Last updated: 24th July 2020
This policy applies to all the personal data we process regardless of how it was captured by electronic means, paper records, in person or via social media and how that data is stored or whether it relates to past or present customers, supplier contacts, shareholders, website users or any other Data Subject.
We are 100% committed to protecting your personal information and we shall always be transparent with you about how we are using your details. This document outlines how we do this, and regardless of the personal data we hold we shall process your personal data in full accordance the EU General Data Protection Regulation GDPR and the UK Data Protection Act 2018. We will be open about what information we collect, why we need it, and how we intend to use it. This document explains how we obtain, collect, process and store information about you, if we share with any third parties and details of your rights.
Declaration Limited, is a registered company in England & Wales with company number 04022930. Full business contact information is at the end of this policy.
Declaration Limited have core beliefs regarding your data:
- We will never sell, rent, distribute or make public your personal data
- Data should only be collected and processed when absolutely necessary
- We have duty of care to hold this data safe
The rights of the data subject remain lawful, fair and transparent
Who is responsible for managing my information?
This website is owned and maintained by Declaration Limited. It is hosted by WP-Engine within the UK. All traffic (transferral of files) between this website and your browser is encrypted and delivered over HTTPS.
We do utilise cloud computing applications such as Google for Business, which potentially means that data may be stored outside of the UK.
On what basis do we process your information?
We collect your personal data directly from our website and via email and telephone. We maintain records of customer contact, which falls under the lawful basis of legitimate interest (GDPR Article 6(f)) and under the lawful basis of being necessary for the performance of a contract (GDPR Article 6(b)).
Personal data is processed entirely for the legitimate interest of maintaining contact between us and you (our customer, or potential customer) in order to deliver our service and fulfill any contracts, which exist between us. We do not process any special category data within the meaning of GDPR.
What information do we collect?
Personal and sensitive data is required to allow us to provide our services to our clients. We will obtain your name, company and contact details and details of any colleagues with whom we may need to communicate.
Cookies are small text files that are placed on your computer when you access a website. These allow websites to do several important things, including remember what’s in your shopping basket and which pages you have visited.
Our website is exclusively an informational site and collects no personal data, nor is it used as an online store. We have selected the option in our website builder to prevent the placing of tracking cookies on your browser.
We do not serve up advertisements or knowingly take part in any scheme that would allow your online behaviour to be tracked for the purposes of identity discovery.
For detailed information on the cookies we use and the purposes for which we use them see our Cookies Policy [LINK].
How do we use and store your information?
The information you provide may be used in a number of ways, for example:
- To personalise visits to our website, through Google Analytics we are able to understand how our clients found our website and are able to track their journey through the website which enables us to provide a better service. Google Analytics does not identify our clients.
- To have the opportunity to comment on Our Blogs posts you will have entered your name, email address which will be saved together with the comment, your computers IP address and the date and time the comment was submitted. Your comment and associated data will remain on the site until the blog post or your comment is removed. If you’d like to have your comment removed please email us at firstname.lastname@example.org. We recommend that you avoid entering any personal identifiable data in the comment blog post.
- To tell you about other products and services we think may be of interest to you via an Email NewsLetter, which is sent directly from our CRM system Hubspot. You may unsubscribe at any time by clicking the link at the bottom of the newsletter or by emailing us and asking us to remove you from this service.
- By using the Contact Forms and Email links, the data you input will be not be stored but will be collected and sent to us over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the Internet. The email content is then decrypted by our local computers and devices and then stored on our CRM system.
- Under 16’s must obtain parental consent before interacting with our website.
Do we ever share personal data?
No, we do not routinely share any personal data, and would only do so under a legitimate request from a law enforcement agency. We do however use third parties as listed below.
We may also disclose your personal information to third parties in the event we sell or buy business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
When can we contact you in the future?
We would like to send you information about our own products and services, as well as those of selected third parties. We may do this by post, telephone, email or SMS, unless you have told us that you do not wish to be contacted in this way. We will always ask you to confirm in advance that you are happy for us to allow third parties to contact you by email.
If you would like to change any of your preferences relating to the way in which we may use your information for direct marketing, then please update your user preferences or send an email to email@example.com.
How long will we hold your information for?
We have a system of retention periods in place to ensure that your information is only stored whilst it is required for the relevant purposes or to meet legal requirements. Where your information is no longer required, we will ensure it is disposed of in a secure manner.
How can you access and update your information?
You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please email or write to us at the address noted at the bottom of this policy.
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.
Does this policy apply to linked websites?
What happens if there is a data breach?
As per the GDPR regulations all data breaches will be reported to the ICO within 72 hours. This includes those of any 3rd parties where it’s apparent that personal data stored has been compromised.
Who can we contact if we have any queries about this policy or how our data is processed?
By email: firstname.lastname@example.org.
Or write to us at Declaration Limited, Enterprise Building, Ropewalk, Lincoln, LN6 7DQ
Or call us on 01522 789 000
The Data Protection Officer’s email address is email@example.com.
How can we make a complaint?
You can contact us at the above address, alternatively the supervisory authority in the UK for data protection matters is the Information Commissioner (ICO) www.ico.org.uk . If you think your data protection rights have been breached in any way by us, you are able to make a complaint to the ICO. The ICO Helpline number is 0303 123 1113.