Privacy Notice

Leadership Success Privacy Notice (last updated 01/08/2022)

Privacy Notice

Privacy Notice regarding the processing of AU Personal Data about clients pursuant to the Australian Privacy Principles "APPs" 2014 as published by the Office of the Australian Information Commissioner, EU Personal Data about clients pursuant to the EU General Data Protection Regulation “EU GDPR” and UK Personal Data about clients pursuant to the UK General Data Protection Regulation "UK GDPR" and the UK Data Protection Act 2018 "UK DPA".

This privacy notice sets out how Leadership Success (“LS”) through its Australian headquarters, processes and protects personal data of its clients, potential clients and visitors to its website.

Leadership Success is a global company, headquartered in Australia, which provides consulting, coaching and training services services to corporations, not-for-profit and government organisations, as well as individuals worldwide.

The type of personal data that we process, as described in this Privacy Notice, are those necessary for us to provide clients with services.

In line with the transparency requirements of the EU and UK GDPR, UK DPA and the APPs this Privacy Notice sets out the following information:

1. Identification of data controllers
2. Cookies
3. Sources/categories of personal data that we process and lawful bases for processing
4. How the personal data we collect will be shared
5. Our retention policy for records containing personal data
6. An individual’s rights in relation to their personal data
7. Public data
8. Making a privacy complaint (Australian residents)
9. Contact details of our Data Protection Officer in the UK and EU
10. Definitions of terms used in this Privacy Notice

 

1. Identification of data controllers 

A data controller is a person, company, or other body that determines the purpose and means of personal data processing. Leadership Success considers itself the data controller in relation to the personal data it collects from its organisational clients and their third-party employees, as well as the data it collects from individual clients.

Where Leadership Success obtains personal data from its organisational client in relation to third-party employees, it does so on the basis that organisational client has satisfied its own obligations as a controller in its own right in relation to the collection, processing and transfer of such personal data to us.

Leadership Success Pty Ltd is a company headquartered in Sydney, Australia, and supplies its services worldwide. There are no other related legal entities operating outside of Leadership Success Pty Ltd ABN 56 124 760 256, ACN 124 760 256.

The company details of Leadership Success Pty Ltd are as follows:

Australian office
Leadership Success Pty Ltd
Level 4
100 Harris Street
Pyrmont, Sydney, NSW 2009
Australia

UK office
Leadership Success - UK Office
4th Floor, Silverstream House
45 Fitzroy Street, Fitzrovia
London
W1T 6EB
United Kingdom

North American office
Leadership Success - US Office
2802 Flintrock Trace
Suite 308
Austin, Texas 78738
United States

 

2. Cookies and other technologies

A "cookie" is a small file of letters and numbers that is sent to your browser and stored on the hard drive of your computer (or internet enabled device) when you visit a website. It is a way of identifying how website visitors engaging with its properties, without personally identifying individual visitors.

Like many websites, Leadership Success uses cookies and other technologies to maintain a record of interaction with our website.  You do not have to accept the cookies used by our website. As certain cookies are necessary for the performance of our website, however, you may not be able to use some of the features of the website. Your browser may also be configured to allow you to refuse or delete cookies or to be notified when a cookie is stored to your device.

Leadership Success uses the following cookies on our website:

  • Essential cookies that are necessary to deliver some of the essential features of teh website. For example, ensuring that the pages load quickly and correctly and enabling Leadership Success to understand usage of the site. These cookies cannot be switched off.
  • Functionality cookies that provide enhanced website functionality and personalisation to make engaging with Leadership Success easier. They may be set by us, or by third party service providers that we work with. They enable functionality such as allowing you to download guides, sign up to events, and sign into your Leadership Success dashboard. Switching off these cookies means that some functionality will not be available to you and some areas of our website will not work as intended.
  • Analytics cookies that help Leadership Success to better understand how our website is being used so that we can improve performance of the site. For example, they monitor and track international usage of the website, the performance of certain pages and time spent browing. As part of these cookies your Internet Protocal address (IP) address is collected to provide and protect the security of the service, and give us a sense of which country state or city in the world our website visitors are coming from. Switching these off will mean that we can't monitor some aspects of the quality of your website experience.

 

3. Sources/categories of personal data that we process and lawful bases for processing

Leadership Success processes various categories of personal data for the purposes identified below, with the lawful basis indicated for each respective processing activity.

The services that Leadership Success provides includes online consulting, training and coaching services. Leadership Success also provides ancillary services including live events. Leadership Success clients include organisations and related third parties including their employees, as well as individuals.

Information collected for ancillary services including live events

For individuals attending Leadership Success's ancillary services including live events, information processed includes information relevant to the sign up, attendance and payment for the relevant service.

Below Leadership Success has identified the most typical categories along with the relevant purposes and lawful bases for processing.

The categories of personal data that Leadership Success process for the purpose of delivering its ancillary services includes the following:

  1. Contact details of the individual for the purpose of communication in relation to their attendance, use of the service and follow up information.
  2. Credit card information of the individual for the purpose of purchasing a ticket for the event or purchase of the relevant ancillary service.

Information collected for consulting, training and coaching services

For organisational clients, related third-party employees, or individual clients undertaking consulting, coaching or training services, information processed includes information relevant to the delivery of the service.

Below Leadership Success has identified the most typical categories along with the relevant purposes and lawful bases for processing.

The categories of personal data that Leadership Success process for the purpose of delivering its consulting, coaching and training services includes the following:

  1. Business contact details of organisational clients and contact information of individual clients for the purposes of communication in relation to the provision of services.
  2. Business information provided by organisational clients, to enable Leadership Success to assess what provision of services is appropriate.
  3. Information necessary to carry out coaching services to third party employees of organisational clients, or to individuals. The categories of personal data that Leadership Success processes for this purpose includes:
    1. Relevant business or personal contact details (the individual's name, position, company affiliation, email address and telephone number).
    2. Leadership assessment scores (response data in relation to Leadership Success’s managerial scenario-based questionnaires).
    3. Internal leadership performance feedback scores (pseudonymised response data from an employee or individual's team and manager in relation to their leadership performance on the job).
    4. Progress data on goals and actions completed.
    5. Notes on Leadership coaching sessions (provided by the third-party employees or individual clients including information about their working environment, team, work related issues etc). In some of the cases referenced above, the data that Leadership Success collects and processes involves the processing of special categories of personal data. This data is provided by the third-party employee or individual client themselves.

The legal bases upon which Leadership Success processes such data will depend on the circumstances of each case, but will always be carried out based on the explicit consent of the third-party employee or individual concerned. For third-party employees, Leadership Success may process data on the basis that the processing is:

  1. Necessary for the purpose of the third-party employee carrying out their employment obligations, unless that is outweighed by harm to their individual rights and interests
  2. Necessary for the purposes of the legitimate commercial interests pursued by organisational clients in improving workplace productivity, and reducing overall workplace stress and conflict, unless that is outweighed by harm to a third-party employee’s individual rights and interests.
Where Leadership Success obtains personal data from a client in relation to third-party employees, it does so on the basis that the organisational client has satisfied its own obligations as a controller in its own right in relation to the collection, processing and transfer of such personal data to Leadership Success.

 

4. How the personal data Leadership Success collects will be shared

The following sets out a summary as to how personal data Leadership Success collects and processes is shared:

Information type: Personal contact details for events

Recipient: Third-party service providers (secure CRM platform, secure payment platform).

Information type: Credit card details

Recipient: Third-party service providers (secure CRM platform, secure payment platform).

Information type: Business or personal contact details

Recipient: Third-party service providers (secure CRM platform), Third party consultant (coaching or facilitation staff).

Information type: Business information

Recipient: Third-party service providers (secure CRM platform), Third party consultant (coaching or facilitation staff).

Information type: Business contact details of third-party employees

Recipient: Third-party service providers (secure CRM platform, calendar management platform), Third party consultant (coaching or facilitation staff).

Information type: Internal leadership performance feedback scores as rated by a third party employee or individual client's team or leader

Recipient: Organisational client (pseudonymised) and relevant third-party employee (pseudonymised) or individual client, Third-party service providers (secure CRM platform, dashboard platform), Third party consultant (coaching or facilitation staff). Scores provided by individual team members are not identifiable as results are amalgamated into a group score.

Information type: Internal leadership performance feedback free text fields (optional)

Recipient: Organisational client and relevant third-party employee, or individual client, Third-party service providers (secure CRM platform, dsahboard platform), Third party consultant (coaching or facilitation staff).

Information type: Notes on leadership coaching session of employees

Recipient: Third-party service providers (secure CRM platform), Third party consultant (coaching or facilitation staff).

Information type: Record of actions completed and development goals achieved

Recipient:Organisational client and relevant third-party employee, or individual client, Third-party service providers (secure CRM platform, dashboard platform), Third party consultant (coaching or facilitation staff).


The data recipients include CRM and other software platforms which act as data processors and process the information on the instruction from Leadership Success. This data processing forms the basis of Leadership Success's service offering. The data recipients also include coaching staff who are third-party consultants.

Leadership Success shares personal data with its trusted service providers pursuant to its contractual arrangements with them, which will include appropriate safeguards to protect any personal data that we share with them, including the use of cloud based software systems, multi-factor authentication, user access logs, mandatory password changes and remotely controlled devices to enable wiping in the event of theft or loss. All Leadership Success employees and contractors undergo Code of Conduct training, which includes data privacy and confidentiality.

The locations of data processors  include Australia and the United States of America, which means EU and UK data may be transferred out of the EU and UK location and between these locations. Where the recipient is a data processor, Leadership Success has contractual arrangements, which incorporate standard contractual clauses. Leadership Success ensures physical and environmental security controls are audited for SOC 2 Type II and ISO 27001 compliance and that data transmissions are encrypted in transit. If you  would like further information on the data processing requirements, or a copy of the standard contractual clauses that have been agreed by your organisation and Leadership Success you can contact:

By email: datasubjectrequests@leadershipsuccess.edu.au

Postal addresses can be supplied upon request.

Leadership Success will never sell personal data collected for the purpose of carrying out its services, nor knowingly permit it to be used for marketing purposes outside of Leadership Success.

 

5. Leadership Success's retention policy for records containing personal data

Leadership Success retains personal data only for as long as necessary for the purposes for which the data was collected, except where necessary in order to pursue our legitimate interests. More specifically, legitimate interests in this instance refer to the analysis and validation of pseudonymised data in score benchmarks and do not refer to the selling or use of data for marketing purposes outside of Leadership Success.

 

6. An individual’s rights in relation to their personal data

The Australian APPs, EU GDPR and UK GDPR and DPA provide certain rights to data subjects in relation to personal data.In some cases, the exercise of these rights (for example, erasure, objection, restriction or the withholding or withdrawing of consent to processing) may make it impossible for us to achieve the purposes identified in Section 3 of this Privacy Notice and provide effective Leadership Development Services.

Any individual wishing to assert their rights mentioned above under the AU APP’s, EU GDPR or AU GDPR should address their request to:

By email: datasubjectrequests@leadershipsuccess.edu.au

Postal addresses can be supplied upon request.

 

7. Public Data

Leadership Success aggregates and compiles data and information from the census, data suppliers and compliers, news outlets, public directories, web forms and from publicly available information and sources. Our lawful basis for processing this data we gather from public sources is our legitimate interest.

 

8. Making a privacy complaint (Australian residents)

If you believe any of Leadership Success’s services breach the Australian Privacy Principles, or a relevant code, you should first write to or email LS at service@leadershipsuccess.edu.au with the subject heading “Privacy Complaint”.

Leadership Success will respond to your complaint within 30 calendar days. If you feel that Leadership Success has not adequately addressed your complaint, or you receive no response after 30 calendar days, you may make a complaint to the Office of the Australian Information Commissioner (OAIC). Please see this guide on their website for more details.

 

9. Contacting Leadership Success's Data Protection Officer (EU or UK residents)

Leadership Success has appointed a Data Protection Officer based in the United Kingdom, who acts to support our GDPR compliance efforts.

The contact details for our DPO are as follows:

By email: dataprotectionofficer@leadershipsuccess.edu.au

Postal address can be provided upon request.

Please direct all general queries relating to this Privacy Notice or Leadership Success’s compliance with the GDPR to Leadership Success's DPO. 

 

10. Definitions of terms used in this Privacy Notice

“AU” means Australia.

“APPs” means the Australian Privacy Principles 2014.

“Client” including “Clients” means a legal entity that is or was a client of Leadership Success pursuant to an agreement, or that makes or has made contact with, or has had discussions with Leadership Success with a view to such an agreement being established (whether or not such a contract or agreement was or is subsequently established).

“Controller” means an individual or entity who or which, alone or jointly, determines the purposes and means of processing personal data (and where relevant, this term shall have the specific meaning attributable to it for the purposes of the GDPR).

“EU” means the European Union or, where relevant in the given context, the European Economic Area.

"EU GDPR” means the General Data Protection Regulation, (EU) 2016/679.

"UK GDPR" means the UK General Data Protection Regulation.

"UK DPA" means the UK Data Protection Act 2018.

“Individual” means a human person (also sometimes referred to as a “natural” person).

“Personal data” means any information relating to an identified or identifiable individual (a “data subject”). An identifiable individual is one whose identity can be established by one or more identifiers (for example, their name) specific to that individual.

"Data processor" means that third party that processes personal data on behalf of the controller Leadership Success.

“Processing” means any operation or set of operations which is performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

“Third party” when used to describe a data subject, means an individual who is not a client.

“Third-party data” means personal data of a third party.