GDPR Policy

MYROOTS.LU considers that protecting the personal information on its clients is extremely important and therefore we acknowledge that you have an interest in how we collect, use and share such information. For that reason, we have prepared this statement, the intention of which is to inform you of how we use and protect that information.

Our Principles:

1. To ensure that data is obtained and processed fairly and lawfully.

2. To keep and process personal information only for legitimate purposes outlined in this document.

3. Not to disclose personal information without the permission of the individual to which it relates except in limited circumstances as permitted or required by law.

4. To maintain appropriate procedures to ensure that personal information we hold is accurate and up to date.

5. Where we choose to have certain services provided by third parties, we will do so in accordance with current legislation and will take all reasonable steps to ensure that the practices employed by that provider protect personal information.

6. To maintain the technical and organisational safeguards to protect personal information against theft, loss, unauthorised access, disclosure, copying, use or modification.

7. Not to sell personal information.

8. To undertake not to transfer personal data outside the European economic area without ensuring adequate security and protection systems are in place.

What Information is stored:

Information held about a client can and will include:

Contact details (work and or home), Mobile number, e-mail address, language, gender, birthday, VAT number, employment history, coaching history, bank account information;

What the Information is used for:

The information is used for coaching and administration purposes: including contacting clients, invoicing and possible mailing out of the client e-mail newsletters.

Where the Information is stored:

All client records are securely stored within the company; manual records are kept in filing cabinets and computer held records are password controlled.

How long the Information will be kept:

Information pertinent to current clients is retained on record for an indefinite period to enable suitable follow up for later coaching sessions to be offered.

Who has access to the data:

All relevant administration and executive staff have access to the data; this is by way of a specific user name and password that allows the member of staff access to the database.

The Data Protection Act provides for you to have access to your own personal information. On submission of a written request to one of the two Partners of My Roots you will be supplied with a copy of the personal data from your personal file. The Partner will respond to such requests within 30 days.