At GDPR Advisors we respect the privacy of visitors to our website (www.gdpradvisorsuk.com). This policy is concerned with how we collect information, what we do with it and what controls you have over your personal information.
We take our duty to process your personal information very seriously. This policy explains how we collect, manage, use and protect your personal information.
We may change this document from time to time to reflect the latest view of what we do with your information. Please check back frequently; you will be able to see if changes have been made by the date it was last updated.
Refer to the sections below for more details on how and why we use your personal information:
- Who are we?
- What personal information we collect and how we use it
- Legitimate interests
- Sharing your information
- Retaining your information
- Your details on the web
- What are your rights?
- How to contact us
1. Who are we?
GDPR Advisors is a trading name of Audit and Risk Professionals LLP (which is a registered company in England and Wales, OC393687). In this policy references to GDPR Advisors, or to ‘we’ or ‘us’ are to a reference to the trading name.
2. What personal information we collect and how we use it
What we need
GDPR Advisors is what’s known as the ‘Data Controller’ of the personal information you provide to us. If you submit a comment or contact form through the website then we will usually only have your name and email address. If you go on to work with us, then we will need to collect some basic information in order to be able to provide you with services, this may include your name, postal address, telephone number, email address and your method of payment if you are purchasing from us.
Why we need it
We collect your personal information in connection with specific activities, such as newsletter requests, registration for compliance packs, product purchases, feedback and contact forms.
The information is either needed to fulfil your request or to enable us to provide you with a more personalised service. You don’t have to disclose any of this information to browse our site. However, if you choose to withhold requested information, we may not be able to provide you with certain services.
Sometimes, with your consent, we will process your personal information to provide you with information about our work or our activities that you have requested or are expecting.
On other occasions, we may process personal information when we need to do this to fulfil a contract (for example, if you have purchased something from our learning platform) or where we are required to do this by law or other regulations.
How we obtain your details
We will also hold information about your details so that we can respect your preferences for being contacted by us.
We only your collect your personal information when you provide it to us directly.
All the personal information we process is processed within the EEA, the assured territories or secured within the privacy shield. This will be done in accordance with guidance issued by the Information Commissioner’s Office.
3. Legitimate interests
We have a number of lawful reasons that mean we can use your personal information. One of these is something called ‘legitimate interests’. Broadly speaking Legitimate Interests means we can process your personal information if:
We have a genuine and legitimate reason.
We are not harming any of your rights and interests.
4. Sharing your information
We do not share your information with any other organisations or individuals unless we are when obliged to by law, for purposes of national security, taxation and criminal investigations and in the following instances:
- If you have agreed that we may do so.
- When we use other companies to provide services on our behalf, e.g. processing, mailing or delivering orders, answering customers’ questions about products or services, sending mail and emails, customer analysis, assessment, when using auditors/advisors or processing credit/debit card payments.
- If we merge with another organisation to form a new entity, information may be transferred to the new entity.
And, we will never sell or rent your personal information to other organisations.
5. Retaining your information
We hold your information only as long as necessary for each reason that we use it. We have provided some examples of the time we will keep your information in this paragraph but you can contact us for more information.
If decide you don’t want to hear from GDPR Advisors any more or request that we have no further contact with you, we will keep some basic information in order to avoid sending you unwanted materials in the future and to ensure that we don’t accidentally duplicate information.
If you make a purchase from us, we will keep the purchase information for a period of seven years for accounting purposes.
Cookies and how they benefit you
We have a small number of cookies active on our website, as almost all websites do, to help provide you with the best experience we can. Cookies are small text files that are placed on your computer or mobile phone when you browse websites.
Our cookies help us:
- Make our website work as you’d expect.
- Improve the speed/security of the site.
Turning cookies off
You can usually switch cookies off by adjusting your browser settings to stop it from accepting cookies. Doing so, however, will likely limit the functionality of ours and a large proportion of the world’s websites as cookies are a standard part of most modern websites.
7. What are your rights?
You have a number of rights about how the personal information you provide can be used. These are:
- Transparency over how we use your personal information (right to be informed).
- The ability to request a copy of the information we hold about you, which will be provided to you within one month (right of access).
- Update or amend the information we hold about you if it is wrong (right of rectification).
- Ask us to stop using your information (right to restrict processing).
- Ask us to remove your personal information from our records (right to be ‘forgotten’).
- Object to the processing of your information for marketing purposes (right to object).
- Obtain and reuse your personal information for your own purposes (right to data portability).
- Not be subject to a decision when it is based on automated processing (automated decision making and profiling).
If you would like to know more about your rights under the data protection law, you can find out more at the Information Commissioners Office website.
Remember, you can change the way you hear from us or withdraw your permission for us to process your personal information at any time by using the form on our ‘Contact Us’ page or by emailing us at firstname.lastname@example.org.
8. How to contact us
If you wish to raise a complaint on how we have handled your personal information, please contact us so that we may investigate the matter. If you are not satisfied with our response or believe we are not processing your personal information in accordance with the law you can complain the Information Commissioner’s Office (ICO).
if you wish to talk to us about anything in the policy or the information we hold about you please contact us:
020 8720 6585
2 Masefield Avenue, Borehamwood, Herts, WD6 2HQ
This document was last updated: June 2018