Green Roof Organisation Privacy Policy

Privacy and confidentiality are hallmarks of the work that we do.  The consent for and security surrounding the information provided by our members and the clients with whom we work is among our highest priorities – in short, we are committed to protecting all personal information.

The Green Roof Organisation is fully compliant with the current General Data Protection Regulation (GDPR) guidance. This page provides further information about the data we collect, why we collect it and how we use it. It also provides guidance on what you can do if you would like to request a copy of your information, make a complaint or delete your personal information.

How We Obtain Personal Data

Personal data may come to us in several ways. These include:

• Information provided through the “Contact Us” form on the website
• Information provided to us via email
• Information discussed either in person, over the internet (e.g. Skype or Zoom), or by telephone
• Information provided to us by a referrer (e.g. a sponsor in your company, or a former client) by formal letter, in person, by email or by telephone.

What Personal Information We Collect

This will vary according to both the nature of the interaction and relationship between you and The Green Roof Organisation.  Generally speaking, we may collect:

• Your full name and title
• Your home address (for clients) and business address (for companies), your email address(es) and telephone number(s)
• Bank account details for reasons relating to payments and billing only

The GDPR requires us to have lawful bases for processing all information. In our case, we use explicit consent at data collection point, as well as contract for purchased services.

What We Do With Your Personal Information

Your personal information is used solely to provide you with the best possible care or service.  If we work with you as a coaching client, or if you email us with information, we will keep accurate and detailed notes of our discussions. These may be both written notes or held electronically. Written notes are stored securely in a dedicated and secure locked filing cabinet and electronic records are securely stored and password protected. Our email accounts are protected using strong passwords that are only accessible to account holders.

Sharing Information

As part of our ongoing professional development, we may share details of our members with non-members and organisations.  At no time will fully identifiable information (for example, your full name) be released to anyone. Beyond this, none of your personal information will be shared with any third party unless we have your express consent to do so.

The sole exceptions to this rule are:

1. if we are required to share information by law
2. if your safety or that of someone else is at serious risk

Even in these highly unlikely cases, however, we will make every effort to discuss the process with you in full and walk you through anything that we have to do together. 

Crucially, we will never sell or lease your personal information to any ‘third parties’ (such as other companies, or marketing agencies).

Feedback

We really value feedback, so that we can develop and provide better services.  We are always grateful for the opportunity to use feedback as part of a ‘testimonial’, but wherever we would like to do this we will ask for your explicit consent first.  Furthermore, you will always able to rescind this consent at a later stage, including removing the feedback from our records and website.

How We Store Your Personal Information

The personal information that we hold digitally is securely stored and password protected.

Any written information is held securely in a dedicated office securely locked.

The Right To Be Forgotten

You have the express right to have any of your personal information that we hold, deleted or removed from our records at any time.  This is called the right to be forgotten.  In order to do this, we will need to make sure that the request has been made by the person to whom the information pertains and so we may ask a couple of security questions to ensure that this is the case. Requests can be made directly to membership@greenrooforganisation.org

We are obligated to protect your personal information by making reasonable security arrangements against such risks as unauthorised access, use, collection, disclosure or disposal.  Security measures have been integrated into the design, implementation and day-to-day operating practices of the business as part of our commitment to protect the personal information we hold.

This extends to the safeguards in place surrounding virtual sessions, which are conducted on Zoom.  All of these sessions are end-to-end encrypted. You can learn more about Zoom’s security and privacy technologies here.

Further Information

Any further information can be requested at membership@greenrooforganisation.org