Privacy Notice

Who is Purpose and Means?

I’m Tim Clements, Business Owner of Purpose and Means.

I’m a sole proprietor based in Denmark specialising in providing consultancy and advisory services covering Data Protection Strategy, Privacy Program Management and Data Protection Training.

I utilise a network of freelance resources matching the demand from my clients.

My aim is to provide exceptional consultancy and advisory to data-driven businesses globally.

My postal address is Esthersvej 21.st, 2900 Hellerup, Denmark.

You can contact me by email via tc@purposeandmeans.io

‍

Why Purpose and Means process your personal data

Data about you is processed in order to run my business and I endeavor to collect and process only the absolute minimum data required to deliver my products and services, as well as meet legal obligations.

‍
I process data about you for the following purposes:

‍

Registering for, and delivery of training courses

Name and email address

Registration and participation in webinars

Name and email address is captured when registering for webinars on the GoToWebinar platform
Information about your participation, level of engagement, questions you may ask are captured during the webinar within the webinar platform and are used by me for quality and webinar improvement purposes

Informing you of new products, services or webinars

If you provide consent you will receive occasional email updates from me, which you are free to opt-out of anytime by mailing me with by reply

Dealing with enquiries you may make

Name, email address and other information you may provide will only be processed in order to address your query

Invoicing for products or services you have purchased

Credit card details and postal address is captured when paying for products (using Stripe payments)

Website usage (necessary cookies only) to provide a coherent and secure website experience for you (see the Cookie Banner and explanation for further information).

‍

Processing and transfer of your personal data to the USA

IAPP courses
The course you enrol on with Purpose and Means is offered in cooperation with the IAPP based in the USA.

Once you register for the course, your name, email address, and existing IAPP membership status will be transferred to the IAPP in the USA. This is necessary in order to complete the course registration, and to allow you access to online training material, register you as a member of the IAPP, and make the required arrangements before a certification exam, if relevant.

The transfer of your personal data to the IAPP in the USA is necessary for the performance of the training course contract between you and Purpose and Means, and for the performance of the contract concluded in your interest between Purpose and Means and the IAPP.

Webinars
When you register for a webinar with Purpose and Means your name, email address and location (country) is collected directly by LogMeIn Inc. who are based in the USA. Registration is confirmed to you by LogMeIn Inc. via email including the URL to be used to access the webinar at the specific time and date.

As part of the registration, you are offered the possibility to explicitly consent to receive a newsletter from Purpose and Means.

All registration information collected by LogMeIn Inc. is accessibe by Purpose and Means.

During the webinar itself, data about your participation is captured by LogMeIn Inc. including the time you joined and left the webinar, any interactions you made during the session (e.g. questions, chat, surveys or polls completed), as well as an assessment of your level of attention during the session (this is based your use of other applications during the session, e.g. checking email, etc).

Information about your participation in specific webinars is accessible to Purpose and Means, and is used to assess the effectiveness and suitability of the webinar content, and to provide you with a newsletter if consent was given.

‍

Data retention

Data about you will be retained only for as long as is necessary for the duration of each processing purpose and will be deleted when there is no applicable purpose or outstanding legal requirement.

‍

Tracking Technologies aka Cookies

I strive to avoid using cookies but some of the tools I have selected unfortunately do involve the use of cookies in order for this website to function in a coherent and secure manner. Information about the cookies used can be obtained by clicking on the Cookie Banner in the bottom left corner of this webpage, and are summarised as follows:

Third Parties

‍
Purpose and Means is currently undertaking various projects to migrate to third parties solely based in the EU and currently use the following companies to provide services that involve the processing of your data:

EU-based:
Hetzner - storage of data using Nextcloud storage share platform and Nextcloud Talk for small group video conferencing (Hetzner's Privacy Notice)
Tutanota - secure email (Privacy Notice)
Cookie Script - provides cookie banner and cookie consent functionality (Privacy Notice)

US-based:
Webflow – hosting provider of this website (Privacy Notice)
LogMeIn Inc. – GoToWebinar webinar platform (Privacy Notice)
Microsoft – large group video conferencing and training (Teams), booking meetings (Bookings & Calendar) and email correspondence
Stripe – processing credit card payments (Privacy Notice)

‍
Information about the companies and their own Privacy Notices can be obtained by clicking the links.

Your rights

Please contact me to exercise your rights according to the GDPR that are summarized in this chart.

‍

Please note that not all rights apply to all lawful bases of processing.

If you are not satisfied in any way with your experience of using this website, or have any concerns regarding the processing of data about you, please contact me so I can address your concerns.

You also have the right to complain to the Danish Supervisory Authority, Datatilsynet.