Company name

Savran Ltd (‘the Company’)

Company contact details:

Suite 3, Level 5, Berkeley Square House, London, W1J 6BY

Rita Chowdhry (Managing Director & Data Protection Officer)

[email protected]


16 May 2018

The Company is a coaching and consulting company which works with individuals and corporates to enhance performance, we offer our client a bespoke and holistic service that includes a blend of profiling, coaching and training. The Company must process personal data (including sensitive personal data) so that it can provide these services – in doing so, the Company acts as a data controller.

You may give your personal details to the Company directly, when contacting us in person or via our website, or they will be provided by your current or prospective employer. The Company must have a legal basis for processing your personal data. For the purposes of providing services and/or information relevant to you we will only use your personal data in accordance with the terms of the following statement.

Collection and use of personal data

Purpose of processing and legal basis

The Company will collect your personal data (which may include sensitive personal data) and will process your personal data for the purposes of providing you with our services and to maintain our business relationship.

Where the Company has relied on a legitimate interest to process your personal data our legitimate interests are as follows:

  • As a Coaching and consulting company we require personal information from you to assist with profiling, coaching and training to aid with your professional and personal development, as well as contacting you when necessary.

Recipient/s of data

The Company will process your personal data and/or sensitive personal data with your current or prospective employer with regard to DISC reports and profiling if instructed to do so by our client and authorisation from you beforehand.

Statutory/contractual requirement

Whilst the Company’s main legal basis for the processing of personal data is its legitimate business interests, we will also rely on a legal obligation for use and storage of your data.

The Company will retain your personal data only for as long as is necessary. In accordance with our Insurers, we retain your details on our system for 6 years after our last point of contact with you (to ensure we can provide evidence in a civil action if ever required).

Protection of your data

We protect the personal information that you share with us.  Access to your personal information is limited only to our employees and your current or potential employer (if requested from our client, with your prior permission. To prevent unauthorised access and ensure proper use of your information we have put in place appropriate procedures to safeguard and secure the information we collect.

Except as set out above, we will not, without your specific prior consent, sell, trade or transfer your information to third parties other than already authorised.  We oblige such third parties to comply with our privacy policy and limit their access and use of your personal information.

Your rights

Please be aware that you have the following data protection rights:

  • The right to be informed about the personal data the Company processes on you;
  • The right of access to the personal data the Company processes on you;
  • The right to rectification of your personal data;
  • The right to erasure of your personal data in certain circumstances;
  • The right to restrict processing of your personal data;
  • The right to data portability in certain circumstances;
  • The right to object to the processing of your personal data that was based on a public or legitimate interest;
  • The right not to be subjected to automated decision making and profiling; and
  • The right to withdraw consent at any time.

Where you have consented to the Company processing your personal data and sensitive personal data you have the right to withdraw that consent at any time by contacting:

Rita Chowdhry (Managing Director & Data Protection Officer) [email protected]

Automated decision-making

The DISC system we use is hosted by PeopleKeys, who are based in the USA. If you have any enquiry regarding your DISC personal data, you should contact PeopleKeys for further information.

PeopleKeys are the controller of the data provided to them when a DISC profile is purchased.

PeopleKeys has taken all necessary measures to ensure their personal data processing procedures are compliant for the purposes of GDPR.

The measures taken include:

  • Identification of all personal data processing procedures,
  • Analysis of the risk related to personal data processing,
  • Selection of proper technical and organizational measures for personal data protection in order to ensure proper security of personal data, including protection against unlawful or illegal processing and their accidental loss, destruction or damage,
  • Conclusion or amendment of relevant personal data processing outsourcing agreements,
  • Adjustment of data collection procedures to standards imposed by the GPDR,
  • Preparation of internal documentation regarding personal data protection.

Please also read their data policy for more information:

Complaints or queries

If you wish to complain about this privacy notice or any of the procedures set out in it please contact:

Rita Chowdhry (Managing Director & Data Protection Officer) [email protected]

You also have the right to raise concerns with Information Commissioner’s Office on 0303 123 1113 or at, or any other relevant supervisory authority should your personal data be processed outside of the UK, if you believe that your data protection rights have not been adhered to.