Privacy is important. We have measures in place to keep the personal data we hold safe and secure.
This policy will inform you as to what personal data we process in order to fulfil our obligations to our clients and others, what we use personal data for, what our lawful basis is and most importantly your rights.
We collect and have access to information about:
- visitors to our website, via Web server logs and Google Analytics
- visitors to many of our clients websites, via Web server and Google Analytics
- contact made with us by our clients, suppliers and our broader network
- for some clients, we are direct contacted by their clients, suppliers and their broader network
- visitors and contact via our social media such as Facebook and Twitter
- visitors and contact to the social media of some of our clients
- email contacts where we use encryption to protect email traffic. If your email service does not support encryption, you should be aware that any emails we send or receive may not be protected in transit. We also monitor emails sent to us, including file attachments, for viruses or malicious software
We use this information to:
- administering our relationship with our clients, providing requested services, and responding to enquiries
- carrying out our client requested instructions on their systems and data which does at times include personal data
- meeting legal or other regulatory obligations imposed on us
We process information relevant to the above reasons/purposes. This may include:
- personal and family details
- goods and services
- financial details
- employment and education details
We process personal information about:
- customers and clients
- advisers, consultants
- complainants, enquirers
Data security and sharing:
- We sometimes need to share the personal information we process with the individual themself and also with other organisations.
- We continually consider our own data management and where appropriate update our records and processes to keep personal data we hold and manage, safe and secure. This includes reviewing those we work with, such as domain name registration companies, Website hosting companies (servers), programmers, designers, software and hardware providers, our accountant etc. All work to consider and protect private and other data.
- We do not sell or otherwise share data to anybody that is not directly required to deliver the services for which the data was provided.
- We secure the data we have using systems that have password layers, firewalls and security software.
- Where we have personal data, such as, but not limited to, that of individuals in the organisations we deal with, we assume (implied consent) acceptance of our need to hold this information for so long as we are dealing with these organisations. If we stop dealing with these organisations, we will only retain information required by statute, such as for our company tax returns.
- We fully understand that GDPR requires that we announce, to those effected breaches within 72 hours of discovering them.
- This would be to those affected, and the Information Commissioners Office (ICO).
- We would then follow procedures in accordance with the ICO’s guidance.
- You’re entitled to request access to a copy of the personal data that we hold on you. If you would like to make a request for your information, please contact email@example.com.
- We may apply the GDPR right of a fee for second and subsequent requests from the same data subject.
- You are entitled to ask for any data we hold on you, to be deleted, but please take note that we are entitled to hold personal data where we have a sensible, legal and contractual reason, such as the ability to send out an invoice or complete our tax returns. This might mean that we do not delete all the data we hold.
If you have any questions about how we use the data we have and the data we have access to, please email firstname.lastname@example.org.
This policy was last updated on the 21st of May 2018