The Gap Partnership Limited ("We") are committed to protecting and respecting your privacy.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our practices regarding your personal data and how we will treat it.
We acknowledge and agree that any personal data of yours that we handle will be processed in accordance with all applicable data protection laws in force from time to time. Currently, the Data Protection Act 2018 (DPA 2018) applies after it was written in to UK law via the Data Protection Bill on 23 May 2018. DPA 2018 includes GDPR after it became EU law on 25 May 2018.
The Gap Partnership will:
1. process personal data fairly and lawfully;
2. process personal data only where this is strictly necessary for legal and regulatory purposes, or for legitimate organisational purposes;
3. ensure that personal data is only used for the purposes that it was originally obtained, or for other compatible purposes;
4. ensure that that personal data is relevant and not excessive in relation to the purpose or purposes for which it is processed;
5. ensure that personal data is accurate and, where necessary, kept up to date;
6. ensure that personal data is only retained for the time period required to meet the organisation's reasonable requirements;
7. provide clear information to natural persons about how their personal data will be used and by whom;
8. ensure that personal data is processed in accordance with the rights of data subjects -
9. adopt appropriate technical and organisational measures against unauthorised or unlawful processing of personal data, and against accidental loss or destruction of, or damage to, personal data;
10. ensure that personal data is only transferred outside the European Economic Area to countries that ensure an adequate level of protection.
INFORMATION WE MAY COLLECT FROM YOU
For the purpose of registering for our products, either via The Negotiation Room or through sharing agreements we have with our clients, we may recieve and process the following data about you:
• Your name
• Your email address
• Your gender
• Your telephone number
• Your job title
• Other information about your job role e.g department or function
• Video footage of negotiation case studies which take place on the workshop (all videos are deleted at the conclusion of each individual programme).
HOW WE USE YOUR DATA
We use the data we collect solely to provide the services for which we are contracted to provide for any given client. This includes:
• To provide you with a personalised workshop experience
• To provide The Negotiation Room and functionality included on the platform
• To notify you about changes to our service
• To contact you to provide you with information regarding your scheduled workshop.
We do not:
• Send you marketing emails unless you have opted in to receive such communications from us
• Sell your data to any third party.
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.
LEGAL BASES FOR PROCESSING
If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal bases for doing so under applicable EU laws. The legal basis depends on the Services you use and how you use them. This means we collect and use your information only where:
• We need it to provide you the Services, including to operate the Services, provide customer support and personalized features and to protect the safety and security of the Services
• You give us consent to do so for a specific purpose
• We need to process your data to comply with a legal obligation.
If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place.
WHERE WE STORE YOUR PERSONAL DATA
The data that we collect from you is only stored on data centres located inside the European Economic Area ("EEA").
DISCLOSURE OF YOUR INFORMATION
We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may disclose your personal information to third parties:
1. In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
2. If The Gap Partnership Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
3. If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our licence and other agreements; or to protect the rights, property, or safety of The Gap Partnership Limited, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
In the event of any of the above, The Gap Partnership will make all reasonable effort to notify all individuals concerned.
From 25 May 2018, new regulation (GDPR) written into EU and UK law and the Data Protection Bill, requires us to gain your explicit consent to receive marketing communications from us. When registering on any of our sites, you will be asked if you would like to opt-in to our marketing communications. We do not send any marketing communication to people who do not opt in.
Under data protection regulation, data subjects have a number of specific rights over the personal data which relates to them when held by or on behalf of The Gap Partnership and its subsidiaries. This includes data held by both data processors and data controllers.