This policy covers our approach towards the lawfulness, fairness, integrity, and transparency of our data storage.
Under the GDPR we will store and control data and personal information electronically under these bases:
- Consent: as a customer and potential customer for commercial purposes.
- Contract: as a contractor, or as a customer has entered into a contract for our services.
- Legal: as a result of any legal proceedings or where legality is needed for the pursuance of business.
- Business interests: for the furtherance of legitimate business interests.
- Other interests: as a third party (such as a charitable or community organisation) that has entered into a relationship or partnership with us.
- Criminal offence: for any party which has committed a criminal offence against our company.
We process information by collecting essential contact details either electronically or physically and then transposing them to an electronic basis, storing these electronically, and saving them in our Customer Relations Management database.
We will retain, and continue to process information, under these bases until consent is withdrawn or it is determined that consent no longer exists.
We do not share information with any third parties. This is because (1) we will ensure compliance with the GDPR and (2) doing so would be detrimental to our business.
Under the GDPR we will grant the right to be informed, the right of access, the right to rectification, the right to erasure, the right to restrict processing, the right to data portability, the right to object; and the right not to be subject to automated decision-making including profiling. We handle subject access requests in accordance with the GDPR.
Under the GDPR and PECR, we use the consent lawful basis for any marketing. We will only collect certain data and record key business elements such as IP addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations, will show the activity each subscriber made for that email campaign.
Any email marketing messages we send are in accordance with the GDPR and the PECR. We always provide an easy method to withdraw consent by unsubscribing.