Data Protection Officer – see Section 12 for details on how you can contact us.

 

 

12.     How you can contact us

 

This is the website and privacy policy of Resilient Leaders Elements Ltd. Resilient Leaders Elements is registered with the UK Information Commissioner’s Office, as data controller (as defined by the Data Protection Act 1998) in respect of personal data collected by and/or transferred to us.

If you have any questions about Resilient Leaders Elements Privacy Policy, or wish to opt out of direct marketing or you wish to update or request any information about or copies of your personal data held by us, please e-mail: info@resilientleaderselements.com; or write to us at:

Resilient Leaders Elements Ltd, Manor House Barn, Mill Road, Peasenhall, Saxmundham, Suffolk, IP17 2LP, UK

If you have a complaint regarding any matter under this privacy policy or how we handle data, you may contact our Data Protection Officer, in the first instance, at the above address. You may also contact the Information Commissioner to complain.

 

 

13.     Changes to this policy

 

This Privacy Policy was produced in September 2019. It covers Resilient Leaders Elements Ltd and its associated companies. Resilient Leaders Elements reserves the right to modify or update the policy from time to time.

Resilient Leaders Elements Ltd, Manor House Barn, Mill Road, Peasenhall, Saxmundham, Suffolk, IP17 2LP, UK Registered in England and Wales Company Number 12153680

 

 

14.     Governing law

 

This Privacy Policy is governed by English law and the place of performance of obligations will be England.

Quick links

Contact Us
 
To start your RLDP or find out more, please complete the boxes below and we'll be in touch.