Privacy Notice

Leadership Success Privacy Notice (last updated 11/2/2019)

Privacy Notice

Privacy Notice regarding the processing of AU Personal Data about clients pursuant to the Australian Privacy Principles 2014 as published by the Office of the Australian Information Commissioner and EU Personal Data about clients pursuant to the EU General Data Protection Regulation “GDPR”

This privacy notice sets out how Leadership Success (“LS”) through its Australian headquarters, processes and protects the personal data of our clients and individuals related to its Clients.

Leadership Success is an Australian company which provides Human Resources/Learning and Development services to corporations, not-for-profit and government organisations worldwide. More specifically, Leadership Success provides its Clients with the ability to assess, plan and carry out leadership development activities with third-parties including their internal employees and contractors.

The type of personal data that we process, as described in this Privacy Notice, are those necessary for us to provide our Clients with effective leadership development and to carry out various ancillary activities (“Leadership Development Services”).

In line with the transparency requirements of Articles 13 and 14 of the GDPR and APP 1 of the APPs this Privacy Notice sets out the following information:

1. Identification of data controllers
2. Cookies
3. Sources/categories of personal data that we process and lawful bases for processing
4. How the personal data we collect will be shared
5. Our retention policy for records containing personal data
6. An individual’s rights in relation to their personal data
7. Making a privacy complaint (Australian residents)
8. Contact details of our Data Protection Officer in the EU
9. Definitions of terms used in this Privacy Notice

 

1. Identification of data controllers 

A data controller is a person, company, or other body that determines the purpose and means of personal data processing. Leadership Success considers itself the data controller in relation to the personal data it collects from its clients and their third-party employees.

Where Leadership Success obtains personal data from its client in relation to third-party employees, we do so on the basis that our client has satisfied its own obligations as a controller in its own right in relation to the collection, processing and transfer of such personal data to us.

Leadership Success Pty Ltd is a company which operates from Australia and supplies its services worldwide. There are no other current branch offices or related legal entities operating outside of Leadership Success Pty Ltd.

The company details of Leadership Success Pty Ltd are as follows:

Leadership Success Pty Ltd
ABN 56 124 760 256, ACN 124 760 256
Suite 34.02, 100 Miller Street
North Sydney NSW 2060
Australia


2. Cookies and other technologies

A "cookie" is a small file of letters and numbers that is sent to your browser and stored on the hard drive of your computer (or internet enabled device) when you visit a website. It is a way of identifying how website visitors engaging with its properties, without personally identifying individual visitors.

Like many websites, Leadership Success uses cookies and other technologies to maintain a record of interaction with our website.  You do not have to accept the cookies used by our website. As certain cookies are necessary for the performance of our website, however, you may not be able to use some of the features of the website. Your browser may also be configured to allow you to refuse or delete cookies or to be notified when a cookie is stored to your device.

Leadership Success also uses the following Google Analytics Advertising Features on its website, which function from cookies:

  • Remarketing with google analytics
  • Google display network impression reporting
  • Analytics demographics and interest reporting

Google Analytics uses first-party cookies to report on visitor interactions on our website.

Google Analytics also collects your Internet Protocol (IP) address to provide and protect the security of the service and to give us a sense of which country, state, or city in the world our website users come from (also known as “IP geolocation”).

As Leadership Success also uses Google Analytics Advertising Features, the cookies stored on your browser may then be used to personalise the advertisements that you see when you continue browsing the web, based on what you have previously viewed. Leadership Success then also receives reports and statistics on user interaction with its Google Ads.

In order to understand how you can manage cookies in your browser, click here for detailed instructions on Chrome https://policies.google.com/technologies/managing and here for detailed instructions for all other browser types http://www.allaboutcookies.org/manage-cookies/internet-explorer11.html

In order to prevent your data from being used by Google Analytics, you can download the following browser add-on: https://tools.google.com/dlpage/gaoptout/

3. Sources/categories of personal data that we process and lawful bases for processing

Leadership Success processes various categories of personal data for the purposes identified below, with the lawful basis indicated for each respective processing activity.

To provide Leadership Development services to our Clients and related third parties including their employees.

The information that we collect from our clients for the purposes of providing Leadership Development services to them is primarily company data and business information. In some cases, it may be necessary for us to process personal data specific to a custom enquiry or issue in order to effectively deliver our services. It is not possible to identify every potential category of personal data that we may process in relation to our client’s Human Resources/Learning & Development function. Below we have identified the most typical categories along with the relevant sources, purposes and lawful bases for processing.

In order to provide, charge for and manage the delivery of Leadership Development Services and communicate with our clients in relation to the same, it is in our and our clients’ interests to process personal data relevant to the Leadership Development services we provide them. When we are contracted by clients, we process their data as necessary for us to provide Leadership Development Services under the agreed contractual terms of our engagement with them.

The categories of personal data that we process for this purpose, which our clients usually provide to us include the following:

  1. Business contact details of clients. (one or multiple individual business contact’s name, position, company affiliation, physical and email address and telephone number) – for the purposes of communication in relation to our provision of Leadership Development Services to them
  2. Account management information, to enable us to assess the provision of our services to clients, for our own administrative purposes or at the request of our clients. We also process third-party data necessary for the provision of Leadership Development Services to our client’s employees. This information includes personal data provided primarily by - and for use in relation to - third-party employees. The categories of personal data that we process for this purpose, which our clients or the third-party providers to us includes:
    1. Business contact details of employees (the individual employee’s name, position, company affiliation, email address and telephone number)
    2. Leadership skills assessment scores of employees (response data in relation to Leadership Success’s managerial scenario-based questionnaires)
    3. Internal leadership performance feedback scores of employees (pseudonymised response data from the employee’s team and manager in relation to their leadership performance on the job)
    4. Notes on Leadership coaching sessions of employees (provided by the third-party employees including information about their working environment, team, work related issues etc). In some of the cases referenced above, the third-party employee data that we collect from the third-party employees and process in relation to a matter involves the processing of special categories of personal data where relevant to the type of Leadership Development service being provided to that third-party employee.

The legal bases upon which we process such data will depend on the circumstances of each case, but will always be carried out based on the explicit consent of the third-party employees concerned and may be also carried out on the basis that the processing is:

  1. Necessary for the purpose of the third-party employee carrying out their employment obligations, unless that is outweighed by harm to their individual rights and interests
  2. Necessary for the purposes of the legitimate commercial interests pursued by our clients in improving workplace productivity, and reducing overall workplace stress and conflict, unless that is outweighed by harm to a third-party employee’s individual rights and interests.
Where we obtain personal data from a client in relation to third-party employees, we do so on the basis that our client has satisfied its own obligations as a controller in its own right in relation to the collection, processing and transfer of such personal data to us.

 

4. How the personal data we collect will be shared

The following sets out a summary as to how client and employee personal data we collect and process is shared in carrying out our Leadership Development Services:

Information type: Business contact details of Clients

Recipient: Client, Third-party service providers (secure CRM platform etc), Third party consultant (coaching or facilitation staff)

Information type: Account management information of Clients

Recipient: Client, Third-party service providers (secure CRM platform etc), Third party consultant (coaching or facilitation staff)

Information type: Business contact details of employees

Recipient: Client, Third-party service providers (secure CRM platform etc), Third party consultant (coaching or facilitation staff)

Information type: Internal leadership performance feedback scores of employees

Recipient: Client (Pseudonymised), Third-party employee (Pseudonymised), Third-party service providers (secure CRM platform etc), Third party consultant (coaching or facilitation staff) (Pseudonymised)

Information type: Internal leadership performance feedback free text fields employees (optional)

Recipient: Client (Pseudonymised), Third-party employee (Pseudonymised), Third-party service providers (secure CRM platform etc), Third party consultant (coaching or facilitation staff) (Pseudonymised)

Information type: Notes on leadership coaching session of employees

Recipient: Recipient: Client (Optional) (Pseudonymised), Third-party employee (Pseudonymised), Third-party service providers (secure CRM platform etc), Third party consultant (coaching or facilitation staff) (Pseudonymised)

Information type: Record of actions completed and development goals achieved

Recipient: Recipient: Client, Third-party employee, Third-party service providers (secure CRM platform etc), Third party consultant (coaching or facilitation staff) (Pseudonymised)


The data recipients include CRM and other software platforms which form the basis of our service offering, and our coaching staff who are third-party consultants.

Leadership Success shares personal data with its trusted service providers pursuant to our contractual arrangements with them, which will include appropriate safeguards to protect any personal data that we share with them, including the use of cloud based software systems, multi-factor authentication, user access logs, mandatory password changes and remotely controlled devices to enable wiping in the event of theft or loss.

The locations of these data recipients include Australia and the United States of America, which means you data may be transferred out of your location and between these locations. Data transferred out of the EU is done so in compliance with international data transfer Privacy Shield Frameworks.

Leadership Success will never sell personal data collected for the purpose of carrying out our Leadership Development services, nor knowingly permit it to be used for marketing purposes outside of Leadership Success.

 

5. Our retention policy for records containing personal data

Leadership Success retains personal data only for as long as necessary for the purposes for which the data was collected, except where necessary in order to pursue our legitimate interests.More specifically, legitimate interests in this instance refer to the analysis and validation of pseudonymised data in score benchmarks and do not refer to the selling or use of data for marketing purposes outside of Leadership Success.

 

6. An individual’s rights in relation to their personal data

The Australian APPs and EU GDPR provide certain rights to data subjects in relation to personal data.In some cases, the exercise of these rights (for example, erasure, objection, restriction or the withholding or withdrawing of consent to processing) may make it impossible for us to achieve the purposes identified in Section 3 of this Privacy Notice and provide effective Leadership Development Services.

Any individual wishing to assert their rights mentioned above under the AU APP’s or EU GDPR should address their request to:

By email: datasubjectrequests@leadershipsuccess.edu.au

Postal addresses can be supplied upon request.

 

7. Making a privacy complaint (Australian residents)

If you believe any of LS’s services breach the Australian Privacy Principles, or a relevant code, you should first write to or email LS at service@leadershipsuccess.edu.au with the subject heading “Privacy Complaint”.

LS will respond to your complaint within 30 calendar days. If you feel that LS has not adequately addressed your complaint, or you receive no response after 30 calendar days, you may make a complaint to the Office of the Australian Information Commissioner (OAIC). Please see this guide on their website for more details.

 

8. Contacting our Data Protection Officer (EU residents)

Leadership Success has appointed a Data Protection Officer based in the EU, specifically the United Kingdom, who acts to support our GDPR compliance efforts.

The contact details for our DPO are as follows:

By email: dataprotectionofficer@leadershipsuccess.edu.au

Postal address can be provided upon request.

Please direct all general queries relating to this Privacy Notice or Leadership Success’s compliance with the GDPR to our DPO. 

 

9. Definitions of terms used in this Privacy Notice

“AU” means Australia.

“APPs” means the Australian Privacy Principles 2014.

“Client” including “Clients” means a legal entity that is or was a client of Leadership Success pursuant to an agreement, or that makes or has made contact with, or has had discussions with Leadership Success with a view to such an agreement being established (whether or not such a contract or agreement was or is subsequently established).

“Controller” means an individual or entity who or which, alone or jointly, determines the purposes and means of processing personal data (and where relevant, this term shall have the specific meaning attributable to it for the purposes of the GDPR).

“EU” means the European Union or, where relevant in the given context, the European Economic Area.

“GDPR” means the General Data Protection Regulation, (EU) 2016/679, or applicable national implementing legislation.

“Individual” means a human person (also sometimes referred to as a “natural” person).

“Personal data” means any information relating to an identified or identifiable individual (a “data subject”). An identifiable individual is one whose identity can be established by one or more identifiers (for example, their name) specific to that individual.

“Processing” means any operation or set of operations which is performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

“Third party” when used to describe a data subject, means an individual who is not a client.

“Third-party data” means personal data of a third party.

See how Leadership Success can help

Talk to us

Talk top us