We are committed to protecting the privacy and security of the personal information you trust us with. This information includes the data we control about you as an individual, but also the data we process on your behalf that refers to other people for which you have responsibility, such as your staff and your family.
This privacy statement describes how we collect and use personal information during and after your working relationship with us, in accordance with the General Data Protection Regulations (GDPR), as updated from time to time.
Our promise to you
We will comply with GDPR, which requires that the information we hold about individuals must be:
- Fairly and lawfully collected and processed.
- Processed for specific purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
- Relevant to the purposes we have told you about and limited only to those purposes.
- Accurate and kept up-to-date.
- Only kept for as long as it is necessary to achieve the purposes described and to meet any relevant regulations associated with those purposes.
- Processed in line with your rights to control how the information is processed and used.
- Kept, transferred and processed securely.
What personal data will we collect from you?
We may collect personal data when you provide it to us with your consent by filling in contact forms or corresponding with us by phone or email, or where it is provided to us in the course of our legitimate interests in order to provide services to you. The purpose of our processing will always be made clear to you at the time of collection, and where appropriate you will be given the opportunity to specify how personal data is to be gathered, used and destroyed.
Some examples of the types of data we may collect are:
- Personal contact details including name, gender, title, email, telephone number and address.
- Company and employment details.
- Legal status.
What information is automatically collected?
We may also collect personal information as a result of the cookies we use on our website; which are intended to enhance the experience that you get from seeking information online. This information includes:
- Your Internet Protocol (IP) address, which Is the address you have when connected to the internet, your time zone, your browser information, operating system and platform;
- More technical information related to your behaviours online, including length of visit, interactions with web pages and mouse/cursor movements.
How will we use your personal data
We will only use your personal data when legally permitted. The most common uses of your personal data are:
- Where we need to perform the contract between us
- Where it is necessary for our legitimate interests
- Where we need to comply with a legal or regulatory obligation
We don’t use automated decision-making when we process personal data. Where possible and suitable we will anonymise the data for situations where personally identifiable information is not required for the purpose intended.
Sharing of Personal Data
We will not share your personal data with any other organisation without your permission except where we are under an obligation to do so. We do not sell, rent or lease personal data under any circumstances.
How do we store your data?
Information that you provide to us which is stored on IT systems is housed and maintained on our site. These IT systems are provided by a third party company that is responsible for data confidentiality, integrity of the data stored and system availability to ensure that we can deliver the services to you that you require when you require them. Regular backups are stored both on site and in a secure cloud based location.
We will do our best to protect your data when being transmitted, although we cannot guarantee security due to the inherent risks associated with the internet and the lack of control that we have on third party email systems.
If you suspect any unauthorised access, misuse or loss of your data please contact us immediately using our contact details and we will respond to the incident in accordance with our obligations to the Information Commissioners Officer (ICO). If we are made aware of any incident or breach that may potentially affect the data we hold on your behalf then we will inform you of any implications as communicated to us.
We will only retain your data for as long as necessary to fullfil the purposes set out in this policy, including for the purposes of satisfying any legal, regulatory, or reporting requirements.
Transfer of data outside of the European Economic Area
Your data will not be transferred intentionally except where we are required to do so as a result of client activities, for example where we use third-party cloud-based services, or when asked to do so by you. When personal data is transferred, we ensure that appropriate legal and technical safeguards are in place.
Your rights with regard to access to your information
Subject to other legal obligations related to the services we provide, your rights under GDPR are to:
- Be informed of the data we hold and the processing being undertaken involving your data.
- Get access to your personal data. You can exercise this right by submitting a ‘data subject access request’, which enables you to receive a description and/or a copy of the personal data we hold about you.
- Request correction of the personal data that we hold about you.
- Request erasure of your personal information.
- Restrict (or expand on) the use of your personal data, including making changes to the uses that you agreed to at an earlier point in time.
- Be able to transfer your data to another party under your rights for data portability.
- Object to use or processing of your data for specific purposes, particularly where it is part of a broader data processing activity, or for such purposes as direct marketing.
If you wish to exercise any of your rights please contact us at the details given at the end of this privacy statement to request a copy of the information we hold.
Keeping your information accurate and up-to-date
It is important that the personal data we hold about you or on your behalf is accurate and current. Please keep us informed if your information changes during your working relationship with us.
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. Please note that in some cases, this may restrict the full functionality of our website and some features may not function as a result.
Our website hosting partner will set a single cookie for load balancing, this cookie does not contain any personally identifiable information.
3rd party services that we use on our site that may set cookies include the following. Please click the links before for our partner’s individual privacy policies & notices.
Contacting us about your data privacy
If you have a concern or complaint about our processing of personal data, please contact us:
By email: firstname.lastname@example.org
If you are not satisfied with our processing of personal data, how we have responded to your complaint about the processing of personal data, or you believe our processing of personal data is not in accordance with the law, you have the right to complain to the Information Commissioner’s Office (ICO) by calling +44 (0)303 123 1113, or visiting https://ico.org.uk/concerns/
Revisions to this policy
In the event that this notice is changed at any time, the date and nature of the change will be clearly indicated. In the event that the change has a material impact on the handling of your personal data, we will notify you.
Policy first published 28/02/2020. Last updated 28/02/2020.