Data protection

The Leaders Company Limited Guernsey registered company no. 57993 also trading as The Learning Company and Leaders

Personal Data Protection Policies

‘Personal data’ means any information relating to an identified or identifiable person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Examples include passport details, bank details, name, address, email, social security, descriptions of a person, biometric data etc.

We hold various personal data for individuals. Our general policy is not to hold data that serves no purpose for us. Guidelines are:

1. Due-diligence data.

We request due diligence data from clients and employees.

a) Clients.

ILM requires us to verify the identity of all delegates on our ILM RECOGNISED programmes. We record that we have seen valid photo ID (passport, driving licence or other official photo ID). There is no need for us to take a copy of the ID and no need for us to hold it. If a client provides us with a copy of their ID, we will destroy it.

b) Employees.

As part of our recruitment process, we require our employees to verify their identity and provide proof of identity and address. Once received, we record what we have seen by way of verification documentation and destroy the copies.

We will require police check verification from time to time. Where this presents no issue for the employee (i.e. is clear or records non-relevant convictions) we will treat this in the same way as ID documentation. Where the record records a relevant conviction, we will retain the document securely and confidentially until the potential issue has been resolved with the employee. Once resolved, a record of the issue and resolution will be made, and the police check document will be returned to the employee or destroyed.

Personal data essential to meet contractual arrangements (tax coding, social security, bank account details etc.) will be retained securely (i.e. hard copies in a locked cabinet).

2. Client Contact information

We maintain various communications databases with client phone numbers and addresses. These are used for individual and group contact (e.g. mailshot).

  • We will not subscribe anyone to our distribution or subscriber lists without their permission.

  • Our mailshot will be run via software (eMailChimp) that automatically includes the ability for recipients to easily unsubscribe.

  • We will not pass on personal details, e.g. phone numbers, email address etc. without that person’s explicit consent. An exception may be made where such details are easily available in the public domain (e.g. phonebook, website).

3. Psychometric Data and other work-related data (e.g. file notes).

These should be treated as confidential information. When held electronically, protected by password and when printed for working documents, held securely (i.e. locked cabinet) and destroyed when the work is completed.

As with any confidential information, we do not give it to a third party without permission. When running learning programmes, we will clearly identify the data that will be shared in a group context and ensure that the individual client is satisfied with that.

When consulting with clients, we will make clear, where possible, at the outset what personal data will be shared (if any) and with whom when contracting with the client. If it becomes important that personal data will need to be shared during the consulting work, we will ensure that this is clear to the relevant persons before such data is shared.

4. Good working practice

Portable devices:

Generally, we do not use portable memory devices (e.g. memory sticks, external hard drive) to hold personal data. Exceptions should be checked with the Managing Director if required.

We use portable computers. It is the responsibility of the laptop owner to ensure that:

  • Security is completely up to date to protect against malware, hacking etc.

  • access is password protected.

  • If the laptop is multi-purpose, for work and non-work and used by other people, a work user account is set up for exclusive use by the employee/consultant and is password protected.

When preparing presentations, written materials etc., be mindful about the personal data included in the materials. Public data is less sensitive than personal data (e.g. name of client associated with a particular employer).

Reviewed by the MD 03/09/2025, updated wording and company name.