Privacy Policy

This policy applies to Cleveland & Co (comprising Cleveland & Co Associates Limited “Cleveland UK”) and Cleveland & Co Associates Pty Ltd (“Cleveland Australia”) (together referred to as “Cleveland & Co”, “we”, “us”, “our”).

Cleveland UK is incorporated in England and Wales, company No. 07871988, 79 Weston Street, London, SE1 3RS, UK. Cleveland UK is authorised and regulated by the Solicitors Regulation Authority (“SRA”) under no. 622069, as an alternative business structure, and as such all our solicitors are subject to the principles and code of conduct set out by the SRA. Please visit  https://www.sra.org.uk/solicitors/standards-regulations/ for more information. Cleveland Australia is incorporated in New South Wales, Australia, ABN 31 654 249 519, ACN 654 249 519. Cleveland Australia is not authorised or regulated by the Law Society of New South Wales. All legal services provided by Cleveland & Co are provided by Cleveland UK.

This policy (together with our terms of use and any other documents referred to in it) sets out the basis on which any personal data we collect from our clients, prospective clients, suppliers, employees, shareholders, workers, website users, and other third parties (“you”, “your”) or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting www.cleveland-co.com (“our site”) you are accepting and consenting to the practices described in this policy. You can withdraw such consent at any time. This policy applies to all personal data we process regardless of the media on which that data is stored or whether it relates to past or present employees, workers, customers, clients or supplier contacts, shareholders, website users or any other data subject.

For the purposes of applicable data protection laws (including but not limited to the UK Data Protection Act 2018, UK General Data Protection Regulation, the Australian Privacy Act 1988 and the Australian Privacy Principles) (“Applicable Laws”) we act as data processor and controller.

  1. INFORMATION WE MAY COLLECT FROM YOU

We may collect and process the following data about you (including without limitation):

Information that you give us

You may give us information about you by filling in forms on our site or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you become a client or employed with us, register to use our site, subscribe to our mailing lists, participate in social media functions on our site, request our services, and when you report a problem with our site. If you contact us, we may keep a record of that correspondence. We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.

Information you give us may comprise:

  • your name, address, telephone number, email address, information that may be in any public profiles, profile pictures, gender, date of birth, relationship/marital status and dependants, interests and hobbies, educational details, employment details and financial information;
  • information relating to transactions, including purchases of goods and services, that you enter into with us and/or through our website, and may comprise contact details, card and/or bank details and transaction details;
  • information that you provide when you register for any of our courses or purchase any of our course materials; and
  • information contained in or relating to any communication that you send to us, including any metadata associated with the communication, where applicable.

Information we collect about you

With regard to each of your visits to our site we may automatically collect the following information:

  • Information that you provide by filling in forms on our site https://staging.cleveland-co.com/ (our site). This includes information provided at the time of registering to use our site, subscribing to our service, posting material or requesting further services. We may also ask you for information when you enter a competition or promotion sponsored by Cleveland & Co, and when you report a problem with our site;
  • If you contact us, we may keep a record of that correspondence;
  • We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them;
  • Details of transactions you carry out through our site and of the fulfilment of your orders;
  • Information that you provide when you register for any of our courses or purchase any of our course materials; and/or
  • Details of your visits to our site including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access.

In specific circumstances, usually for current and future employees, we may collect other data about you to support Cleveland & Co’s legitimate interests in running, promoting and developing its business. This data may include photographs, video, audio recordings, and other visual and audio multimedia as well as information that may be in any public profiles, educational details and employment details.

In specific circumstances, usually only in respect of current, former or future employees, we may collect special categories of personal data or sensitive information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). We may also collect information related to criminal convictions and offences. Such information will only be collected pursuant to human resource and employment law requirements.

Information we receive from other sources

We may receive further information of the categories set out above about you if you use any of the other websites we operate or the other services we provide. In this case, any data collected may be shared internally and combined with data collected on this site. We may also work closely with third parties (including, for example, business partners, sub-contractors, analytics providers, search information providers) and may receive information about you from them.

Failure to provide personal data

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

  1. IP ADDRESSES AND COOKIES

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see https://staging.cleveland-co.com/terms-of-use/cookie-policy/.

  1. USES MADE AND PROCESSING OF THE INFORMATION

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • where we need to perform the contract we are about to enter into or have entered into with you;
  • where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; and/or
  • where we need to comply with a legal obligation.

We may use information held about you (information that you give to us, information we collect about you and information we receive from other sources) in the following ways:

Information you give to us or that we collect from you

We may process information that you give to us or that we collect from you:

  • to carry out the necessary pre-employment and post-employment checks for human resource purposes;
  • to carry out our obligations arising from any contracts of any kind entered into between you and us and, where appropriate, to provide you with the information, products and services that you request from us;
  • to notify you about changes to our service, policy and anything that may be affecting a contract between us;
  • to ensure the security of our website and services, maintaining back-ups of our databases, communicating with you and record-keeping;
  • for the purposes of offering, marketing and selling relevant products and/or services to you;
  • for the purposes of supplying goods and/or services that we may from time to time advertise and sell through our website (including our courses), and keeping proper records of those transactions and to process your payment for such course materials and/or courses;
  • to analyse the use of the website and services;
  • to ensure that content from our site is presented in the most effective manner for you and for your computer;
  • for the purposes of complying with any legal obligation to which we are subject;
  • for the purposes of business development and marketing, within the constraints of our legitimate interests;
  • where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; and
  • in rare circumstances, where we need to protect your interests (or someone else’s interests) and/or where it is needed in the public interest;
  • to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
  • to allow you to participate in interactive features of our service, when you choose to do so;
  • as part of our efforts to keep our site safe and/or secure;
  • to make suggestions and recommendations to you and other users of our site about services that may interest you or them;
  • to collect broad demographic information for aggregate use;
  • in co-operation with your internet provider, to identify you if we feel it is necessary to enforce compliance with our terms or use or to protect our service, site, users or others;
  • to collect technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
  • to collect information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); services you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.

Information of third parties

You will not supply to us, and we will not accept, any other person’s personal data other than your own personal data.

  1. CHANGE OF PURPOSE

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

  1. DISCLOSURE OF YOUR INFORMATION

Group members

We may share your information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries for the purposes set out in this policy.

Selected third parties

We may also share your information with selected third parties for the purposes set out in this policy. These selected third parties may include:

  • business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you, including payment services providers;
  • analytics and search engine providers that assist us in the improvement and optimisation of our site; and
  • insurers and/or professional advisors for the purposes of maintaining appropriate insurance levels, managing risks, obtaining legal advice and managing disputes.

We may disclose your information to third parties for the following purposes:

  • where it is necessary to administer a working relationship with you;
  • where it is necessary for pre-employment and post-employment checks for human resource purposes and in accordance with employment law;
  • where we have a legitimate interest in doing so;
  • in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
  • if all or substantially all of our assets are acquired by a third party, in which case personal data held by it about its members will be one of the transferred assets;
  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; and/or
  • to protect the rights, property, or safety of our company and our members or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

  1. WHERE WE STORE YOUR PERSONAL DATA

The data that we collect from you is hosted and stored by Dropbox International Unlimited Company, which is based in Ireland and in the event that Dropbox Inc. (their US Affiliate entity) needs to process customer data that is subject to EU Data Protection Laws, by signing up to the services, customers agree to the Data Processing Agreement between the two Dropbox entities which includes EU Standard Contractual Clauses. This ensures that where there are any transfers of personal data to Dropbox Inc. that an adequate level of protection and appropriate safeguards are in place with respect to that personal data.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

You acknowledge that any personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.

  1. INTERNATIONAL TRANSFERS

We share your personal data within the Cleveland & Co group. This will involve transferring your data between the UK and Australia. Your data may be transferred to, and stored to any other destination within or outside the UK or Australia. It may also be processed by staff operating within and outside the UK and Australia, who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the provision of services to you and the provision of support services. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy and in compliance with the Applicable Laws in relation to transferring your data, including, entering into standard contractual clauses to ensure an appropriate level of security of your data where it is transferred to an international jurisdiction.

  1. SECURITY OF INFORMATION

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

You acknowledge that any personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.

  1. DATA RETENTION

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, human resources, or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

  1. YOUR RIGHTS

Subject to the Applicable Laws, you may have certain rights available to you such as:

Information

The right to be informed of your rights and how your personal data will be stored, treated, deleted and controlled, as is set out in this policy.

Access to information

The right to access your personal data, so that you are aware of and can verify the lawfulness of the processing. Any access request is free of charge.

Please note that we reserve the right to charge a reasonable fee taking into account the administrative costs of providing the information and/or refuse to respond to any access request, should any such requests are viewed as manifestly unfounded or excessive or, if in particular, these requests are repetitive.

If any such requests are denied, you may have the right to complain to the relevant supervisory authority.

Rectification

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.

If any data held about you is incorrect or incomplete, we will take the necessary steps to correct and complete the relevant information.

Erasure

You can request that any data is erased:

  • where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed;
  • when you wish to withdraw consent;
  • when you object to the processing and there is no overriding legitimate interest for continuing the processing;
  • when your personal data has been unlawfully processed in breach of the Applicable Laws;
  • when your personal data has to be erased in order to comply with a legal obligation; and
  • when your personal data is processed in relation to the offer of information society services to a child.

Restriction

Processing of your personal data will be restricted in any of the following circumstances:

  • where there is a contest regarding the accuracy of your personal data, we will restrict any processing until the data has been verified;
  • where you object to the processing and we need to consider whether your organisation’s legitimate grounds override those of the individual;
  • when processing is unlawful and you oppose erasure and request restriction instead; and
  • if we do no longer need your personal data but you require the data to establish, exercise or defend a legal claim.

Data Access Portability

You may also, free of charge, request to view, access and use your personal and transaction data in a way that is generally portable. We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

Objection

You may express an objection on grounds relating to your particular situation where for example, we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

LINKS TO THIRD PARTY WEBSITES

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

  1. DATA ACCURACY

Whilst we accept responsibility for maintaining the personal information entrusted to us on our site, we are not responsible for its accuracy over time or at the point of entry. If you identify any inaccuracy in your personal information, as a registered user you can make any necessary changes as required and as provided in this policy.

  1. CHANGES TO OUR PRIVACY POLICY

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy and to ensure that you are happy with any such changes.

  1. CONTACT

Questions, comments and requests regarding this privacy policy are welcomed. You can contact us:

  1. by e-mail at the following e-mail address: and should be addressed to enquiries@cleveland-co.com;
  2. by post, at our registered office address set out above; and
  3. by telephone, using the contact number published on our website from time to time.
  1. FILING OF COMPLAINTS

If you have any complaints or concerns about the contents of this policy or your personal data stored, processed and/or controlled by us, we would appreciate the chance to deal with your concerns before you approach the relevant supervisory authority so please contact us at enquiries@cleveland-co.com in the first instance.