Privacy policy

According to the Data Protection Act 2018 (DPA 2018) and the UK General Data Protection Regulation (UK GDPR), you are entitled to know what data we have about you and how we use it.

 

Our Privacy Policy sets out why we might need your personal data, what we plan to do with it, how long we are going to keep it, if we’ll share it with anyone else and what your rights in relation to your data are. You can also find out who to contact if you have any complaints regarding how we handle your data.

 

This Privacy Policy makes reference to cookies, but full information in relation to cookies can be found in our Cookie Policy.

Definitions

In this Privacy Policy, we use the following terms:

  • “We”, “us” and “our” refer to Cohorts LLP and our website, www.cohortsllp.com.
  • “You” and “your” refer to anybody whose data is being processed by Cohorts LLP. This might be because you are using our website or because you have entered into contact or into a business relationship with us.

What type of information do we collect?

We currently might collect and process the following information.

  • Personal identifiers, characteristics and ID documents, such as your name or date of birth.
  • Contact details, such as your email address, phone numbers or address.
  • Tax details, such as your VAT or National Insurance number, as applicable to our relationship with you.
  • Financial, payment and banking data, such as your sort code and account number or your credit score, if applicable to our relationship with you.
  • Details of any of your projects that are relevant to our relationship with you.

The exact details of what we collect from you will vary depending on the nature of our relationship with you and you will be informed during the course of our working relationship with you regarding the specific details of this data.

 

Where examples are given to illustrate a type of information we collect, they do not constitute an exhaustive list.

 

We also use cookies on our website. These cookies might collect website user details and statistics. Please consult our Cookie Policy for information on what cookies we use and what data we collect through them.

How do we get your information?

Most of the personal information we process is provided to us directly by you for one of the following reasons:

  • You have submitted a form on our website, including the contact form, or have entered into contact with us by telephone, email or another relevant means of contacting Cohorts LLP.
  • You are or have been in a business relationship with us (including but not limited to business partners, clients, suppliers, contractors and employees).

We might also receive personal information indirectly, from the following sources in the following scenarios:

  • From a mutual contact, for example, if they are referring you to us.
  • From another company that holds your details providing them to us lawfully, for example credit agencies.

Why might we need your personal data and what might we do with it?

We use the information that you have given us in order to:

  • Respond to your enquiries and offer you support.
  • Provide you with information and services that you have requested from us.
  • Send you marketing emails and/or promotional materials.
  • Fulfil our contract with you.
  • Enforce our terms and conditions and/or any contract we might have with you.
  • Comply with legal obligations, including responding to legal requests and preventing harm.
  • Satisfy our legitimate business needs.
  • Administer and improve our website, including its safety and security.
  • Request feedback and post testimonials.

Who will we share your information with?

We may share this information with:

  • Government bodies, as required by law and as applicable to our relationship with you. These might include, but are not limited to, HM Revenue & Customs and HM Courts & Tribunals Service.
  • Consultants, suppliers and third-party service providers who perform services for us and/or on our behalf and who legitimately, contractually or legally require your information to carry out those services. These might include, but are not limited to, our email and website host, payment processors, data analytics services, our pension provider and payroll software provider, finance and accounting tools, communication and collaboration tools, and data storage providers.
  • A new owner of Cohorts LLP, in the event of a transfer of partnership ownership or a partnership merger, including where Cohorts LLP is rebranded and/or undergoes a change of trading name.
  • Other entities that we have your consent to share your data with for specific purposes.
  • Other entities that we are required to share your personal information with for the purposes outlined in this Privacy Policy (namely, to fulfil our legal or contractual obligations or in pursuit of our legitimate interests).

What is our legal basis for processing your data?

Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are:

  • Your consent. You can remove your consent at any time. You can do this by contacting us using our contact details listed at the end of this policy.
  • We have a contractual obligation.
  • We have a legal obligation.
  • We have a legitimate interest.

How do we store your personal information?

Your information is securely stored. Digital data is stored on password-protected laptops or on password-protected cloud storage systems or mailboxes. Hard copies of data are stored in a secure place.

 

If you send us a message through our website or by email, or have entered into contact with us via telephone, and if you decide not to enter into a business relationship with us, we will keep all email correspondence with you and information given to us by that means for a period of one year. We will then dispose your information by permanently deleting the emails from our servers and any records on our system.

 

If you have entered into a business relationship of any form with us, we will keep all information you have provided us with for the duration of your relationship with us and as long thereafter as required either by law or to fulfil our contract with you, whichever is longer. We will then dispose your information by deleting it permanently from our servers and by destroying any hard copies.

 

For information gathered on your use of our website, please refer to our Cookie Policy for how long this information is stored for.

What are your data protection rights?

Under data protection law, you have rights including:

  • Your right of access: You have the right to ask us for copies of your personal information; this is called a subject access request (SAR).
  • Your right to rectification: You have the right to ask us to rectify personal information you think is inaccurate as well as to complete information you think is incomplete.
  • Your right to erasure: You have the right to ask us to erase your personal information in certain circumstances.
  • Your right to restrict processing: You have the right to ask us to restrict the processing of your personal information in certain circumstances.
  • Your right to object to processing: You have the right to object to the processing of your personal information in certain circumstances.
  • Your right to data portability: You have the right to ask that we transfer the personal information you gave us to another organisation or to you, in certain circumstances.

For those rights that only apply in certain circumstances, you can find out what those specific circumstances are by contacting us or by consulting the ICO. Both our and the ICO’s information can be found at the end of this policy.

 

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

 

Please use the contact information at the end of this policy if you wish to make a request.

 

In certain circumstances, we can refuse your request. If this happens, we will tell you why we aren’t taking action and that you have the right to make a complaint to the ICO and/or enforce the relevant data protection right through a judicial remedy.

How to complain

If you have any concerns about our use of your personal information, you can make a complaint to us. Our contact details are listed at the end of this policy.

 

You can also complain to the ICO if you are unhappy with how we have used your data. You can contact the ICO by post, phone or via their website, all of which are detailed at the end of this policy.

Our contact details

Address:
Cohorts LLP
12 Queens Parade
Bath
Somerset
BA1 2NJ
Phone Number: +44 (0) 7799 643699
E-mail: contact.us@cohortsllp.com
Website: www.cohortsllp.com

The ICO's contact details

Address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: www.ico.org.uk

Last update: 23/10/2023