We are committed to ensuring that your privacy is protected and we comply with the General Data Protection Regulations and laws applicable to the UK. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this Policy.
Wondrous People Ltd is registered with the Information Commissioner’s Office (ICO) as a Data Controller, registration number: Z1871422.
Wondrous People Ltd may change this Policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.
For personal data to be processed lawfully, we must process it on one of the legal grounds set out in the data protection laws.
For the processing of ordinary personal data in our organisation these may include, among other things:
- The data subject has given their consent to the processing;
- The processing is necessary for the performance of a contract with the data subject;
- The processing is necessary for the compliance with a legal obligation to which the data controller is subject; or
- The processing is necessary for legitimate interest reasons of the data controller or a third party
- You are processing someone’s personal data in ways they would reasonably expect it to be processed and which have a minimal privacy impact on the data subject or where there is a compelling justification for the processing.
What information do we collect from you?
Wondrous People Ltd uses your personal data to manage and administer your account/programme and to keep in contact with you for these purposes.
We may collect the following information:
- Name and job title
- Contact information including email address
- Basic employment details
- Demographic information such as your region
- Information for technical security monitoring purposes such as your IP address and the version of your browser
- Depending on the service we provide to you as an individual or your company, we may also request more detailed information about your employment. For example, the department, function or team you work in, the grade or level of your employment, the length of employment and professional experience and goals.
We may collect personal data in the following ways:
- Data disclosed by the individual directly
- Data disclosed by an authorised third party (e.g. employer) on the individual’s behalf
- Data obtained from a linked system or database
- Data generated through user interaction with systems and/or services
- Where an individual’s data is provided to Wondrous People Ltd by an authorised third party such as your employer (e.g. programme delegate lists), it is the third party’s responsibility to ensure they have the correct lawful basis in place to share this data with Wondrous People Ltd.
Why do we collect this information?
We will always tell you what we intend to use your personal data we collect from you for. However, the main purpose of collection your personal data is to provide the service you have requested or we are contracted to provide in relation to your account/programme e.g. executive or individual coaching, leadership and team development.
We collect this information to understand your needs and provide you with a better service, and in particular for the following reasons:
- Internal record keeping.
- We may use the information to improve our products and services.
- To contact you in response to a specific enquiry.
- We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided.
- From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, fax or mail. We may use the information to customise the website according to your interests. Where we rely on your consent, such as any consent we seek for email marketing, you can withdraw this consent at any time.
Who might we share your information with?
We work with a number of Partner coaches and facilitators and your data may be shared directly with any Partner that is directly associated with your account/programme. In particular, any coaching programmes where sensitive information may emerge during the course of the coaching is bound and held in strict confidence. The lawful basis for collecting this data is covered under our contract with you. We will not supply your data to third parties for marketing purposes.
How long do we keep hold of your information?
We will hold your data for a maximum of 7 years to meet legal and compliance requirements. We will only keep certain information about employees, clients, suppliers and other individuals or organisations we do business with in order to fulfil business functions.
Employee personal data is held for the duration of the individual’s employment and for 7 years after the last day or contracted employment.
Where data is held by our Partners or third parties, in support of the services we provide to you, they are contractually bound to delete data upon our request, delete data at the end of our contract with them, or to anonymise data after 2 years of receipt.
How can I access the information you hold about me?
The personal data we collect from you or generate from our interactions with you belongs to you. You have the right to know how and why your data is being processed or shared with our Partners.
You have the right to ask for a copy of your personal data, to correct, delete or restrict processing of your personal data. You have the right to object to the processing of your personal data in some circumstances, where we don’t have to process the data to meet a contractual or legal requirement or where we are using the data for direct marketing.
To contact us about your personal data, please contact at the address below. If you have unresolved concerns, you have the right to complain to the Information Commissioner’s Office (ICO).
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
Wondrous People Ltd has a Data Breach policy in place. A personal data breach can be broadly defined as a security incident that has affected the confidentiality, integrity or availability of personal data. In short, there will be a personal data breach whenever any personal data is lost, destroyed, corrupted or disclosed; if someone accesses the data or passes it on without proper authorisation; or if the data is made unavailable, for example, when it has been encrypted by ransomware, or accidentally lost or destroyed.
When a personal data breach has occurred we will establish the likelihood and severity of the resulting risk. If the nature of the data breach requires Wondrous People Ltd to inform the ICO, we will do so within 72 hours of becoming aware of the data breach. Data breach notifications must include: your name and contact details, the date and time of the breach you are reporting, the date and time it was detected and any other information that will help us investigate the issue.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Controlling your personal information
You may choose to restrict the collection or use of your personal information in the following ways:
- Whenever you are asked to fill in a form on the website, you can choose whether you want the information to be used by anybody for direct marketing purposes. If you do not opt into receiving this communication we will not share this with you.
- If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us by email, by writing to us or calling us.
- We will not sell, distribute or lease your personal information to third parties unless we are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen.
- You may request details of personal information which we hold about you under the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA 2018). If you would like a copy of the information held on you please write to:
Wondrous People Ltd,
201 Borough High Street,
London, United Kingdom,
Candidate Privacy Statement
Why do we collect data about you when you apply for a role at Wondrous?
Wondrous is a private limited company delivering a range of services to support organisations to deliver next-level results through transforming leadership and culture.
We collect information about you when you apply for a permanent, temporary or contract role, or make an enquiry about becoming a Wondrous Partner practitioner (a consultant, coach or facilitator).
Much of the information we hold will have been provided by you, but some may have come from external sources, such as your LinkedIn profile, and comments from your referees.
What information do we collect about you when you apply for a role at Wondrous?
We gather information so that we can make decisions as to your suitability for the role that you have expressed an interest in.
- Your CV and covering letter.
- A copy of your LinkedIn profile (if you have indicated that you have one).
- Details of any qualifications that you have.
- Hand written and electronic copies of interview notes gathered during the process.
- Details of results of any interview tests used, including psychometric profiles
- Copies of written references, or notes of verbal references obtained from referees whose details you have provided to us.
- Details of your proof of right to work in the UK.
- Details of any adjustments you have asked to be made to the recruitment process.
- We do not use automated decision making at any time during the recruitment and selection process.
- Some of the information we collect about you may include Sensitive Personal Data as defined in the Data Protection Act 1998. We will not utilise this data unless we have your explicit consent. If we intend to process your personal data for a purpose other than that which it was collected we will provide you with information on that purpose and any other relevant information.
How do we store your information
The security of your Personal Data is very important to us.
We will ensure that we have in place appropriate technical and organisational measures to prevent unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to Personal Data. All data will be stored on Wondrous systems based in locations either in the EU or USA within data storage platforms that fully comply with EU data protection laws.
Who do we share your information with?
We may transfer information about you to other companies or independent consultants for purposes connected with your prospective employment or the management of the company’s business.
For example, we may share your information with Clients or Consultants as part of the recruitment process or we may choose to use third party providers to carry out data processing such as testing and referencing.
If we share your information with any external third party we will ensure that they fully comply with the requirements for the handling, storage and security of your data.
How long do we keep your information?
We will retain your information for nine months after the vacancy has been filled and then it will be destroyed, unless you explicitly request for your details to remain on file to be matched to future opportunities.
If you are successful in your application, your details we have gathered will then be used to raise a contract of employment, or a contract for services. You will then be provided with details of how we store and manage your data as an Employee of the company.
Under the General Data Protection Regulation (GDPR) and The Data Protection Act 2018 (DPA) you have a number of rights with regard to your personal data. You have the right to request from us access to and rectification or erasure of your personal data, the right to restrict processing, object to processing as well as in certain circumstances the right to data portability.
If you have provided consent for the processing of your data you have the right (in certain circumstances) to withdraw that consent at any time, which will not affect the lawfulness of the processing before your consent was withdrawn.
Wondrous People Ltd. is the controller and processor of data for the purposes of the DPA 18 and GDPR.
If you have any concerns as to how your data is processed you can contact us on +44 (0) 203 817 7625 or firstname.lastname@example.org
You have the right to lodge a complaint to the Information Commissioners’ Office if you believe that we have not complied with the requirements of the GDPR or DPA 18 with regard to your personal data.