Privacy Policy

This policy outlines how we collect, use, store, and protect your personal data in connection with our consultancy services. We are committed to transparency and compliance with data protection laws, including the UK General Data Protection Regulation (GDPR).

1. Who is responsible

  • Your Data Controller: Myself - Nicola Mlalazi – Freelance Health & Social Care Consultant & Advisor.
  • Contact Information: nicola.mlalazi@outlook.com. I am based in Dorset, UK.

2. What Information We Collect

We only collect information that is necessary to provide our consultancy services and engage with you professionally. This may include:

  • Contact Information: Your name, email address, phone number, and company name.
  • Service-Related Data: Information relevant to the consultancy services you require, such as details about your care service, CQC ratings, HR practices, operational challenges, and business goals. This can include sensitive data where relevant to providing specific services (e.g., details about staff records for HR audits, or CQC reports).
  • Communication Data: Records of our correspondence, including emails, Teams call transcripts (if consented to and recorded), and notes from consultations.
  • Website Usage Data: Information about how you interact with our website, collected via cookies (see Section 6). This helps us improve our website's functionality and user experience.
  • Payment Information: Details required for billing and payment processing (e.g., bank details or credit card information), processed securely through third-party payment providers.

3. How We Collect Your Information

We collect information through various methods:

  • Direct Interactions: When you contact us via email, phone, contact forms, or during initial consultations.
  • Calendly Bookings: When you schedule calls through our Calendly link.
  • LinkedIn Engagement: When you connect with us or send messages via LinkedIn.
  • Website Forms: Through inquiry forms or subscription sign-ups on our website.
  • Service Delivery: During the course of providing consultancy services, through assessments, audits, and data sharing (always with your explicit consent).

4. How We Use Your Information (Legal Basis)

We use your personal data for specific purposes, based on clear legal grounds:

  • To Provide Consultancy Services (Contractual Necessity): To deliver the services you've engaged us for, including conducting assessments, developing strategies, providing toolkits, and offering advice.
  • For Communication & Relationship Management (Legitimate Interests): To respond to your inquiries, schedule meetings, provide updates on our services, and manage our professional relationship.
  • For Marketing Purposes (Consent/Legitimate Interests): To send you newsletters, updates, or information about new services that may be of interest to you, only where we have your explicit consent or a legitimate business interest to do so. You can opt-out at any time.
  • For Business Operations & Improvement (Legitimate Interests): To analyze website usage, improve our services, and ensure the efficient running of our business.
  • For Legal & Regulatory Compliance (Legal Obligation): To meet our legal and regulatory obligations, such as financial record-keeping or responding to lawful requests from authorities.

5. How We Store and Protect Your Information

  • Data Security: We implement robust technical and organizational measures to protect your personal data from unauthorized access, accidental loss, destruction, or damage. This includes using secure cloud storage, password protection, and access controls.
  • Data Location: Your data is primarily stored on secure servers located within the European Economic Area (EEA) or in countries providing adequate data protection safeguards (e.g., through Standard Contractual Clauses for transfers outside the EEA).
  • Data Retention: We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements. Generally, client data related to services will be kept for [e.g., 7 years] after the contract ends to meet tax and legal obligations.

6. Sharing Your Information

We do not sell your personal data. We may share your information with trusted third parties only when necessary for our business operations or service delivery, and always under strict confidentiality agreements:

  • IT Service Providers: For website hosting, email services, cloud storage (e.g., Google Workspace, Microsoft 365, Calendly).
  • Payment Processors: To facilitate secure financial transactions.
  • Professional Advisors: Such as accountants or legal counsel, when required.
  • Regulatory Bodies: If legally obliged to do so (e.g., CQC, Home Office, HMRC).
  • Collaborating Consultants: If we partner with another consultant on a specific project for you, only with your explicit consent.

7. Your Data Protection Rights

Under GDPR, you have significant rights regarding your personal data:

  • Right to Be Informed: To know how your data is being used (as explained in this policy).
  • Right of Access: To request a copy of the personal data we hold about you.
  • Right to Rectification: To request correction of inaccurate or incomplete data.
  • Right to Erasure ( "Right to Be Forgotten"): To request deletion of your personal data in certain circumstances.
  • Right to Restrict Processing: To request that we limit the way we use your data.
  • Right to Data Portability: To request your data in a structured, commonly used, machine-readable format.
  • Right to Object: To object to the processing of your data in certain situations (e.g., for direct marketing).
  • Rights Related to Automated Decision Making: To object to decisions based solely on automated processing.

To exercise any of these rights, please contact us at nicola.mlalazi@outlook.com. We will respond to your request within one month.

8. Cookies

Our website uses cookies to enhance your Browse experience. Cookies are small text files placed on your device. We use them for:

  • Essential Functionality: To make our website work correctly.
  • Analytics: To understand how visitors use our website (e.g., Google Analytics), helping us improve content and user experience. You can manage your cookie preferences through your web browser settings.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on this page, and the "Last Updated" date will be revised. We encourage you to review this policy periodically.

10. Contact Us & Complaints

If you have any questions about this Privacy Policy or our data practices, please contact us:

  • Email: nicola.mlalazi@outlook.com 

My aim is to respond toany complaints within 7 working days of receiving your complaint

If you are not satisfied with our response to a complaint, you have the right to lodge a complaint with the UK's supervisory authority for data protection, the Information Commissioner's Office (ICO).

  • ICO Website: www.ico.org.uk
  • ICO Helpline: 0303 123 1113

©Copyright. All rights reserved.

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.

Privacy Settings

Website Translator

Google Maps

Privacy Settings

This tool helps you to select and deactivate various tags / trackers / analytic tools used on this website.

Select all services
Website Translator
More
Google Maps
More
Save Settings