Privacy Policy – McBride Coaching Ltd

Trading as Tony McBride – Career Navigation Specialist

Last Updated: May 16, 2025

1. Introduction and Your Details

1.1 McBride Coaching Ltd, trading as Tony McBride – Career Navigation Specialist (“we”, “us”, “our”), is committed to protecting and respecting your privacy. McBride Coaching Ltd is the controller responsible for your personal data.

1.2 This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website (www.tonymcbride.net), use our services, or otherwise interact with us.

1.3 We are registered with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection issues, under registration number ZB895032. Our registered address is Suite 3, 2nd Floor Didsbury House, 748 – 754 Wilmslow Road, Didsbury, Greater Manchester, M20 2DW, United Kingdom.

1.4 If you have any questions about this Privacy Policy or our data protection practices, or if you wish to exercise any of your legal rights, please contact us at:

Email: contact@tonymcbride.net

Postal Address: McBride Coaching Ltd, Suite 3, 2nd Floor Didsbury House, 748 – 754 Wilmslow Road, Didsbury, Greater Manchester, M20 2DW, United Kingdom.

2. What Personal Data We Collect

2.1 We may collect, use, store, and transfer different kinds of personal data about you, which we have grouped together as follows:

Identity Data: Includes first name, last name, username or similar identifier.

Contact Data: Includes billing address, delivery address, email address, and telephone numbers.

Professional and Background Data: Includes information from your CV (such as employment history, education, qualifications, skills, experience), information shared during coaching sessions related to your career aspirations, challenges, and progress, and any other documents or information you provide to us in connection with our services.

Session Data: Includes transcriptions of conversations from online coaching sessions (e.g., via Google Meet).

Transaction Data: Includes details about payments to and from you and other details of services you have purchased from us.

Technical Data: Includes internet protocol (IP) address, your login data (if you have an account on our website), browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.

Usage Data: Includes information about how you use our website and services.

Marketing and Communications Data: Includes your preferences in receiving marketing from us and our third parties and your communication preferences.

User Account Data: If you create an account on our website (e.g., via WordPress), this may include your username and password (managed by the website platform).

3. How We Collect Your Personal Data

3.1 We use different methods to collect data from and about you, including through:

Direct Interactions: You may give us your Identity, Contact, Professional and Background, and Financial Data by filling in forms on our website, by corresponding with us by post, phone, email, during coaching sessions, or otherwise. This includes personal data you provide when you:

Enquire about or apply for our services;

Purchase our services (including one-off sessions, subscriptions, packages, or the Career Navigation Academy);

Create an account on our website;

Subscribe to our mailing list or download free resources;

Request marketing to be sent to you;

Give us feedback or contact us.

Automated Technologies or Interactions: As you interact with our website, we may automatically collect Technical Data about your equipment, Browse actions, and patterns. We collect this personal data by using cookies and other similar technologies. Please see Clause 10 (Cookies and Other Tracking Technologies) for further details.

Third Parties or Publicly Available Sources: We may receive personal data about you from various third parties, such as:

Technical Data from analytics providers like Google Analytics, Microsoft Clarity, and Jetpack.

Transaction Data from providers of payment services like Stripe and PayPal.

Contact, Financial and Transaction Data from providers of accounting software like QuickBooks.

4. Lawful Basis for Processing Your Personal Data

4.1 We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

Performance of Contract: Where we need to perform the contract we are about to enter into or have entered into with you (e.g., to provide you with coaching, CV writing, or other career navigation services).

Legitimate Interests: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (e.g., for responding to enquiries, improving our services, administrative purposes, or website security).

Consent: Where you have given us your explicit consent to do so (e.g., for sending you direct marketing communications via email).

Legal Obligation: Where we need to comply with a legal or regulatory obligation (e.g., keeping financial records for tax purposes).

4.2 Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to sending direct marketing communications to you via email (e.g., if you sign up via our free resource downloads). You have the right to withdraw consent to marketing at any time by contacting us or using the “unsubscribe” link in marketing emails.

4.3 For the storage of transcriptions from Google Meet sessions, we rely on Performance of Contract (to review and ensure service quality or provide notes to you if agreed) and our Legitimate Interests (for professional record-keeping).

5. How We Use Your Personal Data

5.1 We have set out below a description of the ways we plan to use your personal data, and which of the lawful bases we rely on to do so:

To register you as a new client: (Identity, Contact) – Performance of Contract.

To provide our services to you (including coaching, CV writing, interview preparation, Academy programmes): (Identity, Contact, Professional and Background, Session, Transaction) – Performance of Contract.

To manage payments, fees, and charges: (Identity, Contact, Transaction, Financial) – Performance of Contract; Legal Obligation.

To manage our relationship with you (e.g., notifying you of changes to terms or privacy policy, responding to enquiries, asking for feedback): (Identity, Contact, Marketing and Communications) – Performance of Contract; Legitimate Interests.

To enable you to partake in a promotion, competition, or complete a survey: (Identity, Contact, Marketing and Communications, Usage) – Performance of Contract; Legitimate Interests; Consent (where applicable).

To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data): (Identity, Contact, Technical) – Legitimate Interests; Legal Obligation.

To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you: (Identity, Contact, Usage, Marketing and Communications, Technical) – Legitimate Interests; Consent (for non-essential cookies/marketing).

To use data analytics to improve our website, products/services, marketing, customer relationships and experiences:19 (Technical, Usage) – Legitimate Interests; Consent (for non-essential analytics cookies).

To make suggestions and recommendations to you about goods or services that may be of interest to you, including sending marketing communications: (Identity, Contact, Usage, Marketing and Communications) – Consent; Legitimate Interests (for certain existing client communications, with opt-out).

To comply with legal or regulatory obligations: (Identity, Contact, Transaction, Financial, Technical) – Legal Obligation.

6. Data Sharing and Disclosures (Third Parties)

6.1 We may have to share your personal data with the parties set out below for the purposes set out in Clause 5:

Payment Processors: Stripe and PayPal, for processing payments securely.

Accounting Software: QuickBooks, for invoicing and financial record-keeping.

Email Marketing Platform: MailChimp, for managing our mailing list and sending marketing communications to which you have consented.

Communication and Collaboration Tools: Google Meet, for conducting online coaching sessions. Data processed by Google is subject to their privacy policies.

Website and E-commerce Platform: WordPress and WooCommerce, which power our website and online store. Our website hosting provider also processes data on our behalf.

Professional Advisers: Acting as processors or joint controllers including lawyers, bankers, auditors, and insurers based in the UK who provide consultancy, banking, legal, insurance, and accounting services.

HM Revenue & Customs, regulators, and other authorities: Acting as processors or joint controllers based in the United Kingdom who require reporting of processing activities in certain circumstances.

6.2 We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We only permit our third-party service providers to process your personal data for specified purposes and in accordance with our instructions where they are acting as our data processors. Where they act as independent controllers (e.g., PayPal, Stripe for some of their processing), their own privacy policies will apply.

7. Data Security

7.1 We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. These measures include:

Using anti-virus software, firewalls, and strong passwords (changed regularly) on our computer systems.

Employing two-factor authentication (2FA) for key systems like WordPress and WooCommerce where available.

Ensuring our laptop is password-protected.

Utilising secure cloud services (like Google Drive) that employ encryption for data storage.

Limiting access to your personal data to only myself as the sole authorised person who has a business need to know.

Shredding any physical documents containing personal data (such as CVs) once they are no longer needed for the immediate provision of service and have been digitised if necessary.

7.2 We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator (such as the ICO) of a breach where we are legally required to do so.

8. Data Retention

8.1 We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

8.2 Our general retention periods are as follows:

Client engagement records (including CVs, coaching notes, communications): For 3 years after the end of our engagement.

Financial records (invoices, payment details): For 6 years after the end of the relevant financial year for tax and accounting purposes.

Mailing list data (via MailChimp): As long as you remain subscribed. We will periodically review our mailing lists and may remove inactive subscribers. You can unsubscribe at any time.

Enquiries from non-clients: For 3 years after the last communication.

Website analytics data: Retained according to the default settings of our analytics tools or for a period reasonable for statistical analysis and website improvement.

8.3 In some circumstances, you can ask us to delete your data: see Clause 9 (Your Legal Rights) below for further information.

9. Your Legal Rights

9.1 Under certain circumstances, you have rights under UK data protection laws in relation to your personal data. These include the right to:

Request access to your personal data (commonly known as a “data subject access request”).

Request correction of the personal data that we hold about you.

Request erasure of your personal data where there is no good reason for us continuing to process it.

Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the absolute right to object to your data being used for direct marketing.

Request restriction of processing of your personal data.

Request the transfer of your personal data to you or to a third party in a structured, commonly used, machine-readable format (in certain circumstances).

Withdraw consent at any time where we are relying on consent to process your personal data.

9.2 If you wish to exercise any of the rights set out above, please contact us at contact@tonymcbride.net. You will not usually have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

9.3 We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

10. Cookies and Other Tracking Technologies

10.1 Our website uses cookies and similar technologies to distinguish you from other users of our website, to provide essential functionality, and to help us improve your experience.

10.2 A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree (or for essential cookies, automatically).

10.3 We use the following types of cookies:

Strictly Necessary Cookies: These are required for the operation of our website, such as enabling you to log into secure areas or use e-commerce functionalities (e.g., via WordPress and WooCommerce).

Analytical/Performance Cookies: They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works. We use Google Analytics, Microsoft Clarity, Jetpack, and WooCommerce analytics for these purposes.

Functionality Cookies: These may be used to recognise you when you return to our website and remember your preferences.

Targeting/Social Media Cookies: Our website may include embedded links from LinkedIn, which may set cookies to track interaction or for their own advertising purposes.

10.4 Managing Cookies: Most web browsers allow some control of most cookies through the browser settings. You can usually block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies), you may not be able to access all or parts of our website.

10.5 Consent for Non-Essential Cookies: For all non-essential cookies (such as those used for analytics, functionality, and targeting/social media), we are required to obtain your prior consent. We recommend implementing a cookie consent management tool on our website to allow you to manage your preferences. 

11. International Data Transfers

11.1 Some of our external third-party service providers (as listed in Clause 6) are based outside the UK or process data outside the UK (e.g., in the USA). This means that the processing of your personal data by them may involve a transfer of data outside the UK.

11.2 Whenever we (or our third-party providers) transfer your personal data out of the UK to a country not deemed to provide an adequate level of protection for personal data by the UK Government, we ensure a similar degree of protection is afforded to it by ensuring that appropriate safeguards are implemented. This typically involves relying on:

The UK Extension to the EU-U.S. Data Privacy Framework (DPF) where the US provider is certified.

The UK’s International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses (SCCs).

Binding Corporate Rules (BCRs) adopted by the provider.

11.3 We take steps to ensure that these third-party providers have committed to protecting your data appropriately. You can usually find more information about their data transfer practices in their respective privacy policies.

12. Changes to This Privacy Policy

12.1 We may update this Privacy Policy from time to time. The “Last Updated” date at the top of this policy will indicate when it was last revised.

12.2 We will post any changes on our website. For any significant changes, we may also choose to notify you via email or other direct communication.

12.3 We encourage you to review this Privacy Policy regularly to stay informed about how we are protecting your data.

13. Contact Details for Data Protection Queries and Complaints

13.1 If you have any questions about this Privacy Policy, our data protection practices, or wish to exercise any of your legal rights, please contact us at:

Email: contact@tonymcbride.net

Postal Address: McBride Coaching Ltd, Suite 3, 2nd Floor Didsbury House, 748 – 754 Wilmslow Road, Didsbury, Greater Manchester, M20 2DW, United Kingdom.

13.2 We are registered with the Information Commissioner’s Office (ICO) under registration number ZB895032.

13.3 If you are not satisfied with our response to any complaint or believe we are not processing your personal data in accordance with the law, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection issues. Their website is www.ico.org.uk, and they can be contacted via their helpline or online.