GDPR and Data Protection Policy
We are committed to ensuring and protecting your data privacy at all times. Our Data Protection Policy provides a detailed explanation as to how we may use personal information provided to us or that we collect through legal means. Updates of this Data Protection Policy may occur from time to time, therefore you should peruse this Policy habitually.
What Information We Hold
We are a Business to Business (‘B2B’) organisation, and we hold business-related personal information that has been gathered in the course of day to day business transactions, principally through Sales and Marketing activity, i.e. business contact information.
This includes your name, your business address, your phone number(s) and email contact details such as is normally contained on a business card. We do not hold any personal data other than that which you have voluntarily provided, or is already available publicly, for example on your social media profiles. This can include data sourced from third parties that you have verified with them, and for which you have provided marketing consent, before it was acquired by us.
We do not sell directly to consumers or hold personal data for consumers.
Lawful Basis for Processing Data
We hold this personal data for legitimate business reasons, on the basis that you wanted us to know how to contact you, to engage in normal business transactions. We use it on the understanding that you exchanged your information with us with a reasonable expectation that we might use your data in a business context, where there is minimal or no impact on your personal privacy.
Where We Hold It
We hold our data in cloud-based systems:
- Mautic (https://mautic.org) – Contact Database
- Mailchimp (https://mailchimp.com) – Email based communications
- Zoho (https://www.zoho.com) – Sales Pipeline and Customer Relationship Management
- Kashflow (https://www.kashflow.com) – Accounting, Invoicing and Employee Payroll.
All are standard, unmodified applications available on a normal commercial basis.
What We Do With It
Personal data is kept within the business ‘context’ of your professional job role, and used for legitimate business purposes only, where there is minimal impact on your personal privacy:
- To provide Marketing information about our services, and to maintain your business’s awareness of our services and offerings
- To contact you as necessary for specific business transactions, for example to respond to communications received, and to send proposals or quotations for work
- To process Invoicing transactions to customers and to record receipt of payments
- To process Payroll transactions and provide statutory information regarding employees to government agencies, principally HMRC, in accordance with legal requirements.
Your data is updated as and when we become aware of a material change to the data that we hold, for example a new phone number or change of business details.
From time to time, we may contact you to verify your data and to ensure continued opt-in to communications from us. Such communications will contain clear Opt In / Opt Out capabilities.
Updating Your Data
If you wish to check the data that we hold, or to update your data, please email us at firstname.lastname@example.org with the subject line: “GDPR – Data Validation Request”. We will process your request as soon as possible.
You may opt out from our email communications at any time by selecting the ‘Unsubscribe’ option contained within the email. If you cannot see an unsubscribe option, please email us at email@example.com and we will process your request as soon as possible.
We are reliant on our third party service providers and their security policies to maintain the security of your data. If we should become aware of a data breach, we will inform you as soon as is reasonable to do so and work with you to take all reasonable measures to correct the breach and secure your data.