The Mentorship Collective | Privacy Notice

Privacy Notice

The Mentorship Collective Privacy Notice

Three Mentoring Privacy Notice

Please read carefully the following Privacy Notice.

Three takes the protection of personal data of all applicants, prospective applicants, and employees very seriously and ensures that we only process personal data in accordance with the GDPR, the UK-GDPR and Data Protection Act 2018. This Privacy notice provides you with information on how we use your personal information and for what purpose. It also explains how your information is stored, accessed, and transferred. It also outlines how it will be used by the Chronus the third-party mentoring platform.

During this process Three UK (Hutchinson 3G UK Ltd), Three Ireland (Hutchison) Limited and Three Ireland Services (Hutchison) Limited (together, as joint data controllers, ‘Three’ or ‘we’) will collect store and otherwise process, or instruct third parties, such as Chronus, to process personal information of mentors and mentees for the mentoring scheme.

Involvement in the mentoring scheme is entirely voluntary and you are free to choose how much information you provide when registering on the platform. By submitting the information to the platform and in the involvement of the mentoring process you have given permission for Three to use that information including all personal data as set out below.

Types of information that we collect

This policy covers any personal processed by Three in connection with the mentoring platform, including but not limited to the following:

Name, email address
Information about yourself and your career, including job level and function of the business, work location

We also ask questions about the following data, but these questions are optional, and you are not obligated to provide this information. The following data is collected to help us to match you with either a mentee or a mentor most appropriate to your needs or skills.

Location
Information about you outside of work:
Job Title
Additional information on your career including years of experience in your job, relevant qualifications, and LinkedIn URL
Demographic information including gender, ethnicity,
Employee ID number

We will also capture mandatory additional information from Mentors including:

Confirmation that they have undertaken the Mentor training
confirmation of their commitment to the programme.
Information on the career related topics they wish to support as well as specifics on their skill and strengths.

How we use the data that you submit

We use the data you submit for the following reasons.

Communicate with you about the mentoring programme
Build a profile of you
Identify your interests and what you want to achieve from the mentoring platform.
Match mentors to mentees
Analyse and prepare statistics based on the users of the platform

We collect this data under the lawful basis of consent, which we collect from you when you sign up to the platform. We also rely on the lawful basis of legitimate interest where necessary such as the analysis and statistical reporting.

You the right to access, erase or correct information held about you in certain circumstances. You have the right to request a copy of any personal information that we hold about you. Should you wish to exercise any of these rights then please contact the Data protection Team at DPA.officer@three.co.uk (for 3 UK staff) or Fergal.crehan@three.ie (for 3 Ireland staff)

Sharing your Information

To fulfil the Mentoring scheme we use a platform provided by a third party called Chronus. Chronus only collect your data based on the explicit instructions of Three and act as a processor on behalf of Three.

We may also disclose your information to other members of our group of companies, and to our or their partners, associates, agents or subcontractors and to possible successors to our business. Some of these parties may reside outside of the UK or EEA. If we do this your information will be treated to the same standards as adopted in the UK and EEA. We may also disclose your information for the prevention and detection of crime and to protect the interests of Three and other users or if required to do so by law or other binding requests.

Security and Data Retention

Three understands that your Information is important to you; therefore, it takes appropriate organisational and security measures to safeguard and secure the information it collects from loss, misuse, unauthorised access, disclosure, alteration, and destruction, in compliance with applicable law and regulations

Three will retain your personal information for as long as it is necessary for the mentoring programme or for legal requirements.

The information that is collected is retained for a period of 12 months after you have left the mentoring platform.

When interacting with Three we use Cookies on our websites. For more information on our cookies please see our cookies policy http://www.three.co.uk/privacy_safety/about_cookies and https://www.three.ie/legal/privacy/cookie-policy.html

Contacting us

If you have any questions or complaints regarding this policy please contact us at dpa.officer@three.co.uk or fergal.crehan@three.ie

Chronus Privacy Notice

Last Updated: April 28, 2025

Chronus LLC and its affiliates (“we” or “our”) provide access to our software-as-a-service offerings, including mentoring and connection communities software, on the Chronus platform (the “Services”) to individual users (“you”) at the direction of companies and organizations (“Organizations”), which are our customers.

At Chronus, we value your privacy. This Privacy Notice (“Notice”) sets out how your personal information may be collected or used by us in order to provide the Services. We recognize that privacy is an ongoing responsibility, and as such, we may update this Notice from time to time as we undertake new privacy practices.

The Services may include links, integrations or references to non-Chronus websites, services, materials, or entities (collectively “Third-Party Services”). This Privacy Notice does not apply to Third-Party Services. Third-Party Services are subject to their own privacy policies and you are encouraged to review such policies prior to use of any Third-Party Services.

Role of Chronus: With respect to the Services, Chronus is a “data processor” or “service provider” under applicable privacy laws. This means that when you use our Services, we are processing (using) your personal information at the instruction of your Organization, who determines the means and purposes of processing your personal information as the “data controller” or “business”. This Notice sets out our standard privacy practices for the Services. As the “data controller”, your Organization may instruct us to treat your personal information differently than described in this general Notice. Please reach out to your Organization for more information.

How we Process your Personal Information: We collect your personal information from your Organization or directly from you. In order to provide the Services to you, we generally collect personal identifiers (such as your name, email and IP address) along with any additional personal information requested by your Organization or voluntarily provided by you or your Organization. We may also “passively” collect your personal information using various technologies, such as cookies, web beacons, and navigational data collection (clickstream, log files, server logs, etc.). We will only process your personal information for the purposes of providing you with the Services (including for the purposes of building, improving and securing our Services), or as otherwise instructed by you, your Organization or as required by applicable law.

We do not sell your personal information. We also do not share your personal information for targeted advertising purposes as defined under CPRA. If this changes, we will provide you with the right to opt out.

We only share your personal information with third parties who facilitate the provision and support of our Services (“subprocessors”) or as otherwise requested by you. We require our subprocessors to enter into written agreements obligating them to comply with applicable data protection laws and implement appropriate security measures to protect your personal information. We may also disclose your personal information to governmental authorities and other third parties where required by law or a valid legal process.

Unless otherwise instructed by your Organization, we (including our subprocessors) will only process or transfer your personal information as necessary to provide and support the Services. This may include transfers to countries outside the EEA, which may not provide the same level of data protection as your home country. Where required, we rely on approved data transfer mechanisms, such as Standard Contractual Clauses (SCCs) or adequacy decisions, to ensure your personal information remains protected. We will comply with all applicable laws relating to the processing and international transfer of personal information.

Security and Data Retention: To help protect the privacy of your personal information, we maintain appropriate and industry standard physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your personal information. Where required by applicable law, we keep your personal information for no longer than necessary for the purposes for which it is processed. The length of time for which we retain your personal information depends on the purposes for which we collected and used your personal information and/or the laws applicable to your personal information.

COPPA Requirements: We do not direct or knowingly advertise the Services to individuals under the age of thirteen.

Data Subject Requests, Questions and Complaints: You may have additional “data subject rights” under applicable laws (such rights may include, but are not limited to, the right to access and rectify your personal information, the right to request additional details about how we use your information, the right to request that we delete, make portable or stop processing your personal information, the right to contact your data protection supervisory authority and the right not to receive discriminatory treatment from us based on your election to to exercise your applicable data subject rights). Your Organization is responsible for exercising these rights (should they apply). Please contact your Organization if you wish to learn more.

If you have any other questions or concerns related to how your Organization is processing your personal information, please contact your Organization. If you have questions or concerns related to how we at Chronus process your personal information, please contact us at: legal@chronus.com