Our Privacy Statement

Background

Last updated: 20th September 2024

This notice tells you how we look after your personal data when you visit our website at

Inclusivechange.co.uk

(Website) or when you purchase our Digital Products from our website

Services from our team such as training and consultancy, where you are a prospective customer of our

business, or where you are another type of business contact, such as a supplier or service provider to

our business.

This notice sets out what information we collect about you, what we use it for and whom we share it

with. It also explains your rights and what to do if you have any concerns about your personal data.

We may sometimes need to update this notice, to reflect any changes to the way the goods and

services are provided or to comply with new business practices or legal requirements. You should

check this Privacy Notice to see whether any changes have occurred.

2 WHO WE ARE AND OTHER IMPORTANT INFORMATION

We are INCLUSIVE CHANGE LTD, registered in England and Wales with company number

12412464 with our registered address at The Brightwell, Bradbury House, Wheatfield Drive, Bristol, BS32 9DB (we, us or our).

For all visitors to our Website and for users who purchase our goods and services through an

organisation, we are the controller of your information (which means we decide what information we

collect and how it is used). We are registered with the Information Commissioner’s Office (ICO), the

UK regulator for data protection matters, under number ZB081779.

CONTACT DETAILS

If you have any questions about this privacy notice or the way that we use information, please get in

touch using the following details:

Email address:

office@inclusivechange.co.uk

Postal address: The Brightwell, Bradbury House, Wheatfield Drive, Bristol

BS32 9DB

4 THE INFORMATION WE COLLECT ABOUT YOU

Personal data means any information which does (or could be used to) identify a living person. We

have grouped together the types of personal data that we collect and where we receive it from below.

Type of personal data:

Identity Data: your first and last name or title.

Contact Data: your email address, telephone numbers, home address.

Technical Data: internet protocol (IP) address, browser type and version, time zone setting and

generic location, browser plug-in types and versions, operating system and platform on the devices

you use to access our systems.

Usage Data: information about how you use our systems.

Location Data: your device location if you log into our systems remotely.

Feedback: information and responses you provide when completing surveys and questionnaires.

Profile Data: email address, password, username, chat logs, audit trail of systems used and

documents accessed and downloaded.

Marketing and Communication Data: includes your preferences in receiving marketing from us

and our third parties and your communication preferences.

5 HOW WE USE YOUR INFORMATION

We are required to identify a legal justification (also known as a lawful basis) for collecting and using

your personal data. There are six legal justifications which organisations can rely on. The most

relevant of these to us are where we use your personal data to:

- fulfil our contract with you

- comply with a legal obligation that we have

pursue our legitimate interests (our justifiable business aims) but only if those interests are not

outweighed by your other rights and freedoms (e.g. your right to privacy)

-do something for which you have given your consent

Below is set out the lawful basis we rely on when we use your personal data. If we intend to use your

personal data for a new reason that is not listed below, we will update our privacy notice.

Contract

- To administrate or perform our contract with you.

- To process your payment information in connection with any contract we have with you.

- To send you updates about the services you have bought (e.g. confirmation of order, arrival time).

Legal Obligation

- Recording your preferences (e.g. marketing) to ensure that we comply with data protection laws.

Where we send you information to comply with a legal obligation (e.g. where we send you

information about your legal rights).

- Where we retain information to enable us to bring or defend legal claims.

Legitimate Interests

Where using your information is necessary to pursue our legitimate business interests to:

- improve and optimise our Website;

- monitor and make improvements to our Website to enhance security and prevent fraud;

- provide our services to you and ensure the proper functioning of our Website; and

- protect our business and defend ourselves against legal claims.

Where we use your information for our legitimate interests, we have assessed whether such use is

necessary and that such use will not infringe on your other rights and freedoms.

Consent

Where you have provided your consent to providing us with information or allowing us to use or

share your information.

- Where you have consented to receive marketing material from us.

Where we need to collect your personal data (for example, in order to fulfil a contract we have with

you), failure to provide us with your personal data may mean that we are not able to provide you with

the services. Where we do not have the information required about you to fulfil an order, we may

have to cancel the service ordered.

6 WHO WE SHARE YOUR INFORMATION WITH

We share (or may share) your personal data with:

Our personnel: our employees (or other types of workers) who have contracts containing

confidentiality and data protection obligations.

Regulatory authorities: such as HM Revenue & Customs.

Our professional advisers: such as our accountants or legal advisors where we require specialist

advice to help us conduct our business.

Any actual or potential buyer of our business.

If we were asked to provide personal data in response to a court order or legal request (e.g. from the

police), we would seek legal advice before disclosing any information and carefully consider the

impact on your rights when providing a response.

7 WHERE YOUR INFORMATION IS LOCATED OR TRANSFERRED TO

We store your personal data on our servers in the UK.

We will only transfer information outside of the UK or EEA where we have a valid legal mechanism

in place (to make sure that your personal data is guaranteed a level of protection, regardless of where

in the world it is located, e.g. by using contracts approved by the European Commission or UK

Secretary of State).

If you access our Website or purchase our goods and services whilst abroad then your personal data

may be stored on servers located in the same country as you or your organisation.

8 HOW WE KEEP YOUR INFORMATION SAFE

We have implemented security measures to prevent your personal data from being accidentally or

illegally lost, used or accessed by those who do not have permission. These measures include:

Page 3 (5)

- access controls and user authentication (including multi-factor authentication)

- internal IT and network security

- regular testing and review of our security measures

- staff policies and training

- incident and breach reporting processes

- business continuity and disaster recovery processes

If there is an incident which has affected your personal data and we are the controller, we will notify

the regulator and keep you informed (where required under data protection law). Where we act as the

processor for the affected personal data, we notify the controller and support them with investigating

and responding to the incident.

If you notice any unusual activity on the Website, please contact us

office@inclusivechange.co.uk

9 HOW LONG WE KEEP YOUR INFORMATION

Where we act as the controller, we will only retain your personal data for as long as necessary to fulfil

the purposes we collected it for.

To decide how long to keep personal data (also known as its retention period), we consider the

volume, nature, and sensitivity of the personal data, the potential risk of harm to you if an incident

were to happen, whether we require the personal data to achieve the purposes we have identified or

whether we can achieve those purposes through other means (e.g. by using aggregated data instead),

and any applicable legal requirements (e.g. minimum accounting records for HM Revenue &

Customs).

We may keep Identity Data, Contact Data and certain other data (specifically, any exchanges between

us by email or any other means) for up to seven years after the end of our contractual relationship with

you.

If you browse our Website, we keep personal data collected through our analytics tools for only as

long as necessary to fulfil the purposes we collected it for.

If you have asked for information from us or you have subscribed to our mailing list, we keep your

details until you ask us to stop contacting you.

10 USE OF AI TOOLS IN INCLUSIVE CHANGE

Our organization employs AI technology to enhance productivity and ensure accuracy in various tasks.

The primary uses of AI include:

Transcribing scripts from webinars and meetings, ensuring all content is accurately captured and easily accessible.

Assisting in composing text for emails and our website to ensure clarity, consistency, and professionalism in

our communications.

We prioritise the privacy and consent of all parties involved in our AI-related activities.

Prior to transcribing any meeting or webinar, we obtain explicit consent from all participants.

All transcribed content is stored and handled in accordance with our data protection and privacy policies,

ensuring that sensitive information remains secure and confidential.

Transcriptions and AI-generated content are used solely for the purpose of improving our services and communications.

We retain data only for as long as necessary to fulfill its intended purpose, in compliance with relevant data retention

policies and regulations.

Our use of AI is guided by ethical considerations, ensuring that it is employed in a manner that is fair, transparent, and

respectful of individual rights. We are committed to preventing misuse of AI and regularly review our practices to

ensure alignment with industry standards and ethical guidelines.

We continuously evaluate and update our AI practices to incorporate advancements in technology and changes

in regulatory requirements. Feedback from our team and stakeholders is encouraged to ensure our

AI usage remains effective and responsible.

11 YOUR LEGAL RIGHTS

You have specific legal rights in relation to your personal data.

We can decide not to take any action in relation to a request where we have been unable to confirm

your identity (this is one of our security processes to make sure we keep information safe) or if we

feel the request is unfounded or excessive. Usually there is no cost for exercising your data protection

rights, but we may charge a fee where we decide to proceed with a request that we believe is

unfounded or excessive. If this happens we will always inform you in writing.

We will respond to your legal rights request without undue delay, but within one month of us

receiving your request or confirming your identity (whichever is later). We may extend this deadline

by two months if your request is complex or we have received multiple requests at once. If we need to

extend the deadline, we will let you know and explain why we need the extension.

We do not respond directly to requests which relate to personal data for which we act as the processor.

In this situation, we forward your request to the relevant controller and await their instruction before

we take any action.

If you wish to make any of the right requests listed below, you can reach us at

office@inclusivechange.co.uk

Access: You must be told if your personal data is being used and you can ask for a copy of your

personal data as well as information about how we are using it to make sure we are abiding by the

law.

Correction: You can ask us to correct your personal data if it is inaccurate or incomplete. We might

need to verify the new information before we make any changes.

Deletion: You can ask us to delete or remove your personal data if there is no good reason for us to

continue holding it or if you have asked us to stop using it (see below). If we think there is a good

reason to keep the information you have asked us to delete (e.g. to comply with regulatory

requirements), we will let you know and explain our decision.

Restriction: You can ask us to restrict how we use your personal data and temporarily limit the way

we use it.

Objection: You can object to us using your personal data if you want us to stop using it. If we think

there is a good reason for us to keep using the information, we will let you know and explain our

decision.

Portability: You can ask us to send you or another organisation an electronic copy of your personal

data.

Complaints: If you are unhappy with the way we collect and use your personal data, you can

complain to the ICO or another relevant supervisory body, but we hope that we can respond to your

concerns before it reaches that stage. Please contact us at

office@inclusivechange.co.uK

Inclusive Change Ltd

The Brightwell, Bradbury House

Wheatfield Drive

Bradley Stoke, Bristol

BS329DB

Copyright 2025 - Inclusive Change Ltd

Companies House: 12412464

VAT NO: 352 1564 17

ICO Reg: ZB081779

UK Register of Learning Providers: 10090652

Reg no: 12412464