Privacy policy.
Sarah Carroll Privacy Policy
Last updated: 5th July 2021
Please read in conjunction with our Terms and Conditions and Cookie Policy.
1. Introduction
This privacy notice explains how Grow Global Limited and Sarah Carroll and Deserve Digital (“we”, “us”, “our”) collects, processes, stores and protects your personal data when providing products or services to you or our clients, when you use our websites (www.growglobal.com and www.sarahcarroll.com) or when performing other activities that form part of our business.
It is compiled in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR) and Privacy and Electronic Communications (EC Directive) Regulations.
It informs you with regards to your personal information:
· Who we are
· What we gather about you
· Where we collect it from
· How we use it
· Who we share it with
· How long we keep it
· Transferring it internationally
· How we keep it secure
· How we use it for marketing
· Your legal rights
· Your right to complain
· Changes to this privacy policy
· Contacting us.
Our commitment to your privacy
We recognise the importance of protecting your personal and confidential information in all that we do and takes care to meet our legal duties. We put in place all reasonable technical, administrative and security measures to protect your personal information for the whole of its life, in whatever format we hold that information. We are committed to your privacy and handling your information openly and transparently.
2. Who we are
Grow Global Limited is a registered company in England and Wales.
Registered company address: 3rd Floor, Queensberry House, 106 Queens Road, Brighton, BN1 3XF, UK
Registered company number: 5861709
Email: office@growglobal.com
Telephone: +44 1273 003450
Our data controller is our Director Sarah Carroll and she has responsibility for any questions relating to this policy.
Our registration number with the Information Commissioner’s Office is: Z2841881
Within this notice we describe instances where Grow Global Limited is the ‘data controller’ (the organisation who decides what personal information is collected and how it used).
There may be situations where Grow Global Limited commissions another organisation (known as acting as a ‘data processor’), but in those circumstances our use of data would be governed by that organisation.
This website, nor our products and services, are not intended for children under 18 years of age.
3. What personal information we collect
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data) or data about your work.
We process personal information in physical or electronic format to enable us to run Grow Global Limited to support the provision of international digital growth and training products and services to our clients, to promote our products and services and to maintain our relationship and our financial accounts.
The personal information we process may include:
· Identity: includes first name, last name, maiden name, username or similar identifier, title, date of birth and gender
· Contact: includes company name, billing address, delivery address, email address and telephone numbers, country
· Professional: includes employment, educational, qualifications and income details.
· Financial: includes bank account and payment card details
· Transaction: includes details about payments to and from you and other details of products and services you have purchased from us and events you have attended with us
· Technical: includes IP address, logins, browser type and version, language, time zone, location, access time, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website
· Profile: includes your username and password, purchases or orders made by you, your interests in our products and services, progress with our international and business plans, feedback and survey responses.
· Usage: includes information about how you use our website, access our marketing emails, products and services, demographic information automatically collected.
· Marketing and Communications: includes your preferences and consents in receiving marketing from us and our third parties and your communication preferences
· Interactions: includes details about how you interact with us on social media, when you contact us and when we contact you (including but not exclusively, mobile messages, online messengers, emails, web forms, calendar booking, social media, online ads and phone calls).
We do not collect any Special Categories of Personal Data about you such as about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. Nor do we collect any information about criminal convictions and offences. If we need to collect this information we will seek separate permission from you in writing to process these special categories of personal data.
4. Where we collect personal data from
We may collect personal information from the following sources:
Personal information you give to us
When you contact, register, or purchase from us:
· When you contact us (for example by mobile messages, emails, web forms, calendar booking, social media, online ads and phone calls)
· When you enter a competition or promotion with us
· In customer surveys or any other research activity we may conduct with you
· When you use our products or services
· When you attend an event we run or attend
· When you update your information using our online forms
· When you apply to work with us
· When you register with us or create an account on our website.
Personal information gathered from our website
· When you use or access our website we operate website analytics software, including Google Analytics
· When you visit our website, we may use technology which automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, pixels, server logs and other similar technologies.
Personal information from third parties that we work with
· When you participate in an interaction with us via a third-party technology platform e.g. a promotion (Mailchimp/Facebook), online booking (Eventbrite, Calendly)
· When presenting at an event, we may be provided with your personal information
· When a client or another third party gives us personal data about you when referring you to us, in accordance with their privacy policy
· If any information you give us relates to a third party, by providing us with such personal data you confirm that, you have obtained any necessary permission to use it or are otherwise permitted to give it to us.
Personal information in the public domain
· publicly available sources or website tools, including your own website, Companies House
· search engine research
· public social media posts.
If you choose not to give personal information
We may need to collect personal information by law under the terms of a contract with you. If you chose not to give us this personal information, it may delay or prevent us from fulfilling a contract to provide products and services and meeting our obligations. It may also mean that we cannot provide you with our products or services that you have purchased from us. We will notify you if your choice not to give personal information to us would result in a delay or prevent us from meeting our obligations. In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.
5. How we use your personal information
We process information about you and/or your business to enable us to provide our products and services to you or our clients, and to meet our legal or regulatory obligations. This may include sharing it outside of Grow Global Limited.
The reasons why we may process your personal information are:
· To respond to your communications to us via call, email, mobile message, online messenger
· To determine which product or service is most appropriate for you
· To manage your account with us
· To deliver products and services to you
· To provide you with information that you have asked us to send to you
· To provide you with information that we think may be of interest to you
· To provide you with insights and thought leadership
· To provide you with details of relevant products and services
· To send you event invitations
· To assess your progress following our products and services
· To conduct research or to gain feedback, reviews or testimonials
· To evaluate, develop or improve our products and services
· To personalise your experience on our website, e-newsletters, mobile SMS, online messengers or calls
· To manage and improve our website
· To protect our business interests
· To meet our legal or regulatory obligations.
When we send you information we think you might be interested in, you have the right to unsubscribe at any time by contacting us or by following the unsubscribe instructions in our communications.
A legitimate interest is when we have a business or commercial reason to use your information, but this must not unfairly go against your rights or freedoms. If we rely on our legitimate interest, we will tell you what it is.
In the following table, we have listed the ways that we may use your personal information, and which reasons we rely on to do so. We have also identified what our legitimate interests are where appropriate.
What we Use Your Personal Information forOur Reason(s) for ProcessingOur Legitimate Interest (where applicable)· To register you as a new client
· To manage our relationship with you
· To correctly recommend appropriate products and services
· To communicate with you about your booking, rebooking or products and services you have purchased
· To do regular assessments of your progression
· Fulfilling our legal and contractual obligations
· Our legal duty
· Our legitimate interest
· Keeping our records up to date
· Being efficient in how we deliver our products and services to our clients
· Offering appropriate advice.
· To manage how we work with other companies that provide services to us and our customers· Fulfilling our legal and contractual obligations
· Our legal duty
· Our legitimate interest
· Keeping our records up to date
· Being efficient in how we deliver our products and services to our clients
· To administer payments for bookings and re-bookings
· To administer payments for services we offer clients
· To administer payments relating to product sales
· Fulfilling our legal and contractual obligations
· Our legal duty
· Our legitimate interest
· Keeping our records up to date
· Being efficient in how we deliver our products and services to our clients
· Complying with regulations that apply to us.
· To manage risk for us, our customers and suppliers
· To comply with regulations that apply to us
· To respond to complaints and seek to resolve them
· Fulfilling our legal and contractual obligations
· Our legal duty
· Our legitimate interest
· Complying with regulations that apply to us
· Being efficient about how we fulfil our legal and contractual duties.
· To run our business in an efficient and proper way. This includes managing our financial position, business capability, HR, planning, communications and audit· Fulfilling legal and contractual obligations
· Our legal duty
· Our legitimate interest
· Complying with regulations that apply to us
· Being efficient about how we fulfil our legal and contractual duties
· To exercise our rights as set out in agreements or contracts· Fulfilling our legal and contractual obligations
· To enable you to receive newsletters from us, to complete a survey, or to enter a competition
· To analyse the reaction to our advertising activity
· To conduct analysis and research to improve our products and services
· To ask for feedback or review of our products and services
· To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
· Fulfilling our legal and contractual obligations
· Our legal duty
· Our legitimate interest
· Being efficient in how we deliver our products and services to our clients
· Offering appropriate advice.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Please note that in certain circumstances it may be still lawful for us to continue processing your information even where you have withdrawn your consent, if one of the other legal bases described above is applicable.
6. Who we share your personal information with
We will never share or sell your information to external companies for their own marketing purposes.
We may have to share your personal data with the parties set out below for the purposes set out in the table above.
· Consultants, contractors and freelancers who work with us
· Network partners and service providers e.g. web developers, digital marketing companies
· Specific third parties whose websites or facilities we use such as Salesforce, WordPress, Xero, Calendly, Stripe, Paypal, Dropbox, Gmail, Google Drive, Mailchimp, SurveyMonkey, Thinkific, Hootsuite, Eventbrite, Zoom, Skype, Facebook, Google, LinkedIn, Royal Mail and Couriers
· Event organisers for our webinars, seminars, workshops
· Government authorities as required by regulation or law e.g. tax authorities, courts
· A new employer e.g. for an employment reference
· Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Any links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
Our website and social media pages and groups allow you to share content with other users. Any personal data you contribute to these can be read, collected and used by other users of the application. We have little or no control over these other users, so any information you contribute to these might not be handled in line with this privacy statement.
We may share non-personal, anonymised and aggregated information with third parties for several purposes, including data analytics, research, submissions, thought leadership and promotional activity.
7. How long we keep your personal information
We will keep your personal information for as long as you are a customer of Grow Global Limited or signed up to one of our marketing communications, such as e-newsletter, SMS, messenger.
After you stop being a customer:
· We may contact you for up to 10 years, unless you have asked us not to send marketing messages to you
· We may keep your personal information for longer than 10 years for one of these reasons:
o To respond to questions or complaints
o To show that we treated you fairly
o For a period in which litigation or investigations might arise in respect of the products or services
o To maintain records according to legal, tax and accounting requirements and documented business need
o we cannot delete it for legal, insurance, regulatory or technical reasons. In these circumstances, we will make sure that your privacy is protected.
8. Transferring your personal data internationally
Personal information we hold about you may be transferred to other countries (which may include countries outside the European Economic Area (EEA)), in particular:
· Technology providers based internationally e.g. Mailchimp, SurveyMonkey, Thinkific
· Network partners and local professionals in other countries to provide our products and services.
We rely on performance of the contract as the legal basis for this transfer as it would not be possible for us to perform the contract without working with local professionals in your desired countries.
These providers and partners have their own privacy policies to protect your personal data.
Some countries may have less stringent privacy laws than we do, so any information they hold can become subject to their laws and disclosure requirements, including disclosure to governmental bodies, regulatory agencies and private persons.
9. How we keep your personal information secure
We use a range of measures to ensure we keep your personal data secure, accurate and up to date. These include:
· education and training to relevant staff to ensure they are aware of our privacy obligations when handling personal data
· limit access to restrict access to personal data to those employees, agents, contractors and other third parties on a ‘need to know’ basis, who are subject to a duty of confidentiality
· technological security measures, including fire walls, encryption and anti- virus software
· using state of the art technology providers who take privacy seriously.
The transmission of data over the internet (including by e-mail) is never completely secure. So although we use appropriate measures to try to protect personal data, we cannot guarantee the security of data transmitted to us or by us. You are advised to take suitable precautions when transmitting data via the internet.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
10. How we use it for marketing
We may use your information from time to time to inform you by letter, telephone, email, mobile message and other electronic methods about relevant products and services (including those of third parties) that may be of interest to you. This is what we mean when we talk about ‘marketing’.
This will be if you have purchased products and services from us or attended events with us or where we have been a speaker, or if you provided us with your details when you entered your email address to opt into our newsletters, a competition or a promotion and have not opted out of receiving that marketing.
You can withdraw your consent and ask us to stop sending any marketing messages at any time. If you want do so, please contact us in writing by email at office@growglobal.com or write to us at our registered address above. Please allow up to 30 days to remove your details from our marketing database.
Where you opt out of receiving marketing messages, this will not apply to personal data provided to us as a result of a product or service purchase, product or service experience or other transactions.
You may also wish to sign up to one or more of the preference services operating in the UK: The Telephone Preference Service (the TPS), the Corporate Telephone Preference Service (the CTPS), and the Mailing Preference Service (the MPS). These may help to prevent you receiving unsolicited marketing. Please note, however, that these services will not prevent you from receiving marketing communications that you have consented to receiving.
11. Your legal rights
You have various rights in relation to your personal data. In particular, you have a right to:
· obtain confirmation that we are processing your personal data and request a copy of the personal data we hold about you
· be informed about the processing of your personal data (i.e. for what purposes, what types, to what recipients it is disclosed, storage periods, any third-party sources from where it was obtained, confirmation of whether we undertake automated decision-making, including profiling, and the logic, significance and envisaged consequences)
· ask that we update the personal data we hold about you, or correct such personal data that you think is incorrect or incomplete
· ask that we delete personal data that we hold about you, or restrict the way in which we use such personal data; withdraw consent to our processing of your personal data (to the extent such processing is based on previously obtained consent)
· receive a copy of the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit such personal data to a third-party
· ask us to stop or start sending you marketing messages at any time by contacting us or unsubscribing
· object to our processing of your personal data.
If you want us to stop using your personal data
You have the right to object to our use of your personal information if there is no need for us to keep it. This is known as the ‘right to object’ and the ‘right to erasure’ (or the right to be ‘forgotten’).
We may be able to restrict the use of your personal information so that it can only be used for certain things, such as legal claims or to exercise legal rights. In this situation, we would not use or share your information in other ways while it is restricted.
You can ask us to restrict the use of your personal information if:
· It is not accurate
· It has been used unlawfully, but you don’t want to delete it
· It is not relevant any more, but you want us to keep it for use in legal claims
· You have already asked us to stop using your personal information, but you are waiting for us to assess your request and confirm whether we are permitted to continue using the personal information under data protection law.
If you want us to erase your personal information
If you feel that we should no longer be using your personal information, or that we are illegally using your data, you can request that we erase the personal information we hold on you. When we receive your request, we will confirm whether the personal information has been deleted or tell you the reason why it cannot be deleted. There may be legal reasons why we need to keep your personal information.
If you would like to exercise any of the rights listed above, please do so in writing via email on office@growglobal.com or at the address above. Once we have received your request we will respond within 1 month. Occasionally it may take us longer if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
We will need to verify your identity as a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
You will not have to pay a fee to access your personal. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
12. Your right to complain
If you wish to raise a complaint about how we are using your information, exercise any of the rights set out above, or if you have any questions or comments about privacy issues, you can contact us.
We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance. If you are not satisfied with our response to your request or you believe that we are not processing your information in accordance with the law, you can also complain to the Information Commissioner’s Office, which regulates and supervises the use of personal data in the UK by:
· calling on +44 (0)303 123 1113
· visiting their website at https://ico.org.uk/global/contact-us
If you are not based in the UK, you have a right to complain to the EU Data Protection Authority (“DPA”) in your jurisdiction.
13. Changes to this privacy policy
We may modify or amend this privacy statement from time to time or as may be required by law.
When we make changes to this privacy statement, we will amend the revision date at the top of this website page and amend this page. The modified or amended privacy statement will apply from that date. We encourage you to review this statement periodically to remain informed about how we are protecting your information and will notify our customers. You will be deemed to have accepted the terms of the Privacy Policy on your first use of our site following the updates.
14. Contacting us
When you contact us, we will need to verify your identity for security. Verifying your identity is an important way of safeguarding against criminal activities including the prevention of illicit access to your information.
If we are unable to validate your identity, we may ask you to provide us with further evidence so that we can access your information.
Here are our contact details:
· writing to Grow Global Limited, 3rd Floor, Queensberry House, 106 Queens Road, Brighton, BN1 3XF, UK
· sending an email to office@growglobal.com.