Data Protection Principles
Personal data must be processed in accordance with six ‘Data Protection Principles.’ It must:
- be processed fairly, lawfully and transparently;
- be collected and processed only for specified, explicit and legitimate purposes;
- be adequate, relevant and limited to what is necessary for the purposes for which it is processed;
- be accurate and kept up to date. Any inaccurate data must be deleted or rectified without delay;
- not be kept for longer than is necessary for the purposes for which it is processed; and
- be processed securely.
We are accountable for these principles and must be able to show that we are compliant.
What information do we collect about you?
We collect information about you when you instruct us to provide advice; visit our website; subscribe to our newsletters or receive our publications; apply for employment with us; attend one of our seminars; and engage in business dealings.
What information do we not collect about you?
We do not require or process special categories of information relating to your racial or ethnic origin, political opinions, religious and philosophical beliefs, trade union membership, biometric data or sexual orientation.
However, we may process such data in relation to your employees, workers, agents or other third parties where you supply it to us for the purposes of providing advice or other related services. We will only use this type of information for the specific purpose you supplied it.
How will we use the information about you?
When you visit our website, a record of your visit is made. That data is used completely anonymously, in order to determine the number of people who visit our website and the most frequently used sections of the site. This enables us to continually update and refine the site. If you use any forms on the website to send an email to us, a record will also be made of your email address and your telephone number.
We may collect, hold, use and disclose the information collected as is necessary in the performance of our services to you or for complying with a legal obligation; or as part of our legitimate interests in marketing our services to existing clients and interested parties to grow our business.
We may therefore collect, hold, use and disclose the information collected to compile statistical data and to: maintain our database; develop/improve our website; respond to any email enquiries; notify you of any upcoming marketing, training or other events; provide you with publications; manage quality control; manage systems administration; attend to compliance issues; provide you or your organisation with advice; determine suitability for employment; and for other marketing purposes.
We may use the following third-party service provider to process and store your data:
We will not use or disclose your personal information for any other purpose which is not related to the above purposes without your consent, unless otherwise authorised, required or permitted under the laws of England and Wales.
If you no longer wish to receive information about our services, please send an email to (firstname.lastname@example.org) advising that you do not wish to receive further information.
Will we disclose your data?
We may disclose your personal information (or that of your employees, workers, agents or other third parties where you supply it to us for the purposes of providing advice or other related services) on a confidential basis to external service providers so that they can provide services such as financial or administrative services in connection with the operation of our business and the delivery of our service to you; and to any person (where necessary) in connection with their services, such as law enforcement, regulatory authorities, partners or advisors.
We require those service providers to keep your personal data confidential and secure and to protect it in accordance with the law and our policies. They are only permitted to process your data for the lawful purpose for which it has been shared and in accordance with our instructions.
We do not send your personal data outside the European Economic Area. If this changes you will be notified of this and the protections which are in place to protect the security of your data will be explained.
How long will we retain personal data?
Personal data must not be kept for longer than is necessary for the purposes for which it is processed. Accordingly; we maintain a Data Retention Policy, available on request.
Access to your information and other rights
Under the GDPR and the Data Protection Act 2018 (DPA 2018) you have a number of rights with regard to your personal data.
Please contact us at email@example.com should you require more detail/wish to exercise your rights.
- The right to information about what personal data we process, how and on what basis as set out in this Privacy Notice.
- The right to access your own personal data by way of a subject access request. Identification will be requested for security.
- The right to correct any inaccuracies in your personal data.
- The right to request that we erase your personal data, however this would only be where we were not entitled under the law to process it or it is no longer necessary to process it for the purpose it was collected.
- The right to object to data processing where we are relying on a legitimate interest to do so and you think that your rights and interests outweigh our own and you wish us to stop.
- The right to object if we process your personal data for the purposes of direct marketing.
- The right to receive a copy of your personal data and to transfer your personal data to another data controller. We will not charge for this and will in most cases aim to do this within one month.
- With some exceptions, the right not to be subjected to automated decision-making.
- In most situations, the right to be notified of a significant data security breach concerning your personal data.
- In most situations we will not rely on your consent as a lawful ground to process your data. If we do however request your consent to the processing of your personal data for a specific purpose, you have the right not to consent or to withdraw your consent later.
- We want to make sure that your personal information is accurate and up to date. Please contact us to correct or remove information you think is inaccurate or out of date.
You have the right to complain to the Information Commissioner. You can do this by contacting the Information Commissioner’s Office directly. Full contact details including a helpline number can be found on the Information Commissioner’s Office website (www.ico.org.uk). This website has further information on your rights and our obligations.
Identification will also be requested for security.
This website uses Google Analytics, a web analytics service provided by Google, Inc. Google Analytics sets a cookie in order to evaluate your use of this website and compile reports for us on activity on the website. Google stores the information collected by the cookie on servers in the United States. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity. For further information visit www.aboutcookies.org or www.allaboutcookies.org.
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result.
How to contact us
The Directors, 4 Pocketts Yard, High Street, Cookham, Berkshire SL6 9SL
Tel: 01494 817193