Who we are
This site belongs to Pathlight OD Limited (“Pathlight OD”, “we”, “us”).
Our website address is: https://www.pathlight-od.com
Overview
Summary
Pathlight OD is committed to protecting and respecting your privacy and complying with the principles of the Data Protection Act and the UK and EU General Data Protection Regulations (GDPR). This policy sets out the basis on which any personal data we collect from you, or that you provide to us through your use of our website, will be processed by us.
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
The data controller is Pathlight OD Limited, 47 St George’s Avenue, London N7 0AJ, United Kingdom. This means that Pathlight OD alone determines how your personal data will be used in relation to services we provide to you. Pathlight OD is registered as a data controller with the Information Commissioner’s Office, registration number ZA330259.
We are committed to processing information about you fairly and in a transparent manner and the aim of this document is to provide you with sufficient information for you to be able to understand what we are doing with your data. If you are unsure how we are handling information about you or you think we could improve our privacy information please let us know.
This policy only applies to our website and services we provide to you directly. If you leave our site via a link or otherwise, you will be subject to the policy of that website provider. We have no control over that policy or the terms of the website and you should check their policy before continuing to access the site.
Use of this policy
This Privacy Policy describes how Pathlight OD collects, uses and discloses information, and what choices you have with respect to the information.
This version of the Privacy Policy reflects changes in data protection law. We have worked to make our Privacy Policy clear and understandable by:
- Arranging into sections
- Providing clear examples to show how the policies may be implemented by us
- Outlining what your rights are around these policies.
Changes to this policy
We may change this privacy policy from time to time but if we change it in a way which significantly alters the terms upon which you have agreed to use our website and other online services, we will post notice of the change on our website and you will be deemed to have accepted such changes. This privacy notice was last updated January 2023.
Your Data
What personal data we hold on you
Depending on the Pathlight OD services you interact with, we may hold the following personal data on you:
- Names
- Addresses (current and past)
- E-mail addresses
- Telephone numbers
- Correspondence between us if you contact us
- Emergency contact name, address, email address, and telephone number(s)
- Identity verification information submitted by you (such as passport, driving licence, bank statements, utility bills)
- HMRC (and/or other jurisdiction) tax identification numbers and related tax status (e.g. tax residency) provided by you
- Your income, other financial, and other data supplied by you in relation to personal accounting or taxation services we provide or have provided to you
- Bank account information (used to make payments to you or where required by us for HMRC submissions)
- Disclosure and Barring Service (DBS) basic or standard check applications and results where you have made such applications in relation to working with us
- Details of any limited company or other legal person you use as a contracting vehicle, including details of other directors and PSCs available through Companies House or supplied by you including third party consents for information not publicly available
- Details of your past employments including references from past employers
- Details of your educational and professional qualifications
- Details of your professional skills, competencies and experience
- Details of your visits to the Pathlight OD website and other online resources (such as web forms) that you access using cookies. See 5.1 for further information
- General communication we may have with you
- Marketing Preferences you have for our services
- Relationships, including organisations and affiliations
- Information on your social media profiles where you follow us
- Data acquired by third parties that we share data with, for more info please see 2.6
The purpose for having it and our legal reason for doing so
We will use all the information provided to build a profile of you to be used in delivering our services to you, and to our clients.
| What we use your information for | Our reason for having your personal data | Our legitimate interest |
|---|---|---|
| Marketing our services to contractors and/or clients | Updating you on contracting opportunities with Pathlight OD and/or the capabilities of Pathlight ODYour consent to ongoing contact and marketingYour consent to cookies | Keeping our records up to date, working out which of our services may interest you and telling you about themDeveloping new services and ideasDefining types of contractors and potential clients for appropriate communicationsSeeking your consent when we need it to contact youBeing efficient about how we fulfil our legal dutiesBuilding up a profile regarding youHaving appropriate security and safeguards |
| Processing your application to become a contractor | Understanding your capabilities and availability for client workUnderstanding your suitability (e.g. meeting professional qualification requirements) and right to workMeeting our legal obligations in relation to employment and contracting | Keeping our records up to date, working out which of our services may interest you and telling you about themDeveloping new services and ideasDefining types of contractors and potential clients for appropriate communicationsSeeking your consent when we need it to contact youBeing efficient about how we fulfil our legal dutiesBuilding up a profile regarding youHaving appropriate security and safeguards |
| Delivering services to you as a client (corporate or personal) | Enabling us to deliver the client services you have contracted us to provide | Providing the contracted-for services to youCompliance with legal, regulatory and professional standards and requirementsKeeping our records up to date |
| Responding to queries | To provide the best possible affiliate and client service and answer your queries quickly | Keeping our records up to date, working out which of our services may interest you and telling you about them.Developing new services and ideasDefining types of clients for appropriate campaignsOur need to respond to concerns |
How long we keep it for
We will hold information about you in our database for no more than is necessary. This means if you have actively applied to become an Pathlight OD contractor (and have not notified us that you no longer wish to be considered for contract work), or have submitted a client work enquiry (and have not notified us that you wish your status as a potential client to be revoked), we will hold your data for a period of up to six years.
Re-applying will refresh this time period.
The same applies for any information and consent you give during contractor onboarding or new client due diligence. We keep such information and consent for seven years since it is given.
If you have provided HMRC or other tax-related information, we will keep your information for seven years to comply with HMRC rules.
We may also need to keep your records as a contractor or client for longer to comply with any other legal obligations.
Once your records exceed the necessary retention period we will either anonymize them through pseudonymization or delete them securely. Pseudonymization is a procedure by which the most identifying fields within a data record are replaced by one or more artificial identifiers, or pseudonyms. There can be a single pseudonym for a collection of replaced fields or a pseudonym per replaced field. This means all your personal data is deleted and we keep only your transaction information for compliance and record keeping.
We may also contact you where we have consent or legitimate interest before we anonymize your record to see if you would still like to be kept informed about Pathlight OD services.
Pathlight OD will hold the data on the above schedule unless:
- You ask us to remove it
- We believe that you are no longer interested in our business
- We no longer need it for the purposes it was collected.
We always think about your best interests when we apply retention rules to our systems and are always happy to remove you at your request.
If you have any questions on how long we keep your data please contact us at contact@pathlight-od.com
How we secure and maintain it
We will take all steps reasonably necessary including policies, procedures and security features to ensure that your data is treated securely and protected from unauthorised and unlawful access and use and in accordance with this privacy policy.
Unfortunately, the transmission of information via the internet is not completely secure and although we will do our best to protect your personal data transmitted to us via the internet we cannot guarantee the security of your data transmitted to the Pathlight OD website from your device: any transmission is at your own risk.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Pathlight OD website or other online services, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Necessary processors
Pathlight OD maintains a small core operations team. In order to achieve operational efficiency and resilience, we work with some of the best third parties to provide excellent client and affiliate online services as effectively as possible.
This means the information we receive from you may pass through third party infrastructure to get to us and may ultimately be stored on third party infrastructure.
Each of our infrastructure partners is carefully reviewed and maintains the same security and standards towards data privacy as we do.
These are outlined below.
| Name of Organisation | Purpose |
|---|---|
| Google (G Suite) | G Suite applications including email and web forms, cloud-based data storage |
| Microsoft (Microsoft Office 365) | Microsoft Office applications, cloud-based data storage |
| Mayflower Disclosure Services Limited | Processing of basic and standard disclosure checks to the Disclosure and Barring Service |
| WordPress | Website management, usage and uptime statistics |
Who we share it with and how
We may disclose your personal information to third parties:
- If we are under a duty to disclose or share your personal data to comply with any legal obligation
- To fulfil any service that you request from us (e.g. enquiry via our website etc.)
- To enforce or apply our terms of use and other agreements
- To protect the rights, property, or safety of Pathlight OD, our clients, contractors, or others including exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
We will share information about you with government agencies and some of our suppliers who process data on our behalf to help us to provide services to you. The purpose of sharing your information with these government agencies and suppliers is to notify you of our services and work opportunities, to provide you with information that you have requested from us, for administration purposes and to comply with the law.
| Names / categories of organisation | Purpose |
|---|---|
| Processing of email and web forms | |
| Mayflower Disclosure Services Limited | Processing of basic and standard disclosure checks to the Disclosure and Barring Service |
| Disclosure and Barring Service, Disclosure Scotland | Processing of basic and standard disclosure checks |
| HMRC | Processing of PAYE, NIC, VAT and other tax requirements to meet legal requirements, for you as a contractor or as our client |
| Companies House | Processing of UK company filing requirements for you as our client |
| Pathlight OD Clients and Potential Clients | Tendering for assignments |
| Pathlight OD banking services providers | Making payments to you |
International transfer of personal data
If Pathlight OD transfers data outside of the European Economic Area (“EEA”), we will take measures to ensure all adequate safeguards are in place that match the EU Data Protection standards, in accordance with legal requirements. Where recipients are located in countries which do not provide an adequate level of protection from a European data protection law perspective, we will base the transfer on appropriate safeguards, such as standard data protection clauses adopted by the European Commission or by a supervisory authority, approved codes of conduct together with binding and enforceable commitments of the recipient, or approved certification mechanisms together with binding and enforceable commitments of the recipient. You may request a copy of such appropriate safeguards by contacting us as set out in Section 6 of this Privacy Policy.
Your rights and accessing your data
| Right | Detail |
| Right of access | You have the right of access to information we hold about or concerning you. If you would like to exercise this right you should email us at info@execcoachedge.comFor example: we could provide a copy of all your information in a CSV or PDF file. |
| Right of rectification or erasure | If you feel that any data that we hold about you is inaccurate you have the right to ask us to correct or rectify it. You also have a right to ask us to erase information about you where you can demonstrate that the data we hold is no longer needed by us, or if you withdraw the consent upon which our processing is based, or if you feel that we are unlawfully processing your data. Your right of rectification and erasure extends to anyone we have disclosed your personal information to and we will shall take all reasonable steps to inform those with whom we have shared your data about your request for erasure. |
| Right to restriction of processing | You have a right to request that we refrain from processing your data where you contest its accuracy, or the processing is unlawful and you have opposed its erasure, or where we don’t need to hold your data anymore but you need us to establish, exercise or defend any legal claims, or we are in dispute about the legality of our processing your personal data. |
| Right to portability | You have a right to receive any personal data that you have provided to us in order to transfer it onto another data controller where the processing is based on consent and is carried out by automated means. This is called a data portability request. |
| Right to object | You have a right to object to our processing of your personal data.This includes the right to object to any direct marketing we may undertake and to any automated decisions based on profiling which we may carry out. This also includes the right to object to any processing based on legitimate interests, such as disclosure checking. |
| Right to withdraw consent | You have the right to withdraw your consent for the processing of your personal data where the processing is based on consent.You can do so by contacting our data privacy team and they will immediately mark our records accordingly, this will then take effect as soon as possible.Please be aware that some activities may already have left our system at time of consent withdrawal. |
| Right of complaint | You also have a right to lodge a complaint about any aspect of how we are handling your data with the UK’s Information Commissioner’s Office who can be contacted at www.ico.org.uk.If you would like to find out more about your rights please email us at info@pathlight-od.com |
Provision of third party data
You are responsible for informing and obtaining the consent of any third parties whose data you enter into our website.
If we would like to process your personal data for any other purpose incompatible with the purposes listed above, we will provide you with appropriate additional privacy information at the point where you come across those additional purposes. Our commitment to you is that we will not process your data for any purpose other than those listed, or similar to those listed in this privacy policy. If you interact with another part of the Pathlight OD, we will provide you with additional privacy information relating to those other uses.
Technical
Cookies
Our website uses cookies to improve and enable the functionality it provides to you. You may refuse to accept cookies by activating the setting on your browser that allows you to refuse cookies. However, if you select this setting you may be unable to access certain parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you use our site and third party features of our site.
IP Address
We may collect information about your computer, including where available your IP address, geographic location (if you allow when prompted by your browser), operating system and browser type, for system administration when you access our website. We use this information for statistical data about our users’ browsing actions and patterns when they access our website.
Contacting Pathlight OD
If you would like to find out more info about this policy or ask us any questions please contact us at contact@pathlight-od.com
Pathlight OD has appointed a Data Protection Officer (“DPO”), please email Maria Symeon