Last updated: December 2023
We are dedicated to safeguarding and preserving your privacy when visiting our site or communicating electronically with us.
This Privacy Notice covers the following:
- Who we are
- What information do we collect?
- How do we use your information?
- Lawful basis for collecting and processing your Personal Data
- Cookies and Cookies Consent
- Who may use your information?
- Storing your Personal Data
- Third party links and services
- How do we protect your information?
- Where is your information processed?
- Marketing communications
- How long do we keep your information?
- Change in terms of privacy
- Site content
- Your rights
- How do you contact us?
This Notice applies to all of the Personal Data we collect about you, including information collected by Sam Starr, previously trading under the name Sam Pope Coaching and Mindfulness, (“we”/ “us”) at events conducted online or in-person, on our websites https://sam-starr.co.uk or https://sampope.co.uk (“Websites”) and any other websites (including mobile access) where this Notice is linked to, and/or social media platforms used and administered by us, all of which are referred to as the “Site” in this Policy.
We recognise the importance of protecting our users’ privacy. To that end we have created this privacy statement (“Privacy Notice”) in order to demonstrate our commitment to privacy. Information on how Site content can and cannot be used is also listed below.
We may occasionally amend this Privacy Notice. Any new terms of the Privacy Notice will automatically be effective when it is published on the Site. You should therefore return here regularly to view our most up to date Privacy Notice. You should also print a copy for your records.
For the purposes of this Privacy Notice the terms below shall have the meaning given to them in this “Definitions” paragraph of the Privacy Notice.
- Data Controller shall have the meaning given to it under Article 4 of the General Data Protection Regulation (GDPR), which states that “controller” means a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
- Data Protection Legislation shall mean the General Data Protection Regulation (GDPR), the UK GDPR, The Data Protection Act 1998 and any other national implementing legislation
- GDPR means the General Data Protection Regulation 2016/679 and the UK GDPR shall be construed accordingly
- Personal Data shall have the meaning given to it under Article 4 of the GDPR, which states that “personal data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person
Who we are
The Sam Starr Websites (available at https://sam-starr.co.uk and https://sampope.co.uk) are owned and operated by Ms. Sam Starr, who is a certified life coach with a Diploma in Psychosynthesis Life Coaching (certified in the year 2020).
For the purposes of Data Protection Law, the Data Controller is Ms. Sam Starr.
We are registered with the Information Commissioner’s Office (ICO) under registration number A9009475
The person responsible for data protection is Ms. Sam Starr. For any queries relating to the management of your Personal Data please do not hesitate to reach out to us at email@example.com.
What Information do we collect?
Most of the information we collect is information provided directly by you. This may include:
- Contact information – information such as name, job title, company name, department, email address, physical mailing address and telephone number
- Professional information – such as your employment background, job description and related information, and any other information such as National Insurance Number, etc, for individuals applying for employment
- Transaction information – your contact information, the services you are interested in, your purchasing requirements, your financial information including credit card or other payment information
- Responses to surveys – information you provide in responding to a survey on the Site, via an app or email, on the telephone or otherwise
- Information you submit to us for the purposes of attending events organised by us, whether in-person or online, offered by us via our Site or third-party websites
- Information you submit to us for the purposes of receiving newsletters, updates and other marketing and promotional communication from us
- Any other information that you submit when you contact us via our ‘contact us’ form on our Websites, our booking form, including via the online platform or for the purposes of purchasing our services
We may also collect, and process information obtained through the Site or the device you are using, including:
- If applicable, member information (including username and password)
- Location information (including GPS signals sent by a mobile device, location information gathered from social media networks or sensor or IP address data from your device
- information from cookies, web beacons or from the internet, including your IP address, browser type, operating system, domain name, access times, which pages you visit within our Site and referring website addresses – for more on this please see the next section below on how we use your information
- If you ask us to connect with you on other sites and social media (for example if you ask us to connect with your Facebook/Instagram/LinkedIn or any other social media account) we may get information that way too
- We may record any telephone calls for quality assurance and training purposes and
- We may also make audio and video recordings of webinars, workshops and/or group meditations that you participate in, for the purposes of sharing the content with non-attendees, However, personal data identifying individual attendees is not disclosed or shared with third-parties.
- We shall make audio and video recordings of private coaching sessions exclusively for your referral and only at your prior written request. We assure you that all such Personal Data will be treated as confidential and will be held strictly in accordance with Data Protection Legislation.
We may use publicly accessible information to verify information we are provided with.
Throughout the Websites there may be forms to contact us or to request for information for the purposes of signing up for our services including events and workshops conducted by us. These forms typically ask for contact and financial information. Information from these forms is used to deliver the information, products and/or services that you request. It may also be used to notify you of our future products, services and/or opportunities that may be of interest to you. When completing these forms, please do not supply another person’s Personal Data to us unless we prompt you to do so and you have received that individual’s consent to do so.
How do we use your information?
We use information collected about you as outlined in this Privacy Notice.
Our primary purpose in collecting your Personal Data is to provide you with the services you requested and those which we believe will optimise your use of the Site. We may use your Personal Data for the following purposes:
- To provide the information, services you request and related on-going support
- To identify you, and to contact you from time to time with service updates
- To send other messages that are useful to the service we provide to you
- To manage our relationship with you and to carry out any related administration
- To send you our newsletters, including by email and via social media platforms, if you have opted in to receive our newsletters
- To promote our services, or the services of our suppliers, including by email and via social media platforms (subject to the relevant marketing permissions)
- To compare information for accuracy, and carry out due diligence*
- To detect, investigate and prevent activity we think may be potentially illegal, unlawful or harmful and to enforce our Privacy Notice or any other purpose referenced herein or therein*
- To carry out research, including market research, statistical research on site traffic, sales and other commercial information to assist us in improving the services we provide to you and make adjustments to the Site accordingly*
- To keep track of the areas of our Site you visit, the amount of time you spend and the date and time you access our Site to enable us to improve it to better match your interests and/or preferences.
Lawful Basis for Collecting and Processing Your Personal Data
The following is the lawful basis for processing your Personal Data:
In order to avail of our Services, you consent to us obtaining and processing your Personal Data. While dealing with you we may issue terms of business or execute a contract outlining the terms and conditions of our engagement with you (“Terms”). The Terms along with this Notice set out the purposes for which your Personal Data may be obtained and processed by us. By accepting the Terms and/or by using our Site and by continuing to deal with us you confirm that you have consented to us processing your Personal Data.
One of the grounds for obtaining and processing your Personal Data is so that we can perform our Services in line with the scope of work and Terms mutually agreed to by us.
Compliance with legal obligations
We may have to collect Personal Data in order to comply with certain legislative and regulatory requirements relating to client due diligence. Consequently, we may process your data to carry out identity checks and maintain records of customer due diligence.
In circumstances where you are a client or are an employee we may have to process your Personal Data to promote and pursue legitimate interests of the public and/or of our organisation.
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests. Our legitimate interests are those indicated with a “*” above, and we consider that we have implemented sufficient checks and protections to ensure that your rights and interests are not unreasonably intruded on.
*However, you can object to processing on any of these bases at any time and, if you do so, we will stop processing the Personal Data unless we can show compelling legitimate grounds which override your rights and interests, or we need the data to establish, exercise or defend legal claims – see “Your rights” below.
Cookies and Cookie Consent
Such information will not identify you personally as it is statistical data about our Site visitors and their use of our Site. This statistical data does not identify any personal details whatsoever.
Similarly to the above, we may gather information about your general internet use by using a cookie file. Where used, these cookies are downloaded to your computer automatically. This cookie file is stored on the hard drive of your computer as cookies contain information that is transferred to your computer’s hard drive. They help us to improve our Websites and the Services that we provide to you.
All computers have the ability to decline cookies. This can be done by activating the setting on your browser which enables you to decline the cookies. Please note that should you choose to decline cookies, you may be unable to access particular parts of our Websites.
We do not knowingly collect or process data from anyone under the age of thirteen (13) years old. Our services and Site content are not directed at minors, i.e. persons below the age of 18 (eighteen) years, especially children below the age of 13 (thirteen) years.
Who may use your information?
We are committed to keeping your e-mail address confidential. We do not sell, rent, or lease the subscription lists to third parties. We may disclose your Personal Data to enforce our policies, to comply with our legal obligations (such as if we are required to disclose your Personal Data under a court order, legal requirement and/or regulatory requirement) or in the interests of security, public interest, or law enforcement in any country where we have entities or affiliates. For example, we may respond to a request by a law enforcement agency or regulatory or governmental authority. We may also disclose Data in connection with actual or proposed litigation, or to protect our property, security, people and other rights or interests.
We may share your Personal Data with our employees, independent contractors, consultants, partners and/or third parties who help deliver our Services to you. Examples include hosting our web servers, analysing data, providing marketing and administration assistance, and providing customer service. These companies will have access to your personal information as necessary to perform their functions, but they may not use that Data for any other purpose. Our contracts with all third parties processing our client’s Personal Data shall outline their obligations relating to data protection.
Please remember that when you share information publicly on the Websites or on social media platforms, for example a comment on a blog post or within social media groups, it may be indexable by search engines, including Google, which may mean that the information is made public.
When you participate in conversations on social media your Personal Data is visible to members of the concerned social media group and to the public in general. Please note that you participate in social media related activities at your sole discretion, and we shall not be liable for the access and use of your Personal Data by third parties, via social media, including circumstances, where third parties contact you or initiate a conversation with you, on social media or otherwise, as a result of your information made available to them via our social media groups or any activity you participate in through our social media platforms or by connecting with us on social media.
When you patriciate in group activities you may disclose information relating to you at your sole discretion. In light of the nature of group classes, any information disclosed during group sessions is accessible by other members of the group. By signing up to our group classes and workshops you consent to your information and Personal Data being accessible by the other members of the group. We shall not be liable for the access and use of your Personal Data by such group members.
Whilst we encourage you to inform your therapist and/or any other qualified healthcare professional you are consulting, that you are being coached by us, we will not share your information with your therapist/ NHS care provider/ GP/ any other qualified physician/medical expert unless we have your express written permission to do so or where there is an overriding public interest in disclosing the information without your consent or where your interests in terms of your health and safety over-ride our obligation of confidentiality. This is in accordance with the General Medical Council’s guidance which may from time-to-time change.
We will generally share your information/Personal Data with persons nominated as your “Emergency Contact” or where an “Emergency Contact” has not been nominated, with the next of kin, only in cases of emergencies where it is in the legitimate interest of the public or in the legitimate interest of our organisation or in your own legitimate interests for us to disclose the Personal Data or where your interests (health) over-ride our obligation of confidentiality. For such circumstances it shall be deemed that you have consented to your information being shared with the above-mentioned recipients.
We may share aggregated anonymised data with third parties in order to monitor our services and to ensure consistent quality and safety relating to the services provided to clients.
Storing Your Personal Data
We may transfer data that we collect from you to locations outside of the United Kingdom and the European Economic Area for processing and storing. Also, it may be processed by staff operating outside the European Economic Area who work for us or for one of our suppliers. For example, such staff maybe engaged in the processing and concluding of your order, the processing of your payment details and the provision of support services. By submitting your Personal Data, you agree to this transfer, storing or processing. We will take all reasonable steps to make sure that your data is treated securely and in agreement with this Privacy Notice.
In accordance with the GDPR we have confirmed with all of the companies that process data on our behalf or that we use to provide services or products that where Personal Data is involved they are compliant and retain compliance with the GDPR.
Data that is provided to us is stored on our secure servers. Details relating to any transactions entered into on our Site will be encrypted to ensure its safety.
The transmission of information via the internet is not completely secure and therefore we cannot guarantee the security of Data sent to us electronically and transmission of such Data is therefore entirely at your own risk. Where we have given you (or where you have chosen) a password so that you can access certain parts of our Site, you are responsible for keeping this password confidential.
Our policy is that we retain your Personal Data for as long as it is necessary for the purposes set out in this Notice, or as is required by applicable law. All of the Personal Data is disposed of securely to ensure compliance with applicable Data Protection Legislation.
Third party links and services
The Site may use and contain links to third parties’ websites. We are not responsible for the privacy practices or the content of those websites or services. Therefore, please read carefully any privacy policies on those links or websites before either agreeing to their terms or using those websites. If you have asked us to share data with third party sites (such as social media sites), their servers may not be secure. Note that, despite the measures taken by us and the third parties we engage, the internet is not secure. As a result, others may nevertheless unlawfully intercept or access private transmissions or data.
How Do We Protect Your Information?
We take what we consider to be appropriate technical and organisational measures to guard against unauthorised or unlawful processing of your Personal Data and against accidental loss or destruction of, or damage to, your Personal Data. While no system is completely secure, we believe the measures implemented by the Site reduce our vulnerability to security problems to a level appropriate to the type of data involved. We have security measures in place to protect our user database and access to this database is restricted internally. However, it remains your responsibility:
Where you have a member/client account with us including via a third-party online platform
- To log off or exit from the Site or such third-party platform when not using it
- To ensure no-one else uses the Site or such third-party platform while your device is logged on to the Site/ third-party platform (including by logging on to your device through a mobile, Wi-Fi or shared access connection you are using)
- To keep your password or other access information secret. Your password and log in details are personal to you and should not be given to anyone else or used to provide shared access for example over a network. You should use a password which is unique to your use of the Site/third-party platform – do not use the same password as you use for another site or email account and,
- To maintain good internet security. You should keep all of your account details secure. If you think that any of your accounts has been compromised you should change your account credentials, and in particular make sure any compromised account does not allow access to your account with us and/or services from us. You should also tell us as soon as you can so that we can try to help you keep your account secure and if necessary warn anyone else who could be affected.
Where is your information processed?
Hosting and back-end infrastructure
We use third-party hosting services for the purposes of hosting data and files that enable our Websites to run and be distributed as well as to enable us to run specific features and functions within our Websites. Some of these functions work through geographically distributed servers, thereby making it difficult to identify the exact location where the Personal Data is stored.
Transfer of Personal Data
We may also use outsourced services in countries outside the UK as well as the EEA (European Economic Area) from time to time in other aspects of our business. Accordingly, data obtained within the UK, or any other country could be processed outside the UK and the EEA.
Where we transfer Personal Data to third parties outside of the UK and the EEA, we will ensure that the recipients are aware of the provisions of the GDPR and applicable Data Protection Legislation and that they provide an adequate level of protection for the rights of persons whose Personal Data has been shared with them.
In addition, all our inbound and outbound email communications are encrypted.
If you have given permission, we may contact you about any of the following:
- Client & booking information
- Occasional information about our services and offers
- Updates about our business, services, and promotions
- Newsletters (if you have opted-in to receiving them)
- New blog posts
In compliance with applicable Data Protection Legislation, all emails sent by us will clearly state who the email is from and will provide clear information on how to contact the sender. In addition, all marketing email messages will also contain concise information on how to remove yourself from our mailing list should you wish to, so that you receive no further email communication from us.
We are committed to keeping your information confidential. We will use your email address solely to provide timely information about us and our services and we will maintain the information you send via email in accordance with applicable Data Protection Legislation.
How long do we keep your information?
We will retain your Personal Data only as long as is necessary for the purposes set out in this Privacy Notice, or as is required by applicable law, and then we will delete it.
Changes in terms of Privacy
We reserve the right to alter our privacy policies. Any changes to the Notice will be posted on this page. The Websites are controlled and operated by Sam Starr from offices within the United Kingdom. We make no representations that materials, information, or content available on or through this Websites are appropriate or available for use in other locations, and access to them from territories where, accessing such materials, information, or content is illegal is prohibited. Those who choose to access this Websites from other locations do so on their own volition and are responsible for compliance with applicable local laws.
You may access, download and print materials on these Websites for your personal and non-commercial use. You may not modify, copy, distribute, transmit, display, perform, reproduce, publish, license, create derivative works from, transfer, or sell any information, software, products or services obtained from these Websites without first obtaining written consent from us. Furthermore, you may not use the materials found on these Websites on any other websites or in a networked environment without first obtaining written consent from us.
All materials on these Websites (as well as the organisation and layout of the Websites) are owned and copyrighted by Sam Starr. © Copyright Sam Starr. All rights reserved. No reproduction, distribution, or transmission of the copyrighted materials from these Websites is permitted without our prior written permission.
As explained above, you have the right to opt-out of receiving marketing communications from us. In addition, to the extent permitted by the laws of your country, you may have the right to object to the processing of your Personal Data for direct marketing purposes. If your objection is not in relation to direct marketing in general, but to direct marketing by a particular channel, for example email or telephone, please specify the channel you are objecting to.
Under the UK Data Protection Act 1998, you have the following rights in relation to your own Personal Data:
- to request copies of your personal information
- to request us to rectify incorrect information. You can also request us to complete information that you think is incomplete
- to request us to erase your personal information in certain circumstances
- to ask us to restrict the processing of your information in certain circumstances
- Applying only to information you have given us; you may ask that we transfer the information you gave us from one organisation to another, or that we give it to you.
- to object to automated decisions. We do not, however, use automated decision making
- the right to withdraw consent from us continuing to process your Personal Data and
- a right to object to processing that is likely to cause or is causing damage or distress
If you want to (1) tell us to stop using your data for direct marketing or withdraw consent from us processing your Personal Data for any of the purposes mentioned in this Notice; (2) exercise your subject access rights; (3) tell us about inaccurate Personal Data you think we hold on you; or (4) object to a use you believe we’re making of your data which is causing, or is likely to cause, damage or distress, please contact our Data Protection Manager at firstname.lastname@example.org or Phone: +442070971561
Unless the law prohibits us to do so, we will not charge you to exercise your subject access rights but may charge a reasonable fee reflecting our administrative costs should you request further copies of the Personal Data. When you contact us to exercise any of the above rights, we will first ensure that the person requesting the data is the person whose data is being sought (or that it is being requested on that person’s behalf). This may involve providing us with proof of your identity or your authority to act for the data subject. We may also ask you for any information we need to help us find the Personal Data you’re enquiring about.
We will also provide you with the following information relating to your Personal Data:
- the purpose for which we’re processing it
- what categories of data about you we process
- the recipients of your data, if any, including specifically international or foreign organisations
- our expected retention period or how we’ll calculate this if we don’t know yet
- your rights in relation to the data and
- the source of the data if we didn’t get it from you
Should you contact us in relation to us holding incorrect, incomplete, or inaccurate data about you, we will make the required corrections promptly.
If you have any concerns about the way, we are processing your Personal Data or our use of your personal information, you can make a complaint to us by emailing us at email@example.com or by Phone: +442070971561
You can also complain to the Information Commissioner’s Office (ICO)
The ICO’s address is:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
How do you contact us?
If you have any questions about this Privacy Notice, the practices of the Websites, or your dealings with these Websites, we encourage you to contact us using the following details: