PRIVACY POLICY

 

Contents

1     Introduction

2     The information we collect and when

3     How we use your information

4     Who we might share your information with

5     How we keep you updated on our products and services

6     Your rights over your information

7     How long we keep your information for

8     Giving your reviews and sharing your thoughts

9     Security

10       What happens if our business changes hands?

11       Changes to Our Privacy Policy

12       How to contact us

1      Introduction

The DPO Centre Ltd (referred to as “We, “Our” or “Us”), is committed to protecting the privacy and security of your personal information. We take care to protect the privacy of our clients that communicate (online or offline) with us, at events, over the phone, via our website, helpdesk and social media platforms.

As The Controller of the personal data we have therefore developed this privacy policy to inform you of the data we collect, what we do with your information, what we do to keep it secure as well as the rights and choices you have over your personal information.

Throughout this document we refer to Data Protection Legislation which means the Data Protection Act 2018 which incorporates the General Data Protection Regulation (GDPR), the Privacy and Electronic Communications (EC Directive) Regulations 2003 and any legislation implemented in connection with the General Data Protection Regulation which is the governing legislation that regulates data protection across the European Economic Area (EEA). This includes any replacement legislation coming into effect from time to time.

2      The information we collect and when

We only collect personal information that we know we will genuinely use and in accordance with the Data Protection Legislation. The type of personal information that we will collect on you, and you voluntarily provide to us on this website, enquiry form or other contact methods includes:

  • Your name
  • Telephone number(s)
  • Email address
  • Survey responses
  • Cookies
  • IP address

 

We may, in further dealings with you, extend this personal information to include your address, purchases, services used, and subscriptions, records of conversations and agreements and payment transactions.

  • You are under no statutory or contractual requirement or obligation to provide us with your personal information; however, we require at least the information above in order for us to deal with you as a prospect or client in an efficient and effective manner.
  • The legal basis for processing your data is based on your specific consent/performance of a contract/compliance with a legal obligation or our legitimate interest that we will have requested/stated at the point the information was initially provided, therefore we will not store, process or transfer your data unless we have an appropriate lawful reason to do so.

3      How we use your information

 

Processing activity Lawful basis
To contact you, following your enquiry, reply to any questions, suggestions, issues or complaints you have contacted us about Legitimate interest
Fulfilling our contract to provide you with the agreed service Performance of a contract
Make available our services to you Legitimate interest
Process your orders Performance of a contract
Take payment from you or give you a refund and associated financial accounting Performance of a contract
For statistical analysis and to get feedback from you about our service. We occasionally may invite you to participate in a case study following an engagement.

 

Legitimate interest
To power our security measures and services so you can safely access our website

 

Legitimate interest
Help us understand more about you as a customer, the products and services you consume, so we can serve you better;

 

Legitimate interest
Contact you about services from us Legitimate interest
Marketing/analytics from our website using cookies Consent

 

4      Who we might share your information with

We may share your personal data with other organisations in the following circumstances:

 

  • If the law or a public authority says we must share the personal data;
  • If we need to share personal data in order to establish, exercise or defend our legal rights (this includes providing personal data to others for the purposes of preventing fraud and reducing credit risk); or
  • From time to time, employ the services of other parties for dealing with certain processes necessary for the operation of the Website. However, all the information we share will be collected and anonymised, so neither you nor any of your devices can be identified from it.
  • reCAPTCHA from Google helps protect websites from spam and abuse. A “CAPTCHA” is a test to tell human and bots apart. It is easy for humans to solve, but hard for “bots” and other malicious software to figure out. By adding reCAPTCHA to our site, we can block automated software while helping us welcome real users like you.

First, the reCAPTCHA algorithm will check to see if there’s a Google cookie placed on the computer being used. Then, an additional reCAPTCHA-specific cookie will be added to your browser, and a complete snapshot of the browser window at that moment in time will be captured, pixel by pixel.

Some of the browser and user information collected at this time includes:

  • All cookies placed by Google over the last 6 months,
  • How many mouse clicks you’ve made on that screen (or touches if on a touch device),
  • The CSS information for that page,
  • The date,
  • The language your browser is set to,
  • Any plug-ins you have installed on the browser, and
  • All Javascript objects
  • The data you supply via the form

More information can be found at Google reCAPTCHA and Google’s Privacy Policy.

  • We will not share your information with any third parties for the purposes of direct marketing.
  • We use data processors who are third parties who provide elements of services for us. We have Data Processor Agreements in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us or further sub-processors who must comply with our Data Processor Agreement. They will hold your personal data securely and retain it for the period we instruct.

5      How we keep you updated on our products and services

We will send you relevant news about our services in a number of ways including by email, but only if you have previously consented to receive these marketing communications. When you register with us we will ask if you would like to receive marketing communications, and you can change your marketing choices online, over the phone or in writing at any time. If you wish to amend your marketing preferences, you can do so by email or by calling us on the number displayed on our website.

6      Your rights over your information

6.1.1      The right to be informed about our collection and use of personal data;

You have the right to be informed about the collection and use of your personal data. We ensure we do this with our internal data protection policies and through our external website policy. These are regularly reviewed and updated to ensure these are accurate and reflect our data processing activities.

6.1.2      Right to Access Your Personal Information

You have the right to access the personal information that we hold about you. This is sometimes termed a ‘Subject Access Request’. If we agree that we are obliged to provide personal information to you (or someone else on your behalf), we will provide it to you or them free of charge and in most instances do so within 30 days from when your identity has been confirmed.

We would ask for proof of identity and sufficient information about your interactions with us that we can locate your personal information.

If you would like to exercise this right, please contact us as set out below.

6.1.3      Right to Correct Your Personal Information

If any of the personal information we hold about you is inaccurate, incomplete or out of date, you may ask us to correct it.

If you would like to exercise this right, please contact us as set out below.

6.1.4      Right to Stop or Limit Our Processing of Your Data

You have the right to object to us processing your personal information for particular purposes, to have your information deleted if we are keeping it too long or have its processing restricted in certain circumstances.

If you would like to exercise this right, please contact us as set out below.

6.1.5      Right to Erasure

You have the right to have personal data erased. This is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances.

6.1.6      Right to Portability

The right to portability gives you the right to receive personal data you have provided to a controller in a structured, commonly used and machine readable format. It also gives them you the right to request that a controller transmits this data directly to another controller.

If you would like to exercise this right, please contact us as set out below.

6.1.7      For more information about your privacy rights

The Information Commissioner’s Office (ICO) regulates data protection and privacy matters in the UK. They make a lot of information accessible to consumers on their website and they ensure that the registered details of all data controllers such as ourselves are available publicly. You can access them here https://ico.org.uk/for-the-public.

You can make a complaint to the ICO at any time about the way we use your information. However, we hope that you would consider raising any issue or complaint you have with us first. Your satisfaction is extremely important to us, and we will always do our very best to solve any problems you may have.

7      How long we keep your information for

We retain a record of your personal information in order to provide you with a high quality and consistent service. We will always retain your personal information in accordance with the Data Protection Legislation and never retain your information for longer than is necessary. Unless otherwise required by law, your data will be stored for a period of 7 years after our contract with you expires or 2 years after our last contact with you or some other identifiable action, at which point it will be deleted.

8      Giving your reviews and sharing your thoughts

When using our website you may be able to share information through social networks like Facebook and Twitter. For example, when you ‘like’, ‘share’ or review our Services. When doing this, your personal information may be visible to the providers of those social networks and/or their other users. Please remember it is your responsibility to set appropriate privacy settings on your social network accounts so you are comfortable with how your information is used and shared on them.

9      Security

Data security is of great importance to The DPO Centre and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure your collected data.

We take security measures to protect your information including:

  • Limiting access to our buildings to those that we believe are entitled to be there by use of passes;
  • Implementing access controls to our information technology
  • We use appropriate procedures and technical security measures (including strict encryption, anonymisation and archiving techniques) to safeguard your information across all our computer systems, website and offices.

10    What happens if our business changes hands?

We may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of our business. Any personal data that you have provided will, where it is relevant to any part of our business that is being transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this Privacy Policy, be permitted to use that data only for the purposes for which it was originally collected by us.

11    Changes to Our Privacy Policy

We may change this Privacy Policy from time to time (for example, if the law changes). We recommend that you check this policy regularly to keep up-to-date.

12    How to contact us

If you would like to exercise one of your rights as set out above, or you have a question or a complaint about this policy, the way your personal information is processed, please contact us by one of the following means:

By email: dpo@dpocentre.com
By post: The Suffolk Enterprise Centre, 44 Felaw Street, Ipswich, Suffolk, IP2 8SJ

Thank you for taking the time to read our Privacy Policy.

 

The DPO Centre

 

This Policy was last updated on 30/10/2019