Forward Institute General Privacy Policy 2018

for OUR STAKEHOLDERS


At the Forward Institute (registered as the Responsible Leadership Foundation) we take privacy and confidentiality seriously. We are the data controller for the purposes of the Data Protection Act 1998 and subsequent General Data Protection Regulation update in 2018.

If you're a Fellow, please see our Fellows' Privacy Policy. 

Summary

We use your personal information to enable us to successfully run our business. Our core activities are delivering the Fellowship programme, the Fellowship beyond the programme and additional work that is commissioned by our partner organisations on a case by case basis. All of this is done to enable us to fulfil our mission in helping organisations act more responsibly.

We take a fair and common sense approach to collecting, storing and sharing data we use:  

  • „The majority of personal information that we gather and store is voluntarily shared by you with us.
  • „We will never sell or rent your information to anyone.
  • We take security seriously and ensure adequate safe guards are in place to protect your data.
  • „We will state up-front how we will use the information you share with us. If this changes we will always ask your permission before sharing your information.
  • „If you have individual privacy needs regarding photographs and filming, we will work with you to ensure your needs are met.
  • „If any of our systems have a data breach that affects your data we will inform you as soon as we are aware.

As part of our business activities, we contact stakeholders about our activities. We invite select groups of our stakeholders to events and meetings and share information about what is happening in the Fellowship and during the programme. This is done on the basis that we have trusted relationships with our stakeholders and by being involved with the Institute, we have a legitimate interest to contact you. 

Should you tell us you don't want to be invited to events or hear our news you can unsubscribe from individual communications at any time by using the unsubscribe function or emailing: camilla dot upson at forward dot institute.

We don't tend to store information on our stakeholders other than contact information, however you can contact us at any time and ask what information we hold on you and request your information to be removed from our systems.


What information is being collected?

The majority of information we gather and collect is from and about our Fellows - those on the Fellowship programme. 

We don't tend to collect detailed information on our stakeholders unless it directly pertains to the programme or information readily submitted by you to us based on our working relationship.

Who are our stakeholders? 

We class stakeholders as everyone we work with who aren't Fellows:

  • Human Resources Directors (HR Directors) and Human Resources contacts (HR contacts) from our partner organisations 
  • Line Managers - those who manage or previously managed Fellows on the Fellowship programme 
  • Senior Sponsors - those who sponsor Fellows through the programme and beyond it
  • Advisors - those who advise the Institute on its direction and activities 
  • Our Faculty & Contributors - those we work with to deliver content, field visits, Discovery Sessions, keynotes and other activities for the programme 
  • Facilitators - those working with us to facilitate the programme 
  • Suppliers - those who supply products or services to us across all our business activities
  • Employees - those that work for the Institute including freelance and contractual staff
  • Our Board - those that are legally appointed to the Institute's Board 

As part of our day to day business activities we are likely to collect, store and use the following information about our stakeholders:

Personal information:

  • This includes basic information about you such as your name, job title, organisation name, professional biography and profile photo.
  • „We collect, use and store contact information such as your email address - work and personal, phone number - work mobile number, work landline, personal mobile phone number if you share this information with us.
  • „We may collect your birthday, your dietary requirements and other information to help personalise your experience during events or other interactions with us. 
  • „We might collect accessibility requirements and diversity information if relevant to us working with you.

Other information generated or shared with us that relates to stakeholders:

  • Other information generated during our dealings with you
  • Business relevant information gathered by the team or other stakeholders, collected from you with your knowledge (for example, information in a questionnaire, interview or meeting) 
  • Photos and video footage taken of you at our events or meetings
  • RSVP and any other information generated around the events we run

Information to do with you that you or others in your organisation share with us:

  • Personal assistant's name & contact information - email and phone number
  • Your nomination form if you're a Senior Sponsor or Line Manager 
  • Other information which will help us understand you and your organisation and how best to work with you

Drawing on the above, the following Information is deemed sensitive by us and therefore handled with extra care:

  • Nomination forms generated and submitted to us by you
  • Information you share with us on the understanding that it is deemed business sensitive
  • Information gathered by the team, facilitators or faculty from interactions with you
  • Other information generated relating to a live Fellowship programme (for example from surveys or any information we ask you to share with us, or gather on our behalf)
  • Accessibility requirements
  • Birthday
  • Dietary requirements
  • Diversity information
  • Phone number - work mobile number, work landline, personal mobile phone number
  • Email address - work and personal
  • We may occasionally collect other forms of data or information on you not listed above. If information is not voluntarily and knowingly submitting by you we will make you aware of this if it is relevant and sensible to do so

Who is collecting it?

The Forward Institute team (employees of the Forward Institute), as well as other stakeholders such as Facilitators and Faculty are most likely to collect data from and about you. If any other person or company collects your data on our behalf the Forward Institute team will warn you about this when relevant and sensible to do so. Examples of others who may collect or capture information about you include external research providers, photographers or videographers commissioned by us.


How is it collected?

We collect information in an open and transparent way. The vast majority of our data is voluntarily submitted by you knowingly.

Our website

Information we collect automatically online e.g. by use of cookies on our website is not identifiable to individuals. If you browse through the website or download information, our servers will automatically collect numerical counts of visitors by domain, browser type, IP address, keywords used and other standard web measurements. We use the information collected to manage and improve our website and to make it as useful as possible for our visitors.

Other platforms

Any information captured by you interacting with any platforms we provide you access to (for example Names & Faces) is used to improve our operations and communications. All platforms we use provide standard analytics features which we use to help us improve our services and your experience interacting with us. Most of these metrics are anonymised and are designed to help us improve the service, not find out specific information about individuals. 

Platforms we use

We use a variety of platforms to help us collect, store and manage our data. The following platforms and third parties are core to our data management:

  • Dropbox
  • Flickr
  • Google products including Google mail, Google Drive, Google Forms, Google photos
  • Insightly (our Customer Relationship Management System - CRM)
  • MailChimp (our mail broadcast system)
  • Names & Faces (our Fellowship app)
  • This website
  • Typeform
  • Vimeo
  • Xero
  • Salesforce

We may occasionally use other platforms not listed above. Prior to using any external products, platforms or systems we carry out due diligence on third party security and data policy and protections. When using a third party not on the list above we will only notify you if it is relevant and sensible to do so. All our third party data storage systems are password protected and as a general rule only accessible by the Forward Institute team or our team of Facilitators.


Why is it being collected?

We collect information to successfully run the organisation and activities we operate on a day to day basis. All the information we collect plays a legitimate role in our operations.


How will it be used?

  • „To be able to communicate effectively with you.
  • „To run the programme and our activities beyond the programme effectively.
  • „To share information across the Fellowship in order to fulfil our mission, the delivery of the Fellowship programme and our other activities.
  • „To support our business operations including our external and internal communications, finance, operations and business strategy.

Who will it be shared with?

At the point of collecting any information, we will tell you how the information we are collecting is going to be used. On submitting the information you agree to allow us to use that information as we have stated we will use it. If we want to re-purpose the information we will seek your approval before sharing it. 

Any information generated which is deemed sensitive to the individual or organisation will not be shared externally without consent from the individual who has supplied it. Any exchange of information between the team is based on a ‘need to know basis’.

Individual diversity information is kept confidential. Diversity information is used and shared in the context of a cohort-wide review within the team, Facilitators and Forward Institute Board.

Third parties

We will not disclose information to third parties except as required by law. We may share information with service providers or suppliers if the disclosure will enable that party to perform a business, or provide professional or technical support to the Forward Institute.

We ask in particular that Facilitators, Suppliers and Employees handle and treat information that they encounter with the utmost care and respect and are compliant with the 2018 GDPR legislation. 

Within the Fellowship

Standard information is shared within each cohort and sometimes across cohorts. For example, within our Fellowship mobile app – Names & Faces, certain stakeholders feature. This is a private password protected app only accessible by invite-only for those who are part of the Fellowship.

Some stakeholders feature in the Names & Faces app. That means contact information (sometimes, depending on the type of stakeholder), profile photo and biography (among other items of information about you) is shared with everyone in the Fellowship in order to allow people to make connections and learn about one another. If you have any questions about this please contact us.

Photographs and films may be captured during events, meetings and other face to face interactions. This is usually for the purposes of internal communications and to use on materials shared within the Fellowship. Sometimes we will use film or photographs publicly. We reserve the right to use footage as we see fit unless you have stated beforehand that you do not want to be filmed or photographed. Where reasonable and sensible we will contact you in advance of pictures or film being used publicly.

If you wish not to or cannot be photographed or filmed it is your responsibility to tell us beforehand. We will then ensure we do not photograph or film you. If by accident you are captured we will strive to ensure film or photographs are used in accordance with your preferences – for example, removal and non-use of footage, use only within your cohort, use within the Fellowship or use publicly.


What is the effect of sharing information on me?

We take a sensible approach to what is shared and with whom.

We take handling business sensitive or confidential information extremely seriously. We understand that the mishandling of any information deemed sensitive can have a significant impact on the organisation or individual so, we will always treat your information with care.

We will never sell or rent information about you or your organisation.


Is the intended use likely to cause me to object or complain?

We do not believe that the way we share or use information on our stakeholders is likely to cause you to object or complain. However, we are reliant on you to tell us if you do not feel comfortable with the information you are being asked to share or to challenge us on how it will be used.

We use utmost discretion when deciding what information will be shared, when and with whom. We never share business sensitive or confidential information with anyone outside of the Fellowship. Under our current operations, we have had no complaints to date about how we collect, store, handle or share information. We practice extra care when handling sensitive information and work closely with everyone we work with to ensure that individual privacy needs are met on a case-by-case basis.

Third Parties

In the case where third parties used by us mishandle your data we will act swiftly to remediate the situation. We will always contact you to let you know if your data has been mishandled or compromised. In cases where there is gross negligence we will terminate our relationship with that third party. 

Unsubscribing

You can unsubscribe from communications at any time by unsubscribing from individual emails or emailing camilla dot upson at forward dot institute. If you have a complaint, you can contact anyone in the team and we will treat the matter seriously.

Deleting your data

If you want us to remove your data entirely from our systems if you drop out of the programme or after the programme finishes email emailing camilla dot upson at forward dot institute and she will process your request.

Security

We’re a small team with a light technical infrastructure. Wherever possible we take care to ensure we are using best practice when it comes to security and putting adequate password protection and safeguards into place.

Data breaches

If any of our systems have a data breach or there is a data leak of any sort that concerns your data we will inform you as soon as possible by email and take the necessary steps we can to remedy the breach.