Policy key definitions:
Under the GDPR (General Data Protection Regulation) we control and process any personal information you provide to us using the following lawful basis. Unless otherwise defined, we only process your personal data for accounts & records, advertising, marketing and PR purposes.
When you contact us by email or telephone your information will be used to reply to your message or to provide you with the information you have requested.
When you use the contact form on our website we collect the following information from you:
We will reply to any emails or contact form entries in order to answer any questions, provide information or to organise a meeting. We do not hold any details after the initial enquiry is met unless the enquiry becomes a project.
In the case of a project we may request further information e.g. an address and further details regarding your project.
Where we send out marketing emails we use the legitimate interest lawful basis under the GDPR. If you want to unsubscribe from receiving marketing emails please email us at email@example.com to ask you be removed. We will continue to process your information until you withdraw consent or it is determined your consent no longer exists.
For tax purposes the law requires us to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they stop being customers.
If, as determined by us, the lawful basis upon which we process your personal information changes, we will notify you about the change and any new lawful basis to be used if required. We shall stop processing your personal information if the lawful basis used is no longer relevant.
We do not collect any sensitive data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, genetic and biometric data, criminal convictions and offences.
We may have to share your personal data with the parties set out below:
We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.
Under the GDPR your rights are as follows.
You can read more about your rights in detail here.
You also have the right to complain to the Information Commissioners Office (ICO) if you feel there is a problem with the way we are handling your data. We would ask you to contact us in the first instance if there is an issue to give us an opportunity to rectify it. You can email us at firstname.lastname@example.org.
We handle subject access requests in accordance with the GDPR.
DYNSRV – used for load balancing to manage server traffic demand.
Our methods meet the GDPR compliance requirement.