Open Door Coaching Online

Open Door Coaching online learning portal.

Privacy Policy

Data Security and Privacy Policy

1. Purpose

The purpose of this policy is to establish guidelines for collecting, using, storing, and protecting personal and sensitive information to ensure data privacy and security. Open Door is committed to safeguarding the personal information of its clients, employees, and stakeholders, and this policy outlines the practices and measures used to ensure compliance with applicable data protection laws and standards.

2. Scope

This policy applies to all employees, contractors, and third-party vendors who handle or have access to personal data. It governs the collection, processing, storage, and security of personal data, including customer, employee, and partner information.

Note: This policy informs and is to be read in conjunction with the Privacy Notices on the Enrolment Form and Student Information Handbook issued to students.

3. Definitions

  • Personal Data: Any information related to an identifiable individual (e.g., name, address, email, IP address, financial details).
  • Sensitive Personal Data: Personal data that requires extra protection (e.g., health information, financial data, tax file numbers, social security numbers).
  • Data Processing: Any operation performed on personal data (e.g., collection, storage, use, transmission, or deletion).
  • Data Controller: The entity that determines the purposes and means of processing personal data.
  • Data Processor: The entity that processes personal data on behalf of the data controller.

4. Data Collection

Open Door collects personal data only for legitimate business purposes, which include:

  • Providing services to our clients
  • Fulfilling contractual obligations
  • Communicating with customers, employees, and stakeholders
  • Meeting legal and regulatory requirements

5. Data Use

The personal data Open Door collects will be used only for the purposes for which it was collected, and we will not use it for any other purpose without obtaining explicit consent from the individual, where required by law. We will:

  • Use personal data responsibly and transparently.
  • Ensure data is processed fairly, lawfully, and transparently.
  • Retain personal data only as long as necessary to fulfill its intended purpose, unless longer retention is required by law.

6. Data Protection Principles

Open Door adheres to the following principles to ensure data privacy and security:

  • Lawfulness, Fairness, and Transparency: Data is collected and processed lawfully and fairly, and individuals are informed of how their data will be used.
  • Data Minimisation: Only the data necessary for specific, legitimate purposes is collected.
  • Accuracy: Personal data is kept accurate and up to date.
  • Storage Limitation: Data is retained only for as long as necessary for the intended purposes.
  • Integrity and Confidentiality: Personal data is protected against unauthorised or unlawful processing, accidental loss, destruction, or damage through appropriate technical and organisational security measures.

7. Data Security Measures

Open Door implements the following security measures to protect personal data from unauthorized access, misuse, loss, or destruction:

  • Access Controls: Only authorized personnel with a legitimate need to access data can do so. Access rights are regularly reviewed.
  • Network Security: Firewalls, intrusion detection systems (IDS), and other security technologies are used to protect data from cyber threats.
  • Physical Security: Data centers and offices are secured to prevent unauthorized access to physical records.
  • Data Anonymisation: If applicable, personal data is anonymised or pseudonymised to protect the identity of individuals.
  • Encryption: If applicable, sensitive data is encrypted both in transit and at rest.

8. Third-Party Data Sharing

Open Door may share personal data with third-party vendors or service providers for legitimate business purposes, such as providing services to clients or processing payments. When we do, we ensure:

  • The third party complies with data protection laws and standards.
  • Data sharing agreements are in place to govern the security and privacy of shared information.
  • Personal data is not shared for marketing purposes without explicit consent from the individual.

9. Data Retention and Disposal

Open Door will retain personal data for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required by law. When personal data is no longer needed, it will be securely deleted or destroyed using appropriate methods, such as:

  • Data Deletion: Permanent deletion of digital records from systems.
  • Secure Shredding: Disposal of physical records via shredding.

10. Rights of Individuals

Open Door recognizes the rights of individuals regarding their personal data, including:

  • Right to Access: Individuals can request access to their personal data.
  • Right to Rectification: Individuals can request correction of inaccurate or incomplete data.
  • Right to Erasure ("Right to be Forgotten"): Individuals can request the deletion of their personal data in certain circumstances.
  • Right to Restriction of Processing: Individuals can request to limit the processing of their data.
  • Right to Data Portability: Individuals can request their data be transferred to another organization in a commonly used format.
  • Right to Object: Individuals can object to the processing of their personal data under certain circumstances.

Requests regarding any of the above rights can be made by contacting the Open Door authorised representatives (at the time of writing) being the Chief Executive Officer or Business Operations Manager. Authorised representatives will respond to such requests in accordance with applicable laws.

11. Data Breach Response

In the event of a data breach that may compromise personal data, Open Door will:

  • Notify affected individuals as soon as possible if required by law.
  • Investigate the breach to determine its scope and cause.
  • Mitigate further risks by taking immediate action to contain the breach.
  • Notify relevant regulatory authorities where required.

12. Training and Awareness

All employees are trained on data security and privacy best practices, and they are required to:

  • Follow the organisation’s data protection policies and procedures.
  • Report any suspected data breaches or security incidents immediately.
  • Participate in ongoing data privacy and security training.

13. Policy Review and Updates

This policy will be reviewed annually or whenever significant changes occur in business processes, technology, or applicable laws. Open Door will make updates as needed to ensure compliance and continue protecting personal data.

 

Privacy Notice Policy

 

1. Purpose

The purpose of this Privacy Notice Policy is to establish guidelines for the communication of the collecting, using, storing, and protecting personal and sensitive information to ensure data privacy and security. Open Door is committed to safeguarding the personal information of its clients, employees, and stakeholders, and this policy outlines the practices and measures used to communicate the Policy.

2. Scope

This policy applies to all employees, contractors, and third-party vendors who handle or have access to personal data. It governs the collection, processing, storage, and security of personal data, including customer, employee, and partner information.

Note: This policy informs the Privacy Notices on the Enrolment Form and Student Information Handbook issued to students.

Note 2: This policy is to be read in conjunction with the Data Security & Privacy Policy.

3. Definitions

  • Personal Data: Any information related to an identifiable individual (e.g., name, address, email, IP address, financial details).
  • Sensitive Personal Data: Personal data that requires extra protection (e.g., health information, financial data, tax file numbers, social security numbers).
  • Data Processing: Any operation performed on personal data (e.g., collection, storage, use, transmission, or deletion).
  • Data Controller: The entity that determines the purposes and means of processing personal data.
  • Data Processor: The entity that processes personal data on behalf of the data controller.

4. Data Collection

Open Door collects personal data only for legitimate business purposes, which include:

  • Providing services to our clients
  • Fulfilling contractual obligations
  • Communicating with customers, employees, and stakeholders
  • Meeting legal and regulatory requirements

5. Communication

Open Door will ensure that students are informed of the Privacy Policy and (as a minimum) will:

  1. Communicate the following information to students via the Enrolment Form and Student Information Handbook; and
  2. Communication prior to collecting any data.

5.1 Why we collect your personal information

We collect your personal information so we can process and manage your enrolment with us.

5.2 How we use your personal information

As part of this training program, we may collect certain personal information from participants, including but not limited to names, job titles, and contact details. We take your privacy seriously and commit to safeguarding this information.

  1. Internal Use: Your personal information will only be used for purposes related to the training program, such as tracking participation, facilitating group activities, and providing training materials.
  2. Disclosure to Third Parties: We do not share your personal information with third parties, except in the following cases:
    • Service Providers: In rare instances, third-party service providers (e.g., platform hosts, course facilitators) may require access to your information for technical support or administrative purposes. These providers are required to protect your data and comply with our privacy policies.
    • Legal Requirements: We may disclose your personal information if required to comply with legal obligations, such as a court order, law enforcement request, or regulatory requirements.
  3. Confidentiality: All personal information shared during the training, such as discussions or group work, will remain confidential and only be used within the context of the training. We encourage all participants to respect the privacy of others.

5.3 Contact information

At any time, you may contact Open Door to:

  • request access to your personal information
  • correct your personal information
  • make a complaint about how your personal information has been handled
  • ask a question about this Privacy Notice

5.4 Student Participation Handbook

The Student Participation Handbook has other useful information that is relevant to your training and you are encouraged to read this prior to signing below.

6. Rights of Individuals

Refer to the Data Security & Privacy Policy.

7. Data Breach Response

Refer to the Data Security & Privacy Policy.

8. Training and Awareness

All employees are trained on data security and privacy best practices, and they are required to:

  • Follow the organisation’s data protection policies and procedures.
  • Report any suspected data breaches or security incidents immediately.
  • Participate in ongoing data privacy and security training.

9. Policy Review and Updates

This policy will be reviewed annually or whenever significant changes occur in business processes, technology, or applicable laws. Open Door will make updates as needed to ensure compliance and continue protecting personal data.