Tavistock Relationships is committed to protecting and respecting the privacy of our trainees. We comply with the Data Protection Act 2018 and the General Data Protection Regulations.
This Policy explains when and why we collect personal information, how we use it and how we keep it secure. We review this policy regularly and, where necessary, make updates to ensure it accurately reflects how we use your data. We will notify you if there are changes which affect how your data is processed.
We hope this policy helps you to understand how we use your data. If you have any questions, you can contact us by one of the following methods:
Write to; Privacy, Tavistock Relationships, 70 Warren Street, London, W1T 5PB
Telephone: 020 7380 1975
What Information Do We Collect?
We will collect personal information such as your name and contact information (address, email address, phone number). Depending on the course being applied for, we may also ask you to provide information relating to personal circumstances, professional or educational experience where relevant to the training course.
See below for more detailed information about the different types of data we gather for our two main types of training:
When you attend one of our professional CPDs or conference events, we will ask you to provide personal contact details including name and contact information (email address, postal address and telephone number). We’ll also ask you certain details about your current occupation. This enables us to contact you so we can process payment and ensure the course is right for you.
For our professional training courses (or an open evening, taster training or webinar providing information on these courses), which culminate in an academic application process, we will also request that you provide some information on your education, your date of birth, experience and some other personal background details. We need these in order for us to satisfy the application criteria set by ourselves and/or our validation partners. Some courses require you to submit a piece of writing or attend a personal interview, in confidence. For certain qualifications we will also ask you whether you have previously attended therapy, in order to assess your point of entry on multiple-year courses.
This information is gathered on the basis that the information we are processing is provided because it is in the legitimate interest of both ourselves and you (the trainee or potential trainee) to be used so the course can be delivered. It will only be used to assess your suitability to be accepted onto the training that has been applied for.
During the course of our trainings you may be encouraged to exchange views and information with fellow course members/trainees. This is done on the basis that both individuals consent to the communication themselves and such interactions are not monitored or gathered by us in any way.
If you make payment for the course or deposit using our online system, your card information will not be held by us. We use a third-party payment processor, called iATS, based in the US who specialise in the secure online capture and processing of credit/debit card transactions for charities and are compliant with GDPR
It is possible to switch off cookies by setting your browser preferences. If you would like to turn cookies off you can do so by clicking ‘no’ when prompted by our cookie notice. Turning cookies off may result in a loss of functionality when using our website. As an example, if you turn off cookies, some information like anonymised ‘User ID’s’ for logging in to systems will not be retained, so you will need to retype them each time.
Cookies are stored for a maximum of two years, though most expire much sooner.
If you use our website enquiry service we will ask you to provide us with your name, a method of contacting you and information about your enquiry into our services. We will only use this information to respond to your enquiry. Enquires are kept on our database for maximum of four years.
When you register for a training event we will ask you whether you wish to receive information from us about other training events and related activities at Tavistock Relationships which might be of interest to you. We will not sell or rent your information to third parties for marketing purposes.
You have a choice about whether or not you wish to receive information from us. We will not contact you for marketing purposes by email, phone or text message unless you have given your prior consent.
If you do not want to receive direct marketing communications from us about the vital work we do and our exciting products and services, then you can indicate your preferences as part of the registration process.
If you change your mind at any time and no longer wish to receive information from us, then you can change your marketing preferences by contacting us by email at: firstname.lastname@example.org or by telephone on; 020 7380 1975.
How Long Do We Keep Your Information?
We review our retention periods for personal information on a regular basis. Our retention periods are set to ensure we only keep data as long as is necessary and take into account statutory and legal obligations. Your data will be kept for three years after attending CPD events or six years following the completion of any postgraduate or doctorate programmes.
Who Has Access To Your Information?
IT and Technical Providers
In processing your personal information we use the following third-party technical providers:
Your data is stored in a customer management system called Salesforce which helps us to keep your details up to date and manage your appointments. Access to your data is restricted so it is only accessed by authorised staff members. Salesforce itself complies with GDPR requirements and its servers are based in UK and EU.
We use a platform called Survey Monkey to process feedback questionnaires which are completed by our trainees. The questionnaires are completely anonymously so we do not share identifiable information with Survey Monkey. Survey Monkey servers are based outside of the EU/EEA and the platform complies with GDPR standards.
Moodle/Amazon Web Services
We use Moodle to provide the trainees on some of our courses with an online learning environment. The Learning Hub includes readings and course documents which trainees are required to access. This is a restricted access area and in order to set up a user account your name and email address is shared with Moodle. Learning Hub data is stored in cloud server (EU based) provided by Amazon Web Services.
Some trainees on our clinical trainings may receive supervision online via the ‘Zoom’ video platform. Zoom uses end-to-end encryption and is GDPR and HIPAA compliant.
When joining by computer or phone there is some device information which is collected for technical delivery purposes only and this is retained for seven days. Information provided by the telephone service provider when participants connect via phone is retained for 24 hours only for technical delivery purposes. During these retention periods this information can only be accessed with the express written permission of Tavistock Relationships.
- Participant name (as entered by the participant when joining zoom)/phone number
- Device type eg Mac/ Windows
- Public IP address
- Location (20 mile radius)
- Network type eg wifi or wired
- Microphone type eg built-in
- Speaker type eg built-in
- Camera type
- Data centre
- Connection time
- Join and leave time
Mailchimp - Marketing and Mailings
If you have consented to receiving information from us on our courses or related activities via email, we will use a software package called Mailchimp to do this. Your name and email address will be shared with Mailchimp who will store your information on servers are based in the United States. Mailchimp conforms to GDPR compliance standards and will not use your data for purposes other than the purpose of sending you our emails.
Funding and Partner Organisations
University of East London- Postgraduate and Professional Doctorate Programmes
Tavistock Relationships postgraduate and professional doctorate programmes are validated by the University of East London. In order to provide these programmes, we are required to share information with UEL in order to enrol you onto the course, provide access to UEL resources and to confirm your qualification.
As our postgraduate qualifications also provide you with a clinical qualification, when you graduate we will also share with the appropriate representative body (eg BACP, COSRT) confirmation of your qualification. We will notify you at the end of your course when this will happen.
Some of our training courses may be free or low fee for participants to attend as TR may receive government or other funding to deliver the training. Sometimes we may deliver this training together with a partner organisation which may result in personal information being shared in order to deliver the training. We do not sell your data and would only share the information if it is absolutely necessary in order to deliver the training. Partner organisations are required to comply with the GDPR and only process data for the purposes outlined by written agreement.
Where training is funded we may be required to report on how many trainees attended and provide anonymised feedback responses. No identifiable information is routinely reported. We may be subject to audits in order to ensure that we are fulfilling our contractual obligations in a fair and truthful manner.
All students on our clinical and doctoral programmes are automatically members of the Alumni body. Membership comes with the right to be sent the Couple and Family Psychoanalysis journal. In order to facilitate this we pass names and mailing addresses to Phoenix Publishing House.
We also have a directory of Alumni members including students which is made available to all Alumni members but which is not a publicly available document. Students have their name and email address in this directory but no street address unless they are already clinically-qualified and wish to have their consulting room address and contact details, together with their type of clinical qualification, made available for referrals from other Alumni members.
Graduate membership of the Alumni body is optional, but it comes with the right to be sent the Couple and Family Psychoanalysis journal. In order to facilitate this we pass names and mailing addresses to Phoenix Publishing House.
Graduate members of the Alumni body have their consulting room address and contact details, together with their type of clinical qualification, made available for referrals from other Alumni members and from the Heads of Clinical Services at Tavistock Relationships. This is not a publically available document.
The Alumni directory is maintained in accordance with GDPR.
Keeping Your Data Secure
In order to ensure we keep your personal information as secure as possible, Tavistock Relationships has robust technical and organisational procedures. These include ensuring your data is only accessed by authorised members of staff for purposes relating to the delivery of our training services. Where possible, Tavistock Relationships uses unique identifiers or anonymisation of data.
When you use our website we ensure that we keep your data (such as credit or debit card details) encrypted and protected with the following software 128-bit encryption on SSL. When you are on a secure page, a lock icon will appear on the bottom of web browsers such as Microsoft Internet Explorer.
Links To Other Websites
The GDPR gives you certain rights in relation to the data we hold about you. You can exercise the rights outlined below by contacting us:
Write to; Privacy, Tavistock Relationships, 70 Warren Street, London, W1T 5PB
Telephone: 020 7380 1975
Under the GDPR:
- You can find out what information we hold about you
- You can access a copy of the information we hold about you
- You can rectify any inaccurate or incomplete personal data
- You have the right to object to our processing of your personal information
- You can also ask us to delete or restrict how we use your personal information, but this right is determined by applicable law
- You can have your registration information (if registering using our online booking system) sent to another provider
- You have the right to appropriate decision making (Tavistock Relationships does not use automated profiling or decision making)
- You can complain to a regulator if you think we have not complied with data protection laws. You can lodge a complaint with the Information Commissioner’s Office
Review Of This Policy
We keep this Policy under regular review. This Policy was last updated on 24 May 2018.