GDPR & Privacy


We take the management of your information very seriously. Every reasonable effort is taken to ensure your information is kept secure and intact.  However if at any point you wish to discuss how the Academy manages your information please get in touch via the contact details below.

How we use information

To administer your membership:

We collect minimal personal details in order to be able to identify you as an individual member.  This includes your name, address, job title, contact details and payment information.  Your membership information is processed as part of your membership agreement, which can be cancelled at any time. 

Formal notices about your membership will be sent to your designated email address unless you request a paper copy.  Such notices typically consist of membership confirmation and renewals, annual reports, details of the AGM.

Potential employers may also enquire with us to validate your membership status (including qualifications).  We verify status only; no copies of information are given out for this purpose.

If you leave the Academy, details about your membership are kept on record for 6 years from the date of your membership lapse.  This is enables us to verify your membership with us should you need to prove membership during that time frame. 

The categories of member information that we collect, process, hold and share include:

  • personal information (such as name, address)
  • special categories of data including characteristics information such as gender, age)
  • coaching qualifications
  • address and contact numbers
  • Disclosure and Baring Services
  • Safeguarding and Child Protection training certificates

Why we collect and use this information:

We use membership data to:

  • process new membership applications
  • administer your membership, including ensuring compliance with mandatory requirements
  • to make you aware of your benefits of membership
  • administer coaching qualifications
  • send you information regarding coaching courses, events
  • budgetary purposes

The lawful basis on which we process this information:

We process this information under the Data Protection Act 1998 (DPA) and “Article 6” and “Article 9” of the General Data Protection Regulation (GDPR)

  • Article 6(1)(b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
  • Article 9(2)(b) processing is necessary for the purpose of carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of employment and social security and social protection law in so far as it is authorised by Union or Member State law or a collective agreement pursuant to Member State law providing for appropriate safeguards for the fundamental rights and the interests of the data subject.

Note: We have a legal duty under the DPA and the GDPR to ensure that any personal data we process is handled and stored securely

Collecting this information:

Whilst the majority of information you provide to us is mandatory, some of it is provided to us on a voluntary basis.  In order to comply with data protection legislation, we will inform you whether you are required to provide certain information to us or if you have a choice in this.

Storing this information:

We hold membership data for no longer than is necessary. 

Who we share this information with:

We do not routinely share this information with any other organisation or individual outside of the Academy. 

Why we share membership information:

We do not share information about academy members with anyone without consent unless the law and our policies allow us to do so.

Requesting access to your personal data:

Under data protection legislation, you have the right to request access to information about you that we hold.  To make a request for your personal information, contact the BAF Membership Secretary.

You also have the right to:

  • object to processing of personal data that is likely to cause, or is causing, damage or distress
  • prevent processing for the purpose of direct marketing
  • object to decisions being taken by automated means
  • in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
  • claim compensation for damages caused by a breach of the Data Protection regulations

If you have a concern about the way we are collecting or using your personal data, we ask that you raise your concern with us in the first instance.  Alternatively, you can contact the Information Commissioner’s Office at

Further information:

If you would like to discuss anything in this privacy notice, please contact:

BAF Membership Secretary