This privacy policy is a privacy notice detailing our personal data collection and processing activities to provide a clear and transparent overview of our use of personal data. Personal data is any information (including opinions and intentions) which relates to an identified or Identifiable person.

 

Personal data is subject to certain legal safeguards and other regulations, which impose restrictions on how it may be processed by organisations and It is our policy to act in accordance with all applicable data protection laws and regulations and in line with the highest standards of ethical conduct.

 

We will also make sure our use of personal data is fair and transparent and will not process personal data in a manner which is misleading or detrimental to any individuals (our data subjects). We will also only collect and process the personal data we need to complete our operational activities with the aim of only holding the minimum personal data we require at all times. We will also make sure we review all personal data held on an ongoing basis to ensure it is still required and accurate.

 

Applicability and Scope of this notice

This notice applies to personal information collected from the following sources:

  • Visitors to our web site or other online resources we control including social media pages;
  • All enquiries and communications to our company;
  • Business partners and associated entities who may collect information on our behalf;
  • Customers, clients, suppliers and all of those who we engage with for operational activities;
  • Our employees, sub-contractors or anyone working on our behalf.

 

Information we may collect and Process

In order to complete our business operations, we may need to collect personal data which we may collect from you directly or from a third party and this data includes the following:

  • Contact details including name, address, email and telephone numbers;
  • Communications content: including all correspondence you send directly to us or any of our representatives. We may also receive communications from third parties with your personal data;
  • Web site information including IP address, web browser and operating system details, Internet Service Provider, location, cookies and other tracking information.
  • Web site comments – when visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
  • Web site Cookies – If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
  • Web site embedded content from other websites – Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

 

How we use this Information and why

We use the personal information we collect to provide our services as detailed in this privacy notice. The activities that may require collection and processing of personal data are as follows:

  • Providing our business services to customers and clients;
  • Purchasing services from suppliers and sub-contractors;
  • Marketing our services, collecting feedback from customers and completing market research;
  • Completing internal business operations including internal auditing, staff training and appraisals and other operations required in accordance with our ISO compliant management systems;
  • Monitoring and analysing traffic and performance of our web site and reviewing and analysing web site visitors.

Lawful Basis – we will only collect and process personal data where we have a clear reason and lawful basis. The lawful basis is dependent on the data processing activity and at least one of the following will apply:

  1. Consent – where we have your consent to process your personal data;
  2. Contract – the processing is necessary as part of our service provision;
  3. Legal obligation – the processing is necessary for legal reasons;
  4. Vital interests – the processing is necessary to protect life;
  5. Public task – the processing is for a task in the public interest;
  6. Legitimate interests – the processing is necessary for our legitimate interests without infringing your rights as an individual.

 

What we do with this Information

In completing our services, we may be required or obligated to share your personal data with other entities including;

  • Trading partners including service providers;
  • Sub-contractors, suppliers and other operatives working on our behalf;
  • Our legal advisors;
  • Our IT support providers including web hosting, analytics and cloud providers;
  • Our software providers including operational, sales and accounts software;
  • Government agencies, regulators, law enforcement or other third parties where required for legal or regulatory compliance;

We will never sell or share personal data with any third parties who might use it for any purpose not associated with the provision of our services.

 

How we store and protect this information

The personal information we collect is stored securely on our company computer systems and also in secure cloud services provided by approved providers based in the UK / EEA and we will not actively transfer your personal data internationally without consent.

 

Protecting the confidentiality, integrity and availability of personal data from all threats whether internal, external, deliberate or accidental is a priority. We will ensure we have implemented appropriate controls to secure personal data using physical, procedural, staff and technical security measures.

 

Data Retention – we will only hold personal data as long as we need it and we have systems in place for the management of and retention of data.

 

Your Rights

You have rights relating to your personal which we hold including the right to be informed about our processing of your personal data, as covered by this privacy notice, and the right to request a copy of the personal information we hold about you as well as various other rights as follows:

    1. The right to be informed;
    2. The right of access;
    3. The right to rectification;
    4. The right to erasure;
    5. The right to restrict processing;
    6. The right to data portability;
    7. The right to object;
    8. Rights in relation to automated decision making and profiling.

Not all of these rights will apply to all personal data we hold and process and will be dependent on the category of data and our legal basis for holding this data. If our legal basis is consent you have the right to withdraw consent at any time.

 

Data Subject Access – please contact us if you wish to request a copy of your personal information or to exercise any other rights with regards your personal data.

 

We will respond to all data subject access requests and will do so within one month and in line with all legally mandated time limits.

 

There is no charge for responding to access requests unless your request is deemed to be unfounded or if you have made numerous requests which we consider to be excessive, in which case, we may notify you of a reasonable admin fee to be charged for completing the request.

 

You also have the right to complain to the appropriate authority for data regulation if you are unhappy with how we have used your data.

 

Review and update of this Policy

We may review and update this privacy notice at any time and the dates indicated below detail when this policy was last reviewed and the next time it will be formally reviewed if not updated at an earlier time.

 

If you have any comments or questions about this privacy notice please contact us using the details at the start of this policy.