020 7636 9002 A A A

Privacy Notice

Introduction

This privacy notice describes why and how The Pipeline collects and uses personal data in connection with its services which are:

This notice provides information about your rights as a user of our services as well as a user of our website.

The Pipeline is aware of its obligations under the General Data Protection Regulation (GDPR) and is committed to processing your data securely and transparently. This privacy notice sets out, in line with GDPR, the types of personal data that we collect and process about our clients and web-site visitors. It also sets out how we use that information, for how long we keep it and other relevant information about your data.

 

Who we are

MK-LF partnership t/a The Pipeline is a data controller, meaning that it determines the processes to be used when using your personal data. Our contact details are as follows:

MK-LF Partnership t/a The Pipeline

63-64 Margaret Street,

London W1W 8SW

Data protection principles

In relation to your personal data, we will:

 

What data we collect about you

Personal data means any information capable of identifying an individual. It does not include pseudonymised/anonymised data. We may process certain types of personal data about you as follows:

 

For leadership programmes and bespoke consulting:

For diagnostic tools:

From the website:

We may also process aggregated data from your personal data, but this data does not reveal your identity and as such in itself is not personal data. If we link the aggregated data with your personal data so that you can be identified from it, then it is treated as personal data.

Where we are required to collect personal data by law, or under the terms of the contract between us and you, if you do not provide us with that data when requested, we may not be able to perform the contract (for example, to deliver the Services to you). If you don’t provide us with the requested data, we may have to cancel your order of the Services. If we do, we will notify you at that time.

 

Why we process your data

There are 6 lawful reasons for processing personal data, which are:

How we collect your data

We collect personal data about you through a variety of different methods including:

 

 

 

Sensitive / Special categories of data

We collect the following categories of “sensitive” (also known as “special”) personal data as part of our diagnostic tool GENIE):

 

We must process special categories of data in accordance with more stringent guidelines. Most commonly, we will process special categories of data when the following applies:

The personal data is subject to the following basic processing activities:

 

We do not need your consent if we use special categories of personal data to carry out our legal obligations. However, we may ask for your consent to allow us to process certain particularly sensitive data. If this occurs, you will be made fully aware of the reasons for the processing. As with all cases of seeking consent from you, you will have full control over your decision to give or withhold consent and there will be no consequences where consent is withheld. Consent, once given, may be withdrawn at any time. There will be no consequences where consent is withdrawn.

Sharing your data

Your data will be shared within The Pipeline where it is necessary for staff to undertake their duties in provision of services to the client.

We also share some of your data with the following third parties:

 

We may also share your data with third parties as part of a Company sale or restructure, or for other reasons to comply with a legal obligation upon us.

Protecting your data

We are aware of the requirement to ensure your data is protected against accidental loss or disclosure, destruction and abuse. We are implementing processes to guard against such and comply with Cyber Security Essentials Guidelines.

As your personal data is stored on our IT infrastructure, and shared with our data processors who provide email, and document management and storage service to us, it may be transferred and stored securely outside the European Economic Area. Where that is the case the suppliers are signatories to the US-EU Privacy Shield.

Where your data is shared with our mailing list management supplier, it may be transferred outside the European Economic Area. Where that is the case it will be subject to equivalent legal protection through the US-EU Privacy Shield.

In line with data protection principles, we only keep your data for as long as necessary.

Your rights in relation to your data

The law on data protection gives you certain rights in relation to the data we hold on you. These are:

Where you have provided consent to our use of your data, you also have the unrestricted right to withdraw that consent at any time. Withdrawing your consent means that we will stop processing the data that you had previously given us consent to use. There will be no consequences for withdrawing your consent. However, in some cases we may continue to use the data where so permitted by having a legitimate reason for doing so.

If you wish to exercise any of the rights explained above, please contact our Data Manager, contact details below.

How to complain

We hope that you won’t ever need to, but if you do want to complain about our use of personal data, please send an email with the details of your complaint to info@execpipeline.com.  We will look into and respond to any complaints we receive.

You also have the right to lodge a complaint with the supervisory authority in your country of residence, place of work or the country in which an alleged infringement of data protection law has occurred within the EU.  The Information Commissioner’s Office (“ICO”) is the UK data protection regulator/supervisory authority. For further information on your rights and how to complain to the ICO, please refer to the ICO website.   We strive to meet the highest standards when collecting and using personal information. Complaints are taken very seriously, and data subjects are encouraged to bring any issues to our attention.

We recognise that transparency is an ongoing responsibility, so we will keep this privacy statement under regular review.

This privacy statement, Version number: 1.0 was last updated on 25 May 2018

ADDENDUM – the data we hold and basis for processing

 

Data Purpose GDPR ‘basis’ Service
Names, work and personal e-mail addresses To allow programme joining instructions to be sent to delegates

To contact you re changes to our products and services

To send details of products and services that you have requested via the website

To process and deliver your services

Contractual

 

Legitimate interests

Legitimate interests

 

Contract

Programmes

 

Programmes

 

Website

 

 

Programmes/consulting

Delegate lists for programmes and alumni/networking events To maintain contact for purposes of group networking

 

Legitimate interest Programmes
Technical and Usage data To use data analytics to improve our website, products/services, marketing, customer relationships and experiences Legitimate interest Website
Contact data To provide thought leadership pieces on topics relating to gender equality Legitimate interest Consulting
Aggregated pseudonymous data To create client reports on gender equality Contract Diagnostic tools