We collect, store and process personal data – such as name, contact, and financial information – from prospective customers, vendors, professional advisers and consultants, distributors, dealers, suppliers, business partners and others. This is a requirement to legitimate our business purposes, relevant activities and terms consistent with our Data Protection Policy.
We also collect, store, and process personal data from current and past employees, and applicants for employment. Information consists of name, contact information, financial information, and government ID (e.g. National Insurance Number). Additional information may be required and requested to fulfill specific requirements. Depending on the level of the position and the office location of the employment, we may need and request authorization to data subjects to access additional information.
Most of the personal information we process is provided to us directly by you for one of the following reasons:
Conclusion of legal contracts
Processing of payments
Communication and marketing purposes, including electronic communication.
We do not receive any personal information indirectly.
We use the information that you have given us in order to contact you via electronic means for the purposes. We may also share this information internally with appropriately authorised staff and contractors and externally with banking institutions should we establish a contractual relationship. We also share this information with regulatory and public authorities where we are compelled to do so by law.
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:
Your consent. You are able to withdraw your consent at any time. You can do this by contacting us at email@example.com
We have a contractual obligation.
We have a legal obligation.
Your information is securely stored on cloud service providers held at AWS and Google Cloud data centers in Ireland / US.
We keep all personal information noted above for a period of seven years, in order to comply with legislative requirements. We will delete your information from our cloud servers after completion of this seven year period.
Under data protection law, you have rights including:
Your right of access – You have the right to ask us for copies of your personal information.
Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing – You have the right to object to the processing of your personal information in certain circumstances.
Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at firstname.lastname@example.org if you wish to make a request.
If you have any concerns about our use of your personal information, you can make a complaint to us at email@example.com.
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk