Last updated: March 2023
Previous Version: March 2022
This website is owned and operated by Data Compliant Ltd, a private limited company registered in England and Wales under company number 8850647, and our registered office is at 22 Friars Street, Suffolk CO10 2AA. We are registered with the Information Commissioner’s Office as a data controller, registration number: ZA162251
We are committed to ensuring that your information is secure. Your information will be held in a secure environment, and access to it will be restricted according to the “need to know” principle. To prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and protect the information we collect online. We use state of the art technology for processing and storing data, and data transfers , including encryption, and access control. Your personal data is processed with confidentiality and integrity.
We process the personal data of customers, prospects, enquirers, suppliers and workers. We may collect, store and use the following personal information about you which you provide to us:
- via the telephone, the website, email, SMS, the post, or face to face
- when subscribing to our e-newsletter
- when providing us with your business card
- when entering competitions, surveys or prize draws
- when applying to work for us
The data you provide us includes only what we need to provide the service, product or information you have requested, and includes:
- Name and contact information including email address and telephone number
- Information relating to the services we have provided
- Information relating to the services you have provided to us
- Financial details for invoicing
- Information relating to customer surveys or offers
- Work experience and interview notes when you apply to work for us
- Any other personal information that you choose to send us
- User name, email address and log-in details for your employees who access our LMS
We collect information from your computer and about your visits to and use of this website. This includes collecting unique online identifies such as IP addresses, which are numbers that uniquely identify a specific computer or other device on the internet. Please see our Cookies section for more details.
Legal Basis for Processing
To provide you with services, and to deal with enquiries and requests about them.
To contract contract with you to help us provide or administer our services.
The processing is necessary to meet contractual obligations into which you have entered as a customer, supplier or worker. In other words, we use your personal information to fulfil the services you have asked us to provide, or which we have asked you to provide.
To keep you informed and updated on relevant products and services in which you may be interested.
To maintain records of current, past and potential clients, suppliers and workers.
For internal administration purposes, including management of tasks and communication.
To improve our products and services.
For marketing research purposes, conducting customer satisfaction surveys and responding to your website visits to improve our services.
To invite you to be a guest speaker or sponsor one of our events or webinars.
To provide you with useful data news and information by post and email.
To maintain your contact preferences.
To administer our website and keep it secure.
To provide you with Data Compliant e-newsletters.
For marketing purposes such as prize draws and promotions.
For our legitimate business interests. We have conducted legitimate interest assessments in which our interests and those of our clients, suppliers, workers, business contacts and prospects are balanced.
For sending e-newsletters to sole traders, small partnerships, and private individuals.
We only send e-newsletters to those who have requested them on the legal basis of Consent.
We shall keep your personal data within Data Compliant and our trusted third parties except where disclosure is required by law, for example to government bodies and law enforcement agencies.
We do not sell your data to any other company. We may transfer your data to the following data processors who act under our instructions, and with whom we have appropriate service and data processor agreements in place, in compliance with relevant data protection laws:
- Workers and associate consultants who deliver our services
- Third parties who provide a service to us:
- Microsoft who provides our office and email systems
- Sharefile who hosts our network
- Google who provides our website tracking and statistical services
- Click-up, who provides us with a project managment platform
- Kallidus, who hosts our online training LMS
- Mailchimp, who distributes our emails
Your personal data may be stored, processed, and transferred outside the United Kingdom (UK) or European Economic Areas (EEA) so that we can use your personal data as described in this policy. Where this is the case, we will make sure that any transfers of your personal information from one country to another comply with those data protection and privacy laws which apply to us. When transferring personal information outside the UK and EEA, we will:
- include standard data protection clauses approved by the EU and ICO into our contracts with those third parties.
- ensure that the country in which your personal information will be handled has been deemed "adequate" by the UK and/or European Commission
All personal data will be held in accordance with our company retention and deletion policy. We only keep your personal information for as long as we need to, so that we can use it for the reasons described above. Where your information is no longer required or is no longer relevant, we will ensure it is disposed of securely.
- To make sure that you do not receive marketing from us after you have told us to stop sending it, we need to keep a record of that instruction with your contact details. We shall hold that information until you tell us otherwise.
- CVs and interview notes from unsuccessful applicants will be held for 6 months after notifying you that you have not been successful.
- Where necessary, we shall keep your personal data for as long as required to do so by law; and where required to establish, exercise or defend our legal rights.
Under the DPA 2018 and the UK GDPR, you have the right to:
- Access your personal data by making a subject access request: You have the right at any time to ask us what personal information we hold about you, and to ask us to update, amend or delete any data that is incorrect or out of date. To protect your privacy and security we may need to verify your identity before disclosing or deleting your data.
- Rectification, erasure or restriction of your information where this is justified: The accuracy of your personal data is important to us. You can rectify/update your personal data, including your address and contact details at any time. If you find any inaccuracy in your data at any time, we will delete or correct it promptly at your request. Proof of identity may be required in some circumstances.
- Object to the processing of your information where this is justified: You have the right to ‘block’ or suppress processing of your personal data. However, we will retain just enough of your personal data to ensure that the restriction is respected in the future. You have the right to opt out of marketing promotions at any time. Every email we send you contains a link which you may click to unsubscribe.
- Withdraw consent: Where our processing of your personal data is based on your consent, you have the right to withdraw that consent at any time.
If you wish to exercise any of these rights, or to request details of personal information which we hold about you, please write to Data Compliant Ltd, 22 Friars Street, Sudbury, Suffolk, CO10 2AA. or email firstname.lastname@example.org
Contacting the Data Protection Regulator
If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law you have the right to make a compliant to the data protection regulator. If you wish to lodge a complaint or seek advice from a supervisory authority please contact the Information Commissioner’s Office (ICO). The ICO is the UK's independent body set up to uphold your rights to data privacy, and can be contacted at The Office of the Information Commissioner, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF. Tel: +44 (0) 01625 545 745 Website: www.ico.org.uk
- View "Private Browsing" settings and managing cookie settings in Firefox.
- View "Incognito" and managing cookie settings in Chrome.
- View "InPrivate" and managing cookie settings in Internet Explorer.
- View "Private Browsing" and managing cookie settings in Safari.