Delta Alpha Psi Privacy Notice

Last updated on 28/06/2023

At Delta, we know your personal data is important to you and we take the protection of your privacy and confidentiality seriously. This policy sets out the basis on which any personal data that you provide to us, or that we collect from you will be processed by us. Please read our privacy notice carefully to understand how we handle your personal data and our practices around this.

Our contact details

Email: info@deltaalphapsi.com

What is this notice all about?

We want to be completely transparent about how we collect and use your personal data and this privacy notice exists to tell you exactly how we do this.

This notice applies wherever we decide why and how we process personal data (and therefore act as a Data Controller under data protection law). It covers the personal data we process when you use our services.

Our privacy notice tells you the journey of your personal data from the moment it enters our systems up until it’s time for us to say “goodbye*”*, as well as the various stops it makes along the way.

The different ways we process personal data

  • When we agree on a programme with you 
    • What personal data do we collect, why do we collect it, and what legal basis do we rely on? 

      Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.When we first make contact, we’ll need some information about you, and will send a form asking you for contact details for key contacts, such as name, job title, email address, other contact details and a brief outline of the areas for focus. We will use this information for preparing an initial proposal.

      We will rely on Article 6(1)(f) of the GDPR – Legitimate interest when using and collecting this data as we require its use in order to improve our product and services provided to you.

      When we set up a meeting with you, we will collect the name and email address of a key contact in order to organise meetings over a videoconferencing platform and discuss needs and requirements. We will use this information to assign the best fit consultant to you as well as design the programme.

      We will rely on Article 6(1)(f) of the GDPR – Legitimate interest when using and collecting this data as we require its use in order to improve our product and services provided to you.

      When we design a programme for you, we will collect information to structure it to your needs. This will often include receiving internal documents relating to your internal procedures, or access to your folders that hold relevant information. This data usually includes employees names, email addresses, gender identification, job title or business function. While it is not usual to receive any special category data, it is possible that demographic data available includes race or ethnicity or disability. Where this data is collected it is used to allocate workshop sections or sessions.

      We will collect details for invoicing; which will include a contact name and details at your company.

      We rely on Article 6(1)(b) of the GDPR – Contractual obligation to collect this data, as it is required for us to provide this service to you and where relevant, Article 9 (1)(a) Explicit Consent for the special category data.

    •  Where do we store it? 

      We use some data application providers and suppliers to manage our services. It is our general practice to use applications where we can store data in the UK. We may use applications that store data in the EEA or countries deemed ‘adequate’ under GDPR.We store data in several applications including contract signing providers, applications for organising customer contact details (a Customer Relationship Management platform or CRM) and video conferencing software. We make use of Office 365 Applications to send emails, create documents and store files.

    • How long do we keep it for? 

      We keep the personal data mentioned for the duration of your account with us and may archive elements of it as part of our record keeping.

  • When we deliver your programme 
    •  What personal data do we collect, why do we collect it, and what legal basis do we rely on? 

      Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.When we ask you to complete a personality questionnaire, we’ll need some information about you to send it over, including your name and email address. We rely on Article 6(1)(b) of the GDPR – Contractual obligation to collect this data, as it is required for us to provide this service to you.

      When we set up a focus group, workshop or webinar, we will collect the name and email address of participants in order to invite them to the session. Depending on the circumstances we may gather some additional information to inform the programme contents.

      Often a focus group session will be recorded and automatically transcribed by you or ourselves. If recorded by us, we will go through the transcripts to remove any names or identifiers, before including information in a report. We rely on Article 6(1)(b) of the GDPR – Contractual obligation to collect this data, as it is required for us to provide this service to you.

      When we organise a 1:1 coaching session, usually as an integral part of our programme, but very occasionally in response to a specific incident or grievance, we will collect those details as well as the names and contact details of the participants.

      These sessions are confidential. The content of these meetings is hard to predict, but is not recorded and stored. Only anonymised feedback on the coaching session will be gathered, and details of this are agreed in advance. However some other feedback on the success of the session itself may be collected and used in aggregated format in the session report.

      We rely on Article 6(1)(b) of the GDPR – Contractual obligation to collect this data, as it is required for us to provide this service to you.

      When we ask for feedback, we will send over a form with questions to complete that includes a free text field and therefore could collect personal data. We will also collect feedback from the participants, both focussed on the session itself and also around their organisation. Some of these responses on the sessions may be used by us for marketing purposes.

      We will rely on Article 6(1)(f) of the GDPR – Legitimate interest when using and collecting this data as we require its use in order to improve our product and services provided to you.

      When we put together a report on the session for you, we will aggregate any data collected before producing quantitative and qualitative analysis. Any quotes included to elucidate a point will be anonymised.

      We will rely on Article 6(1)(f) of the GDPR – Legitimate interest when using and collecting this data as we require its use in order to improve our product and services provided to you.

    • Where do we store it? 

      We use some data application providers and suppliers to manage our services. It is our general practice to use applications where we can store data in the UK, EEA or countries deemed ‘adequate’ under GDPR.We store data in several applications including contract signing providers, applications for organising customer contact details (a Customer Relationship Management platform or CRM) and video conferencing software. We make use of Office Applications to send emails, create documents and store files.

 

We may use transcription software (US) and survey platforms (US). We also use a trusted partner to produce invoices to send to our customers.

  • How long do we keep it for?
    We keep records of customer interactions, including personal data for the duration of our relationship with you. We may archive some elements of our interactions for a period as part of our record keeping and will keep details of any financial transactions in line with time periods outlined in law. Any personal data that we collected during these sessions is deleted after the programme is complete. We do not keep any transcribed conversations beyond the production of our report. Some notes from sessions may be kept beyond project end depending on your preferences.
  • When you attend one of our Open Workshops 
    • What personal data do we collect, why do we collect it, and what legal basis do we rely on? 

      Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.When you sign up to one of our Open Workshops, we will collect your name, email address, company name and job title as well as financial details for payment so that we can invite you to take part in the event. We will rely on Article 6(1)(b) of the GDPR – Contractual Obligation when using and collecting this data.

    • Where do we store it? 

      We use some data application providers and suppliers to manage our services. It is our general practice to use applications where we can store data in the UK, EEA or countries deemed ‘adequate’ under GDPR.If we use an application that stores data outside of these zones, we will use appropriate measures to secure the transfer, including Standard Contractual Clauses (SCCs) and the UK Addendum where appropriate, or the UK International Data Transfer Agreement (IDTA). Any necessary Transfer Risk Assessments will be undertaken. If this applies we will indicate the importer country, otherwise the data resides in the GDPR zone.

      We use an online event platform to host the events and collect the payment. (US)

    • How long do we keep it for? 

      We keep the personal data collected to arrange the event and to inform you of future events, unless you choose to unsubscribe from this list. You can sign up to our newsletters if you wish to be kept informed of upcoming events, including our Delta Talks.

  • When we raise awareness of our business 
    • What personal data do we collect, why do we collect it, and what legal basis do we rely on? 

      Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.We make use of a contact form on our website that will collect your name, company name and email address so we can record your interest and contact you. We sometimes receive inbound interest via social media platforms.

      We will rely on Article 6(1)(f) of the GDPR – Legitimate interest when using and collecting this data as we require its use in order to raise awareness of our services to you as part of our strategy to grow our business.

      When you sign up to our newsletter, we collect your name, company name and email address so that we can keep in touch with you and we rely on Article 6(1)(a) of the GDPR – Consent when doing so.

      We typically only get in touch around once a month, and you can opt-out at any time. The easiest way to do this is by clicking on the unsubscribe link at the bottom of our emails, but you can contact us at any time to do this.

      When you sign up to one of our Delta Talks, we will collect your name and email address so that we can send you a link to the event. We will rely on Article 6(1)(f) of the GDPR – Legitimate interest when using and collecting this data as we require its use in order to raise awareness of our services to you as part of our strategy to grow our business.

      You can opt-out of these communications at any time, either by clicking on the unsubscribe link at the bottom of our emails or contacting us directly to ask us to remove you from the list.

    • Where do we store it? 

      We use some data application providers and suppliers to manage our services. It is our general practice to use applications where we can store data in the UK, EEA or countries deemed ‘adequate’ under GDPR.If we use an application that stores data outside of these zones, we will use appropriate measures to secure the transfer, including Standard Contractual Clauses (SCCs) and the UK Addendum where appropriate, or the UK International Data Transfer Agreement (IDTA). Any necessary Transfer Risk Assessments will be undertaken. If this applies we will indicate the importer country, otherwise the data resides in the GDPR zone.

      We use an online form and CRM to store company and contact information (US). We use an emailing platform to respond to requests, and if we set up a contact meeting, it will likely be making use of videoconferencing software. We send our newsletters by email.

    • How long do we keep it for? 

      We keep the personal data collected only for as long as you wish to receive the newsletters or wish to be in contact with us, for example to be kept informed about upcoming Delta Talks. You can unsubscribe at any time, and the corresponding personal data will be deleted within one month.

  • When you apply for a job with us 
    • What personal data do we collect, why do we collect it, and what legal basis do we rely on? 

      Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.When you apply for a job with us, we need some information about you in order to manage your recruitment process, such as your name, CV, email address, phone number, interview notes and references from previous employers. The legal grounds we rely on for this processing are Article 6(1)(f) of the GDPR – Legitimate Interests.

    • Where do we store it? 

      We use some data application providers and suppliers to manage our services. It is our general practice to use applications where we can store data in the UK, EEA or countries deemed ‘adequate’ under GDPR.If we use an application that stores data outside of these zones, we will use appropriate measures to secure the transfer, including Standard Contractual Clauses (SCCs) and the UK Addendum where appropriate, or the UK International Data Transfer Agreement (IDTA). Any necessary Transfer Risk Assessments will be undertaken. If this applies we will indicate the importer country, otherwise the data resides in the GDPR zone.

      We make use of various job boards (including US) to advertise roles, and collect applications from them. Sometimes we speak directly to universities and collect applications or CVs directly. We store names of applicants on a spreadsheet, along with interview notes and scores. We will likely conduct interviews on a videoconferencing platform.

    • How long do we keep it for? 

      We keep the personal data collected for unsuccessful applicants for up to 12 months.

  • **When you visit our website ****Our website uses cookies and other similar technologies of which you should be aware.
    • 🗂 What cookies do we collect, why do we collect them, and what legal basis do we rely on? 

      Cookies are text files placed on your hard drive by a web page server when you visit a website and are saved in your browser’s history. They allow the website to recognise your device and store some information about your preferences or past actions. Cookies cannot be used to run programs or deliver viruses to your computer; they are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie.When you use our website, the cookies that could be stored on your device are either first party cookies, which are placed and read by us directly while you are using our website or third party cookies, which are set by other third parties we have partnered with.

      Below is a list of the cookies we use and the purposes for which they are used:

  • Essential cookies 

    These are essential to the operation of our website and are integral to the functioning of our Website, therefore they cannot be removed.

Name Purpose More Information Duration
_hssrc Keep track of sessions Hubspot Session
_hssc Keep track of sessions Hubspot 30 mins
  • Non-essential cookies 

    These cookies are additional to the performance of our Website and help us improve the service we provide to you. They can be first party (added by us) or third party (added by one of our partners) cookies that enable us to monitor and analyse how visitors use our website and generate statistics based on them. They can also be used to allow us to track and analyse your response concerning web traffic or behaviour regarding changes to the structure, text or any other component of our Website.

Name Purpose More Information Duration
_cf_bm Cloudfare: bot management Functional 30 mins
YSC YouTube: tracks views Advert Session
VISITOR_INFO1_LIVE YouTube: measures bandwidth Advert 5 months 27 days
yt_remote_device_id YouTube: stores preferences Advert never
yt_remote_connected_devices YouTube: stores preferences Advert never
_ga-* google analytics :counts pages Analytics 1 year 1 mth 4 days
_ga google analytics: counts visitor Analytics 1 year 1 mth 4 days
_gid google analytics: tracking Analytics 1 day
gat_gtag_UA-* google analytics: stores user id Analytics 1 min
_hstc Hubspot Analytics 5 months 27 days
hubspotuk Hubspot Analytics 5 month 27 days
CONSENT Youtube Analytics 2 years

 

You can choose not to store Non-essential cookies on your computer when you visit our website, or you can adjust your browser settings to prevent cookies from being saved on your computer. You can find information about how to manage Cookies in the most commonly used browsers at the following addresses:

UK and EU – What are your rights?

Your personal data is yours and you have rights in relation to it granted by the UK GDPR, which include:

  • The right to be informed 

    You have the right to be informed about the collection and use of your personal data, the purposes for processing, retention periods for that personal data and who it will be shared with. We have set this information out in this privacy notice.

  • The right of access 

    You have the right to ask us for copies of the data we hold about you. If you ask us, we’ll confirm whether we’re processing your personal information and, if so, provide you with a copy of that personal information (along with certain other details).

  • The right to object 

    You have the right to ask us to stop processing your personal information in some circumstances, such as when we are relying on our own (or someone else’s) legitimate interests to process your personal information, when we are processing your personal information for direct marketing or when we are processing your personal information for research.

  • The right to rectification 

    You have the right to ask us to rectify the personal information you think is inaccurate or to complete information you think is incomplete. When you ask us to rectify your information, if we’ve shared your personal information with others, we’ll let them know about the rectification where possible.

  • The right to erasure 

    You have the right to ask us to erase your personal information, in some circumstances, such as where we no longer need it or you withdraw your consent (where applicable).

  • The right to restrict processing 

    You have the right to ask us to restrict the processing of your personal information for a period of time in some circumstances, such as where you contest the accuracy of that personal information or object to us processing it. This right is separate from the right to object and will only stop us from using your personal information further, not from processing it. If we’ve shared your personal information with others, we’ll let them know about the restriction where possible.

  • The right to data portability 

    You have the right to ask that we transfer the personal information you gave us to another organisation, or to someone else, in some circumstances.

You don’t have to pay anything in order to exercise your rights. Please contact us by sending an email to info@deltaalphapsi.com if you wish to make a request under your rights; we have a calendar month to get back to you with a response.

How you can complain

If you have any concerns about our use of your personal information, please let us know by:

Emailing us at info@deltaalphapsi.com or

If you are not satisfied with our response or you are unhappy with how we have used your data, you can complain to the Information Commissioner’s Office (ICO). You can find the ICO contact details below:

ICO Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, Helpline number: 0303 123 1113.

ICO Website: https://www.ico.org.uk

 

Not sure where to begin?

We can help.

Get in touch