Effective Date:
May 9, 2025
Our contact details:
Name: Marsco
Email: lorraine@marscoadhd.co.uk
ICO Registration Number: ZB897172
Email: lorraine@marscoadhd.co.uk
ICO Registration Number: ZB897172
The type of personal information we collect
We collect and process the following personal information:
We collect and process the following personal information:
• Personal identifiers: Name, date of birth, contact details (specifically email)
• Health and wellbeing information: Relevant to coaching and support needs
• Communication records: Emails, messages, and notes from sessions
• Payment details: If applicable, for billing purposes
• Health and wellbeing information: Relevant to coaching and support needs
• Communication records: Emails, messages, and notes from sessions
• Payment details: If applicable, for billing purposes
How we get your personal information and why we have it
Most of the personal information we process is provided directly by you:
Most of the personal information we process is provided directly by you:
• To provide ADHD coaching and wellbeing support
• To communicate about appointments, updates, or enquiries
• To process payments (if applicable)
• To meet legal or safeguarding obligations
We also receive your data through email correspondence, online forms, or third-party booking systems.
• To communicate about appointments, updates, or enquiries
• To process payments (if applicable)
• To meet legal or safeguarding obligations
We also receive your data through email correspondence, online forms, or third-party booking systems.
Lawful Bases for Processing Your Data:
In accordance with UK GDPR, our lawful bases include:
In accordance with UK GDPR, our lawful bases include:
• Consent: You give us permission to process your data (e.g., signing up for a service).
• Contract: Processing is necessary to deliver coaching services.
• Legal obligation: To comply with applicable laws or safeguarding requirements.
• Contract: Processing is necessary to deliver coaching services.
• Legal obligation: To comply with applicable laws or safeguarding requirements.
How we store and protect your personal information
Your data is stored securely through the following measures:
Your data is stored securely through the following measures:
• Electronic Data: Protected with encryption, strong passwords, and secure cloud storage compliant with GDPR standards.
• Physical Data: Stored in locked cabinets and securely shredded when no longer needed.
• Access Control: Limited strictly to authorised personnel who need the data for their role.
We retain personal data for a minimum of 3 years, after which it is securely deleted or anonymised unless a longer retention period is required by law.
• Physical Data: Stored in locked cabinets and securely shredded when no longer needed.
• Access Control: Limited strictly to authorised personnel who need the data for their role.
We retain personal data for a minimum of 3 years, after which it is securely deleted or anonymised unless a longer retention period is required by law.
Data retention periods in line with UK law:
• Coaching and non-financial personal data: Usually retained for up to 3 years after the last contact or session. This allows time for any follow-up or safeguarding concerns.
• Financial and transactional data: To comply with HMRC regulations, we retain these records for 6 years.
Once the retention period has ended, or the data is no longer necessary for the purpose it was collected, we securely delete or anonymise it.
• Financial and transactional data: To comply with HMRC regulations, we retain these records for 6 years.
Once the retention period has ended, or the data is no longer necessary for the purpose it was collected, we securely delete or anonymise it.
Data security measures specific to GDPR
To ensure your data is handled securely, we:
To ensure your data is handled securely, we:
• Use encrypted storage for all electronic records.
• Regularly update and maintain our security systems.
• Use secure, GDPR-compliant third-party platforms for payment processing and communication.
• Train all staff on data protection and confidentiality protocols.
• Conduct regular data security audits to prevent unauthorised access.
• Regularly update and maintain our security systems.
• Use secure, GDPR-compliant third-party platforms for payment processing and communication.
• Train all staff on data protection and confidentiality protocols.
• Conduct regular data security audits to prevent unauthorised access.
Your data protection rights
Under the UK GDPR, you have rights including:
Under the UK GDPR, you have rights including:
• Right of access: Request a copy of your personal data.
• Right to rectification: Correct inaccurate or incomplete data.
• Right to erasure: Request deletion of your data, subject to legal retention obligations.
• Right to restriction of processing: Limit how we use your data.
• Right to object: Object to certain types of processing, such as marketing.
• Right to data portability: Request your data in a structured, common format for transfer to another provider.
To exercise your rights, contact us via email at lorraine@marscoadhd.co.uk
• Right to rectification: Correct inaccurate or incomplete data.
• Right to erasure: Request deletion of your data, subject to legal retention obligations.
• Right to restriction of processing: Limit how we use your data.
• Right to object: Object to certain types of processing, such as marketing.
• Right to data portability: Request your data in a structured, common format for transfer to another provider.
To exercise your rights, contact us via email at lorraine@marscoadhd.co.uk
How to make a complaint
If you have concerns about how we handle your personal data, you can contact us at lorraine@marscoadhd.co.uk.
Alternatively, you can contact the UK's ICO:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Helpline: 0303 123 1113
Website: https://ico.org.uk
Alternatively, you can contact the UK's ICO:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Helpline: 0303 123 1113
Website: https://ico.org.uk
Additional data security and handling information
We are committed to protecting your personal data and have implemented technical and organisational measures—including encryption, pseudonymisation, secure storage environments, and staff training—to ensure compliance with GDPR. We regularly review our data protection procedures to maintain the highest standards of security.
Retention of personal data is carried out in accordance with UK GDPR and relevant legal requirements:
• Personal coaching or support data is generally retained for up to 3 years after the last contact or session.
• Financial records are retained for 6 years for tax and legal compliance.
• After this period, all data is securely deleted or anonymised to prevent unauthorised access.
If you have specific questions about data retention or wish to request data deletion earlier, please contact us at lorraine@marscoadhd.co.uk.
• Financial records are retained for 6 years for tax and legal compliance.
• After this period, all data is securely deleted or anonymised to prevent unauthorised access.
If you have specific questions about data retention or wish to request data deletion earlier, please contact us at lorraine@marscoadhd.co.uk.
© 2025. All Rights Reserved.
© 2025. All Rights Reserved.