Privacy Policy

BACKGROUND

Bekah Marshall Consulting understands that your privacy is important to you and that you care about how your personal data is used. Please read this privacy notice carefully as it aims to give you information on how we collect and process your personal data through your use of this website, including any data you may provide through this website when you sign up to our newsletter, book a service, or apply to work with us. This privacy notice contains information about who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and how you can contact us and the relevant authorities if you have a complaint.

This website is not intended for children and we do not knowingly collect data relating to children.

Information about Us

www.bekahmarshallconsulting.co.uk is a site owned and operated by Bekah Marshall LTD, a company registered in England and Wales with company number 13058304, and whose registered office is 85 Great Portland Street, First Floor, London, England, W1W 7LT.

Data Protection Officer - Melanie Marshall

Email - dataprotection@bekahmarshallconsulting.co.uk

Tel - 0203 051 2560

Postal Address - 85 Great Portland Street, First Floor, London, England, W1W 7LT

Who we are

Bekah Marshall LTD (trading as 'Bekah Marshall Consulting’) collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as 'controller' of that personal information for the purposes of those laws.

What does this Policy cover?

This Privacy Notice applies only to your use of our website. This website may contain links to third-party websites, plug-ins and applications. Clicking on these links or enabling those connections may allow third parties to collect or share data about you. Please note that we do not control these third-party websites and are not responsible for their privacy statements. We have no control over how your data is collected, stored, or used by other websites. When you leave our website, we encourage you to read the privacy statement of every website you visit.

What is Personal Data?

Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.

Personal data, or personal information, in simpler terms, means any information about you that enables you to be identified.

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:

Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
Contact Data includes billing address, home and/or contact address, email address and telephone numbers.
Financial Data includes bank account details.
Background Data (if you are wishing to join us as a Consultancy Associate) includes the information you have provided to us in your curriculum vitae and any covering letter or on our application form, including Identity and Contact Data, employment history, a portfolio and qualifications. We may also collect, store and use the following types of more sensitive personal information (Sensitive Data): information about your health, including any medical condition, health and sickness records and information about criminal convictions and offences.
Transaction Data includes details about payments to and from you.
Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
Technical data, as you interact with our website we collect this personal data by using cookies and similar technologies.

What Are My Rights?

Under the General Data Protection Regulation you have a number of important rights that we work to uphold. In summary, those include rights to:

be informed about our collection and use of your personal data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more information
access the personal data we hold about you
require us to correct any mistakes in your information which we hold
require the erasure of personal information concerning you in certain situations
data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases
object at any time to processing of personal information concerning you for direct marketing
object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
object in certain other situations to our continued processing of your personal information
otherwise restrict our processing of your personal information in certain circumstances

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner's Office (ICO) on individuals rights under the General Data Protection Regulation.

If you would like to exercise any of those rights, please:

email us at dataprotection@bekahmarshallconsulting.co.uk
let us have enough information to identify you,
let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and
let us know the information to which your request relates, including any reference numbers, if you have them.

If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.

How to complain

We hope that we can resolve any query or concern you raise about our use of your information.

The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.

How to complain

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 1113

How is your personal data collected?

We use different methods to collect data from and about you, including through direct interactions. You may give us your Identity and Contact Data by filling in forms on our website or by corresponding with us by post, phone, email or otherwise (such as during an interview or consultation). This includes personal data you provide when you:

contract to use our services;
join us as a Consultancy Associate;
request information from us;
request marketing to be sent to you;
enter a promotion or survey; or
give us some feedback

How we use your personal data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

Where we need to perform the contract we are about to enter into or have entered into with you
To provide our services to you (if you are a client) or receive services from you (if you are a consultancy associate freelancer, to improve our service or our dealings with freelancers, and to meet and enforce our legal obligations).
To provide you with the information, products and services that you request from the website.
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
Where we need to comply with a legal or regulatory obligation.

Generally we do not rely on consent as a legal basis for processing your personal data other than in relation to sending marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.

Purposes for which we will use your personal data

We have set out below a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out below:

PURPOSE/ACTIVITY

To register to use our website.

TYPE OF DATA

Identity

Contact

Employment

LAWFUL BASIS FOR PROCESSING, INCLUDING BASIS OF LEGITIMATE INTEREST

Performance of a contract with you and to inform you about services which you have requested/consented to.

PURPOSE/ACTIVITY

Assess your skills, qualifications, and suitability for the work. Carry out background and reference checks, where applicable. Communicate with you about the recruitment process and work that is available. Comply with legal or regulatory requirements.

TYPE OF DATA

Identity

Contact

Financial

Background

LAWFUL BASIS FOR PROCESSING, INCLUDING BASIS OF LEGITIMATE INTEREST

Necessary for our legitimate interests to decide whether to appoint you to work. To process your personal information to decide whether to enter into a contract of services with you.

PURPOSE/ACTIVITY

To process an application from a Consultancy Associate, a request for our services and/or to make and take payments.

TYPE OF DATA

Identity

Contact

Financial

Transaction

Marketing and Communication

LAWFUL BASIS FOR PROCESSING, INCLUDING BASIS OF LEGITIMATE INTEREST

Performance of a contract with you. Necessary for our legitimate interests to take and make payments.

PURPOSE/ACTIVITY

To manage our relationship with you which will include: Notifying you about changes to our terms or privacy policy. Asking you to leave a review or take a survey.

TYPE OF DATA

Identity

Contact

Marketing and Communications

LAWFUL BASIS FOR PROCESSING, INCLUDING BASIS OF LEGITIMATE INTEREST

Performance of a contract with you. Necessary to comply with a legal obligation. Necessary for our legitimate interests (to keep our records updated and to study how customers and Consultancy Associates use our services).

PURPOSE/ACTIVITY

To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).

TYPE OF DATA

Identity

Contact

Marketing and Communications

LAWFUL BASIS FOR PROCESSING, INCLUDING BASIS OF LEGITIMATE INTEREST

PURPOSE/ACTIVITY

To use data analytics to improve our website, products/services, marketing, customer relationships and experiences.

TYPE OF DATA

Identity

Contact

Technical

LAWFUL BASIS FOR PROCESSING, INCLUDING BASIS OF LEGITIMATE INTEREST

Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation) Necessary to comply with a legal obligation.

PURPOSE/ACTIVITY

To send you our email newsletter and other automated email communications.

TYPE OF DATA

Identity

Contact

LAWFUL BASIS FOR PROCESSING, INCLUDING BASIS OF LEGITIMATE INTEREST

To inform you about services which you have requested/consented to.

PURPOSE/ACTIVITY

To make suggestions and recommendations to you about goods or services that may be of interest to you.

TYPE OF DATA

Identity

Contact

Technical

LAWFUL BASIS FOR PROCESSING, INCLUDING BASIS OF LEGITIMATE INTEREST

How we use sensitive data provided by applications to become a Consultancy Associate

We will use your particularly sensitive personal information in the following ways:

We will use information about your disability status to consider whether we or our customers need to provide appropriate adjustments.
We envisage that we will process information about criminal convictions. We will collect information about your criminal convictions history if we would like to offer you the work (conditional on checks and any other conditions, such as references, being satisfactory). We are entitled to carry out a criminal record check in order to satisfy ourselves that there is nothing in your criminal convictions history which makes you unsuitable for the role.

Marketing

We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.

We may use your Identity, Contact and Technical to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).

You will receive marketing communications from us if you have requested information from us or purchased goods or services from us or if you provided us with your details at some other time and, in each case, you have not opted out of receiving that marketing.

We will get your express opt-in consent before we share your personal data with any company outside of our company for marketing purposes.

If you sign up for our Newsletter

This site may operate an email newsletter program, used to inform all users of services supplied by this site. Users can subscribe through an online automated process should they wish to do so but do so at their own discretion. Some subscriptions may be manually processed through prior written agreement with the user.

Email marketing campaigns published by this site or its owners may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database for future analysis and evaluation. Such tracked activity may include; the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity to name a few. This information is used to refine future email campaigns and supply the user with more relevant content based around their activity.

In compliance with UK Spam Laws and the Privacy and Electronic Communications Regulations 2003 subscribers are given the opportunity to unsubscribe at any time through an automated system. This process is detailed at the footer of each email campaign.

How and Where Do You Store My Data?

We will only store your personal data within the European Economic Area (the “EEA”). The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein. This means that your personal data will be fully protected under the GDPR or to equivalent standards by law.

We delete your data when it is no longer needed for these things. Generally, we do not give your information to third parties, but there are some exceptions where we use external service providers to enable operations – some of these are outside Europe. If you have any questions about this, please contact us at dataprotection@bekahmarshallconsulting.co.uk.

Who we share your personal information with

We routinely share your personal information with a range of third party service providers who help us provide, analyse and promote Bekah Marshall Consulting services and engage with freelancers. For a list of our third party providers, please contact dataprotection@bekahmarshallconsulting.co.uk. Some of those third party recipients may be based outside the European Economic Area — for further information including on how we safeguard your personal data when this occurs, see 'Transfer of your information out of the EEA'.

Transfer of your information out of the EEA

We may transfer your personal information to the third party service providers which are located outside the European Economic Area (EEA). We do this to help us provide and promote the Bekah Marshall Consulting service and to help us engage with freelancer consultancy associates.

Such countries do not have the same data protection laws as the United Kingdom and EEA. Whilst the European Commission has not given a formal decision that those countries provide an adequate level of data protection similar to those which apply in the United Kingdom and EEA, any transfer of your personal information will be subject to appropriate safeguards as permitted under the General Data Protection Regulation that are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal information. We will not otherwise transfer your personal data outside of the United Kingdom or EEA.

How long your personal information will be kept

Data about clients: we will keep this for the duration of your relationship with us, then 5 years thereafter.
Data about freelancer consultancy associates: we will keep this for the duration of your relationship with us, then 5 years thereafter.
Data about applicant freelancers who do not become freelancers: 2 years
Name and email addresses for those who send us an enquiry (but are neither a client nor a freelancer): we will keep this for 2 years following your last interaction with us.
Name and email addresses for those who sign up to our newsletter (but are neither a client nor a freelancer): we will keep this for 2 years following your last interaction with us.

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

GLOSSARY

Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:

Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.

Comply with a legal or regulatory obligation means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.

Third parties:

Service providers acting as processors based who provide IT and system administration services.
Professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers who provide banking, legal, insurance and accounting services.
HM Revenue & Customs (and like bodies outside of the UK), regulators and other authorities who require reporting of processing activities in certain circumstances.

COOKIE POLICY

This website uses Cookies and similar technologies in order to distinguish you from other users. By using Cookies, We are able to provide you with a better experience and to improve the website by better understanding how you use it. Please read this Cookie Policy carefully and ensure that you understand it. Your acceptance of Our Cookie Policy is deemed to occur if you continue using the website. If you do not agree to the Cookie Policy, please stop using the website immediately.

We use the following cookies:

Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website and interact with our blog.
Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

Please note that third parties (including advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.

You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.

Changes to this Privacy Notice

We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection. When we make changes in any way that affects you significantly we will inform you.

This privacy notice was published on Wednesday 21st July 2021 and last updated on Wednesday 21st July 2021.