We are committed to protecting the privacy and security of personal data. This policy tells you how we will collect and use your personal data, and what you should expect in respect of the personal information about you that we have collected.
The person with responsibility for our data protection compliance is Mario Majer, a Director (“the Data Protection Manager”), and he can be contacted via email.
We are the data controller of the personal data that we keep and use, and we are therefore responsible for making sure that our systems, processes and people comply with the relevant data protection laws in respect of that personal data.
We will act in respect of personal data to comply with the six principles of the GDPR, which are:
You have rights in respect of how your personal data can be processed; these include the right to:
You have the right to complain to the Information Commissioner, which you can do by contacting the Information Commissioner’s Office (ICO) directly. Full contact details, including a helpline number, can be found on the ICO website. This website has useful information on your rights and our obligations.
We collect and process data for the following reasons:
We may collect names and business contact information for our clients and our contractors. This will be undertaken for the management of the commercial relationship with our clients and our contractors.
We may collect this personal data from you directly and, on occasion, from publicly available third party sources. Additional personal data will be collected as it is created by or supplied to us in the conduct of any content creation and publication we are instructed on or during the performance of a contract with our clients or contractors.
We will use the personal data for the necessary administration of the relationship with our client and/or contractor, and to comply with requirements that we are required or recommended to undertake, including credit checks and identity checks.
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
in performance of a contract (the agreement to provide marketing services or the agreement by which you provide us goods or services); and/or
compliance with a legal obligation; and/or
where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
We may also use your personal data in the following situations, which are likely to be less common:
where we need to protect your interests (or someone else’s interests);
where it is needed in the public interest or for official purposes.
We may share personal data with third party providers who deliver services to support the operation of our business, and in respect of our clients with other content marketing firms or other advisors that we refer clients to for specialist services. We may also need to share your personal data to comply with the law.
In respect of all disclosures of personal data, we will only share the personal information which is necessary for the particular purpose for which it is provided, or where we have another legitimate interest in doing so, and we will ensure that the personal data is appropriately protected.
We will keep personal data only for as long as is necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting or reporting requirements. Normally, our retention period for personal data collected for this purpose is a minimum of 6 years after the end of the period that we are providing marketing services or the end of the arrangement with our contractors or suppliers.
It is very important that the personal information that we hold about you is accurate and current. Please tell us if your personal information changes during your relationship with us.
We have put in place measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those of our people and other third parties who have a business need to know. They will only process your personal data on our instructions and where they have agreed to treat the information confidentially and to keep it secure. We have put in place procedures to deal with any suspected data security breach and will notify you and the ICO of a suspected breach where we are legally required to do so.
We will not transfer personal data outside of the EEA unless personal data is adequately protected, as required by the GDPR.
Under certain circumstances, you have the right by law to:
Our website may, from time to time, contain links to and from the websites of third parties that we permit to make such links. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. We recommend that you check these policies before you submit any personal data to these websites.