PRIVACY POLICY
(last amended 24th May 2018)
We are committed to protecting the privacy and security of personal data. This policy tells you how we will collect and use your personal data, and what you should expect in respect of the personal information about you that we have collected.
Our office address is Innovation Centre, St Cross Business Park, Newport, Isle of Wight PO30 5WB.
The person with responsibility for our data protection compliance is Paul Webb. He can be contacted via email at [email protected] or by telephone on 01983 550415.
We are the data controller of the personal data that we keep and use, and we are therefore responsible for making sure that our systems, processes and people comply with the relevant data protection laws in respect of that personal data.
We will act in respect of personal data to comply with the six principles of the General Data Protection Regulation (“GDPR”), which are:
- Lawfulness, fairness and transparency;
- Purpose limitation;
- Data minimisation;
- Accuracy;
- Storage limitation;
- Integrity and confidentiality.
You have rights in respect of how your personal data can be processed; these include the right to request:
- a copy of your personal data;
- that inaccurate data is rectified; and
- that your personal data is, in certain circumstances, erased or restricted.
You have the right to complain to the Information Commissioner, which you can do by contacting the Information Commissioner’s Office (ICO) directly. Full contact details, including a helpline number, can be found on the ICO website (www.ico.org.uk). This website also has useful information on your rights and our obligations. However, please raise any concerns or issues with us first so that we may deal with this as quickly as possible for you.
COLLECTION, USE AND DISCLOSURE OF PERSONAL DATA
We collect and process personal data collected and created in relation to design and marketing services. We will abide by our Privacy Policy when handling personal data, and we have appropriate data protection training and knowledge. Any breach of data protection will be taken seriously.
- Design and Marketing Services
COLLECTION:
We will collect personal information which may include names, web addresses, email and telephone number for our customers. This will be done for the purposes of the enquiry or work to be undertaken.
We will normally collect this personal data from you directly.
USE:
We will use the personal data to help us either supply a quotation or in reference to completing any agreed work for you.
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- in performance of a contract (the agreement to provide services); and/or
- where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
We may also use your personal data where it is needed for official purposes, although this is likely to be less common.
DISCLOSURE:
We may share personal data with third parties as is necessary in the provision of our services. In respect of all disclosures of personal data, we will only share the personal information which is necessary for the particular purpose for which it is provided, or where we have another legitimate interest in doing so, and we will ensure that the personal data is appropriately protected.
RETENTION PERIOD:
We will keep personal data only for as long as is necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting or reporting requirements. Normally, our retention period for personal data collected is a minimum of 6 years after the end of the year in which any services have ceased.
- Where we store your personal data
We principally store data, both electronically and on file at our office. We use a cloud based email provider (G Suite) and our website (website contact form data is only held online for a maximum of 30 days). For that reason, personal data may be transferred outside of the EEA by processors acting on our behalf. For transfers to countries not considered adequate by the EC, we will ensure that personal data is adequately protected, as required by the GDPR.
- Your rights
Under certain circumstances, you have the right by law to request:
- access to your personal data. This enables you to ask to receive a copy of the personal data that we hold about you and to check that we are lawfully processing it.
- correction of the personal data that we hold about you.
- erasure of your personal data.
- Object to processing of your personal data where we are relying on our legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- restriction of processing of your personal data.
- transfer of your personal data to another party.
- Links from our website
Our website may, from time to time, contain links to and from the websites of third parties that we permit to make such links. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. We recommend that you check these policies before you submit any personal data to these websites.
CHANGES TO THIS PRIVACY POLICY
Any changes we may make to our privacy policy in the future will be posted on our website, so please ensure that you are viewing the correct version.
Please contact us if you have any questions, comments or requests regarding this Privacy Policy.