top of page

Privacy Policy

This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ is being used online. Personally Identifiable Information is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.

What information do we collect and how do we use it?

We collect personal information from you when you fill out the contact form(s) on our website. The contact form(s) on our website ask that you enter your name, email address, phone number and other details which help us deal with your enquiry. We also collect some technical data (such as your IP address) when you submit a contact form on our website. Personal information that you submit to us through a contact form is processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our website/business and communications with users.

We may process usage data about how you use our website and services. This usage data may include your IP address, browser type and version, general geographical location, device and operating system, referral source, length of visit and page views, as well as information about the timing, frequency and pattern of your usage. The source of the usage data is our analytics tracking system. This usage data may be processed for the purposes of analysing the use of the website and services. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services.

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. Only a limited number of persons who have special access rights are able to access this information, and are required to keep the information confidential.

How long do we retain your data?

Data submitted via the contact form(s) on our website is stored electronically for an indefinite period of time. This data is stored in various places including the website server which is managed by 34SP, email servers and backup files.

What rights do you have over your data?

If you have submitted a contact form on this website you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Your principal rights under data protection law are:

  • the right to access;

  • the right to rectification;

  • the right to erasure;

  • the right to restrict processing;

  • the right to object to processing;

  • the right to data portability;

  • the right to complain to a supervisory authority; and

  • the right to withdraw consent.

Do we use ‘cookies’?

Yes. Cookies are small files that a website or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the website’s or service provider’s systems to recognize your browser and capture and remember certain information.

We use cookies to help us compile aggregate data about website traffic and website interaction so that we can offer better website experiences and tools in the future.

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since every browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.

If you turn cookies off, some of the features that make your website experience more efficient may not function properly.

Third-party disclosure

We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it’s release is appropriate to comply with the law, enforce our website policies, or protect ours or others’ rights, property or safety.

Third-party links

Occasionally, at our discretion, we may include third-party links on our website. These third-party websites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked websites. Nonetheless, we seek to protect the integrity of our website and welcome any feedback about these websites.

GDPR – Statement

New data protection legislation came into force in May 2018 which aims to protect people’s privacy further. The new law applies to all public bodies, businesses and other organisations that process personal data. The legislation comprises the General Data Protection Regulation (GDPR) which came into force on 25 May 2018 and the new Data Protection Act (DPA) 2018 which came into force around the same time. This will provide a single regulation across the European Union (EU) and place obligations on organisations that operate outside of the EU but provide goods or services to EU Citizens.

Our GDPR Principles

  • we will process all personal data fairly and lawfully

  • we will only process personal data for specified and lawful purposes

  • we will endeavour to hold relevant and accurate personal data, and where practical, we will keep it up to date

  • we will not keep personal data for longer than is necessary

  • we will keep all personal data secure

  • we will endeavour to ensure that personal data is not transferred to countries outside of the European Economic Area (EEA) without adequate protection

 

GDPR Compliance

 As part of our GDPR process, we continue to review and update our internal processes, procedures, data systems and documentation in order to help ensure that we comply and are compliant with GDPR in the way process data; this will involve working with our suppliers and partner organisations to ensure we meet these obligations.

 

Our GDPR actions to date

  • we are reviewing and updating our range of policies, including our Data Protection Policy and Subject Access Requests Policy

  • we are updating our privacy policy on our website to incorporate our GDPR obligations.

  • we have introduced mechanisms to identify a potential personal data breach, how these will be investigated and reported, where necessary within 72 hours

  • we are undertaking a systematic review of the personal data we store, manage, maintain, collect, process and control

  • we have assessed our lawful bases for processing data to ensure all personal data is processed lawfully, fairly and transparently

  • we have introduced legitimate interest assessments where we rely on legitimate interest as the lawful basis for processing any personal data

  • we have provided training to our employees and generally raising the awareness and importance of GDPR to our business and their individual responsibilities arising from this

  • we are and will continue to look at ways of improving our systems and procedures to better comply with GDPR best practice

  • we will continue to monitor our GDPR procedures

 

bottom of page