Privacy Notice & Cookie Policy

Background

This privacy notice sets out how we, Data Protection 4 Business Limited, a company registered in England and Wales, number 10982621, uses and protects any personal information we collect or generate in relation to you whilst using this site.

 

As a passionate professional Privacy organisation, we have reviewed and updated our policies, processes and procedures to comply with the General Data Protection Regulation (EU) 2016 / 679 (“GDPR”) and UK Data Protection Act 2018.

 

What we collect and the purpose of processing

We act as Data Controller for these types of personal data we collect when your use our website:

  1. Contact Data – when you use our ‘contact us’ form
  2. Name
  3. Email address
  4. Company name
  5. Session cookies – which do not store Personally Identifiable information (see ‘Cookies Section’ below)

 

We act as Data Controller for these types of personal data we collect when you become a valued client:

  1. Additional Contact data
  2. Names
  3. Email address
  4. Phone number
  5. Address

 

Legal basis for processing data

Your consent

When you use our ‘Contact us’ form, you are agreeing to us using your data in order to contact you for the reason specified on the form.

 

By using our site, without disabling session cookies (using your browser settings) you are agreeing to us using session cookies to gather information.

 

Performance of Contract

When you become a client, we require certain personal information in order to provide services to you under our contractual agreement.

What we do with the information we gather

Contact Data

Is used to respond to your queries, requests or questions and to deliver services to you.

 

This data is stored for as long as you may be a client with us and for 18 months thereafter unless we are required to keep the data for legal or regulatory purposes.

 

Cookie Data

We use the information to understand which pages were accessed and how regularly in order to provide you with a better online browsing service. The cookie information we collect is aggregated and anonymised for our internal use and not passed onto any third parties. We only use that information to inform any changes to the website.  We run a consent management tool on our site, which gives you choices on whether you would like to opt out of any cookies.

 

Client Data

This data is used to perform contracted services to you. This data is stored for as long as you may be a client with us and for seven years thereafter for legal reasons.

 

Supplier Data

When you become a supplier, you provide us with your contact and payment details for the performance of our contract together.  This data is stored for as long as you may be a supplier with us and for seven years thereafter for legal reasons.

 

Google Analytics

We use Google analytics in a very limited way. The session cookie data that is collected is used to collect information about how visitors use our site.

 

The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.  This information is stored for 26 months.

 

Controlling your personal information

We use a consent management tool from Cookiebot.com which allows you to see which cookies are running on our site.  You can decide whether to accept cookies or not and you can change your choices at any time.

 

Links to other websites

Our site contains links to other social media sites we use, such as Twitter and LinkedIn.  We also have links to client and partners websites.

 

As you probably realise, once you use these links we do not have any control over that external site, so we cannot be responsible for the protection and privacy of any information you provide whilst visiting those sites.

 

Please do exercise caution and look at the privacy statement applicable to external sites.

 

Source of your data and recipients of your data

 

  • Your Contact data is provided by you when you complete the ‘Contact Us’ form on our site.
  • The cookie data comes from your use of our site.
  • Client Data is provided by you when you become a client.

 

We do not allow adverts on our website, hence we do not allow any advertising companies to apply tracking pixels or any cookie type tracking devices.

 

Automated decision making

No automated decisions are made using any personal information collected using this site.

 

Security

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

 

Data Transfers outside the EEA

We do not send any Personally Identifiable data outside the EEA.

 

Data Processor agreements

The only third parties who process any data from our website are:

  • Our web hosting company – PinkSEO Marketing
  • Our Online training platform – eLamb (click here for more info)
  • Our email platform – Microsoft Corporation

 

We have ensured they have committed to implementing appropriate technical and organisational measures in place to meet their obligations under the Data Protection regulations.

 

Your rights

You are entitled to ask about the data that is held about you, subject to certain exceptions.  This is called a Subject Access Request (SAR).  These should be made by email or in writing to our Data Protection Manager at the following addresses:

 

Email: info@dpo4business.co.uk

Address: Data Protection Officer, PO Box PO Box 75034, LONDON, SW14 9DH

 

We will acknowledge receipt within 24 hours and attempt to respond within 5 days.  We are confident about our target because we practise the minimisation principle and only capture the bare minimum of data on our clients.

 

In addition, the Data Protection regulation provides the following rights for individuals:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling

 

If you would like to exercise any of your rights, please email our Data Protection Officer on info@dpo4business.co.uk.

 

We will make every attempt to ensure you are satisfied with our handling of your data queries or requests.  However, you have the right to complain to the Information Commissioners Office (ICO) if you are not satisfied with our handling of your requests about the protection of your data.  Follow the link below to report a concern to the ICO.

Online Training Platform

Our online training platform provider uses browser cookies in order to send the user to the correct backend server and to keep the sessions linked.

 

All the cookies generated by the Online training platform are marked for http-only, making them inaccessible and not editable through browsers and JavaScripts.

 

No cookies contain users’ personal data.  They are never used for the purpose of advertising and/or marketing related user-profiling nor do any cookie-generated data ever serve the purpose of providing any user-related information to third parties.

 

Further information about Cookies

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue the limited session cookies we use, as soon as you visit our website.

 

Session cookies

These cookies allow website operators to link the actions of a user during a browser session. A browser session starts when a user opens the browser window and finishes when they close the browser window. Session cookies are created temporarily. Once you close the browser, all session cookies are deleted.

 

We also use cookies to detect whether a visitor to our website is a first-time visitor or a repeat visitor. No personally identifiable information is stored on these cookies.

 

First and third-party cookies

Whether a cookie is ‘first’ or ‘third’ party refers to the domain placing the cookie. First-party cookies are those set by a website that is being visited by the user at the time (e.g. cookies placed by us at www.dpo4business.co.uk). Third-party cookies are cookies that are set by a domain other than that of the website being visited by the user. If a user visits a site and another entity sets a cookie through that website, this would be a third-party cookie.

 

Persistent cookies

These cookies remain on a user’s device for the period of time specified in the cookie. They are activated each time that the user visits the website that created that particular cookie.

 

How to delete and block our cookies

You can choose to accept or decline cookies using our consent management tool.

How to opt out of Google Analytics

We only use first party cookies to gather analytical data which is anonymised and used for Google Analytics.   You can opt out of accepting Analytical cookies in our consent management tool.

Additionally, you can opt out of being tracked by Google Analytics across all sites visit http://tools.google.com/dlpage/gaoptout.

 

How to opt out of sending Personal Identifiable Information to Google

To ensure you are not sending PII to Google, following this link:

 

 

Last updated: September 2019