We are GDPR Data Safe
Trading styles of GDPR Data Safe are
11, Syers Green Close,
Company number 8312680
This policy is applicable to the processing of personal information at all trading styles of Vince Carter. The purpose of this policy is to provide our current, former and potential customers (jointly referred to as "customers or "you") information, products, and services that support data protection compliance for your business. These products and Services include, consent and data management software, education courses, free assessments and Job placements. This policy is aimed at business professionals aged over the age of 18. We collect and use information about people who visit our website or contact us in other ways (as detailed below) this is carried out in accordance with data privacy laws.
Generally, we will process data on the basis of personal, contractual consent, or legitimate interest. You may withdraw your consent at any time at email@example.com further details are provided below on your. If we are processing on the basis of our need to achieve a legitimate interest, the nature of that interest is confirmed below.
If you use our enquiry form
We collect information via our enquiry form, we collect your name, email address and telephone number and your contact email address. In some circumstances we collect business data that may be considered to be personal data such as the name of your business and the type or legal status of your business. We need to collect this for the legitimate business purpose of processing your enquiry (we collect both email and telephone contact details in case we cannot reach you using one of these).
The form automatically creates a digital file for you in our Customer Relationship Manager (CRM) software, which is hosted by our hosting provider Heart Internet. The digital file is stored indefinitely. We may use the data to contact you in the future where we have a legitimate interest in doing so. you may ask for it to be deleted in accordance with your rights which are confirmed in the Information Access section below which describes how you can manage your personal information.
If you use our live call back service - form
If you email us
Any email sent to us, including any attachments, may be monitored by us for cybersecurity reasons. Email blocking software may also be used. GDPR Datasafe has a legitimate business interest in using your email address, and any personal data included in your message, to resolve and respond to any issues raised. Your email will be handled in line with our policies, depending on the nature of your enquiry.
We use our customer relationship platform to process all inbound emails, all outbound emails are sent through our email exchange Jango mail. All inbound and outbound emails are stored on the CRM system hosted by heart Internet. Jango mail store emails in in the EEA and sometimes the US. If the data is stored in the US it is done so under the EU-US privacy shield framework (which provides protections for an individual's personal data when it is transferred from the EU to the US). The data is stored indefinitely.
Emails sent to named individuals within GDPR Datasafe (firstname.lastname@example.org) will be stored on our systems indefinitely for the legitimate business purpose of resolving your enquiry and then checking how enquiries have been dealt with, but will not be processed for any other purposes.
If you visit any of our product websites
All of our trading styles (as listed above) use a third-party service, Google Analytics, to collect standard internet log information (your IP address, browser, and type of device) and details of visitor behaviour patterns (where you joined our site from, the path you take through our site and where you leave). We do this for the legitimate business purpose of monitoring the number of visitors to the various parts of the site and engagement levels, which in turn enables us to make improvements. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
If you join our mailing lists
If you use our mailing lists, we will collect your name and email address if you provide this and any other personal information that you volunteer to us. This is used for the legitimate business purpose of providing the information you have requested.
The form automatically creates a digital file for you in our Customer Relationship Manager (CRM) software, which is hosted by our hosting provider Heart Internet. The digital file is stored for a period of up to six months from the last email sent to you from our mailing lists.
In all cases, the servers where your personal data is stored and processed are located in the European Economic Area.
Should you register for any GDPR Data Safe event or download any 3rd party content, we may pass your contact information to 3rd parties who either a) are partners of the event in question or b) are providers of the content you have downloaded. In the process of registering for an event or accessing content, you will be reminded of the fact that your data will be shared with named 3rd parties and specific consent will be requested.
We use your personal information to send you an email or communicate by text or telephone to communicate the product, service or report that you have requested
If you opt-in (Affirmative action) to join one of our mailing lists, we will use your personal data to operate your subscription to the mailing list you have chosen to join.
We will retain your personal data for up to six months after the last email sent to you from our mailing lists
We keep your personal information in line with our data retention policy dependant on the medium by which the data was provided, the details for each is mentioned above. This means that we will remove data which have collected directly from you from our systems if we haven't had any direct contact with you in line with the stated period. (this period typifies the maximum length of time that a contract could be in negotiation with us).
For data provided to us by our clients, we are governed by their data retention rules as specified in their privacy notices.
In certain circumstances, we have a statutory obligation to keep your personal information for a set period of time for example financial information (normally 6-7 years) for financial auditing purposes
We link our website directly to other sites. This privacy notice does not cover the links within our site linking to other websites and organisations. We encourage you to read the privacy statements on the other websites you visit.
In the event that this business is sold or integrated with another business your details may be disclosed to our advisers and any prospective purchasers' advisers and will be passed on to the new owners of the business. It is therefore intended that any consents given above or on the relevant pages will benefit any purchaser of our business.
Please be sure you are aware of these policy terms while you use our site. should our terms change these will be shown on this page, and we may place notices on other pages of the web site, so that you may be aware of the information we collect and how we use it at all times.
Access: Under data privacy laws, you have rights to request access to your personal data.
It's important for both you and us that your personal information is correct. If you believe this not to be the case and you are registered on this website, then please log-in and update your details in the "my login" section. If you do not have a website account with us then please e-mail the amended details to email@example.com and we will contact you to verify your identity.
You have the right to request a copy of the information that we hold about you.
If you would like a copy of some or all of your personal information, please email or write to us using the contact details in this policy.
We will get in contact to verify your identity and If we do hold information about you we will: give you a description of it
The basis of our processing will be under the basis of "Personal consent" or "contractual obligation" dependant on the consent requested or service for which we you have requested that we are holding your data for. In simpler words we need and use your personal information for providing the services you have requested or have contracted with us.
However, when we are communicating with you regarding products and services you may be interested in receiving from us or our clients in the future our basis for processing is our legitimate interest (As we are communicating with you in the context of your corporate activity and identity and not in relation to your private life we believe this to be reasonable and fair behaviour in the context of our audience. Of course, you will always have the opportunity to object as detailed below.
We do not process personal data for the purpose of automated decision making
From time to time our suppliers may store and process your data in the United States.
When this occurs, your personal data is safeguarded by our policy of using suppliers who hold a current Privacy Shield certification for their US- based operations
Should you wish to not receive information from us in future then you can quickly action this by clicking the unsubscribe link you will find on our marketing e-mails or by sending your details to firstname.lastname@example.org and we will quickly suppress your data.
Should you further wish for us to remove your information entirely (and assuming we have no other obligation to keep it) then please let us know and we will do this – but we would encourage you to let us use it for suppression purposes only.
Alternatively, you can write to us at:
GDPR Data Safe,
11, Syers Green Close,
GDPR Data Safe tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints very seriously. We encourage you to bring make suggestions on how we might improve our processes and procedures and will immediately review matters that you may consider to be misleading, unfair or inappropriate.
If you have a complaint, please contact our Data Protection Officer at email@example.com who will deal with your request promptly.
Or write to the data protection officer at the address above.
Please address your correspondence to Vince Carter who is the company data protection officer.
If you are still not satisfied with the way your complaint was handled, you can refer your complaint to UK Information Commissioner's Office. https://ico.org.uk/concerns/
GDPR Data Safe are registered with the information Commissioner's Office, ICO Registration Number: ZA191748