Privacy policy

4 Jan 2021

We take this topic very seriously to ensure your data protection

Industry best practice

We are subscribers to The Information Commissioners Office (ICO) for guidance on this topic.

If you have a concern, please contact us

The type of personal information we collect for the purpose of running our business

When a client, potential client or service partner contacts us we collect the following information

We take our obligations seriously to secure it and ensure it is only distributed to any Third-Party as authorised.

How we get the personal information and why we have it?

Most of the personal information we process is provided to us directly by a client, potential client, service partner by email or telephone discussion for one of the following reasons:

We use the information that you have given us to tailor the marketing of our services appropriately and give appropriate technical advice on an existing or possible project.

We will only share your details with our service partners if you give explicit consent.

We will share financial details with government bodies such as the police or tax authorities if our solicitor and / or accountant confirm the demand for such is reasonable and legal.

Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:

How we store your personal information

Emails are stored on private accounts hosted by IONOS by 1&1 and Google only.

Project documents are securely stored in a secured private Microsoft hosted cloud account available to our staff on a “as needed” basis.

For potential clients, we keep information for a limited period from the date of our last communication (e.g. telephone, email) about a potential engagement. After 60 days, should a commercial relationship not start, we dispose of email, telephone number, documents shared to help make a bid. Any artefacts or software produced by us (e.g. use cases, bid documents, software configuration demonstrations) will be retained but anonymised.

For end clients and service partners we keep your details on record while our commercial relationship is current and active. 1 year after the end of our commercial relationship we assume there is no re-start possibility and dispose of all data with exception of:

Social media

If you have a “connection” on social media site (such as LinkedIn, Facebook) with us or our staff it is assumed these can remain in place in perpetuity. Any profiles will be respectful not to divulge commercially sensitive information. To put another way, we will endeavour to keep them as uncontroversial statements of fact: role, duration, service delivered. Staff joining us sign a HR policy stating the same.

Your data protection rights

Under data protection law, you have rights including:

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us if you wish to make a request.

How to complain

If you have any concerns about our use of your personal information, you can make a complaint by contacting us. We will confirm the receipt of the request within 10 days and aim to give a full answer within 28 days.

You can also complain to the ICO if you are unhappy with how we have used your data. We subscribe to the services of ICO provides to help us with data protection.

The ICO's address is Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF

The type of personal information we collect from our staff

We only collect data from our own staff that is essential to recruitment, identity checking, salary payments, PAYE, pension, career development and other benefit provisions. Staff sign a HR document that their use of social media to describe business activities as part of their personal networking must be respectful, within acceptable business norms and be information that is legal to share and available within the public domain.