Policy key definitions:
- “I”, “our”, “us”, or “we” refer to the business, esp group.
- “you”, “the user” refer to the person(s) using this website.
- GDPR means General Data Protection Act.
- PECR means Privacy & Electronic Communications Regulation.
- ICO means Information Commissioner’s Office.
Cookies mean small files stored on a users computer or device.
Key principles of GDPR:
Processing of your personal data
Under the GDPR (General Data Protection Regulation) we control and / or process any personal information about you electronically using the following lawful bases.
What information do we collect?
Other information will be collected purely for the purposes of dealing with your enquiry or fulfilling our contract or service with you. This information, when collected through our website usually involves contact details such as name, email address, telephone numbers, and we will then ask for your physical address.
This information constitutes personally identifiable information and as such will be treated in accordance with EU General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR) rules.
Types of information we collect includes;
Information that you provide by filling in forms on our site https://deliver-success.com (our site). This includes information provided at the time of registering to use our site, subscribing to our service, posting material or requesting further services. This is likely to include, Full Name, Business name, Email, Telephone numbers.
We may also ask you for information and when you report a problem with our site. If you contact us, we will keep a record of that correspondence.
We may also ask you to complete surveys that we use for research purposes and updating our records.
Details of transactions such as ordering products and services and of the fulfilment of your orders.
Details of your visits to our site including, such as how you came to our site and the pages you visit, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access. Details for the purposes of undertaking our services, may require us to collect data regarding; services, prices, new business process, data regarding contracts and other such information that could be described as business sensitive.
In our correspondence with you we may track an email if it has been opened or a link clicked to ensure deliverability of our emails.
Contacting you in connection with our relationship to you as a subscriber or member.
We do not collect sensitive data via our website and we do not store credit or debit card details.
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and security for use only in line with our businesses legitimate interests.
We may further collect this information from you to ensure our site stays secure and our users can access our services if need be. This information is set to expire in our cookies. (see policy for further details.)
How do we use personal information?
We will use the information you provide only for the purposes of our business. This could mean providing you with an estimated cost or providing you with our goods and services.
It also provides us with the ability to contact you with information about your order/subscription, products and/or services or billing information.
We may also need your details to provide customer feedback and support.
We will also use this information to comply with any legal obligations; For example, prevention of fraud or legal or accountancy requirements.
What legal basis do we have for processing your personal data?
Under GDPR we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights. We will only process your personal data if at least one of the following basis applies:
You have given consent to the processing of your personal data for one or more specific purposes, such as placing an order asking for a quote;
Processing is necessary for the performance of a contract to which you are a party or to take steps at the request of you prior to entering into a contract with us;
Processing is necessary for compliance with a legal obligation to which we are subject;
Processing is necessary for the purposes of the legitimate interests pursued by us, except where such interests are overridden by your fundamental rights and freedoms.
When do we share personal data?
We may at times need to share your personal data with third parties to whom we contract to provide a product or a service. If this is necessary, we will take all reasonable steps to ensure that your data is handled securely and in accordance with your rights. Data will only be revealed on a need to know basis and we only deal with third parties that we know to have safeguards in place to ensure our obligations towards your data security are met.
We currently deal with the following types of businesses to whom we may need to provide some of your information:
Professional advisors such as lawyers, bankers, accountants, payment processors, auditors and insurers;
Any third parties to whom we may sell, merge or transfer our business to;
Where do we store and process personal data?
We only keep your data for as long as we need to use it as described above, and for as long as we have your permission to keep it.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk.
How do we secure personal data?
We try to limit the amount of data we collect from you specifically through our website. Data security is of great importance to us, and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected through our site. The data that we collect from you may be transferred to and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work with us or for one of our suppliers.
Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support and training services.
We will not ask and do not collect any sensitive or financial data directly from you. All financial and identifiable data may be processed via our registered data processors.
The following processors help us administer our business Microsoft, Agile CRM, Google.
These businesses are our analytics partners AgileCRM & Google. Data is anonymised and staff are only allowed to access data on a need to know basis.
How long do we keep your personal data for?
We will only retain your data for as long as is necessary to carry out our services and to comply with any legal obligations, such as HMRC or auditing purposes. We have a yearly review of all data and any data that is no longer needed will be securely shredded or securely deleted.
Your rights in relation to personal data
Under the GDPR, you have:
- the right to request access to, deletion of or correction of, your any aspect of the personal data we hold;
- the right to complain to a supervisory authority;
- be informed of what data processing is taking place;
- the right to restrict processing;
- the right to data portability;
- object to processing of your personal data;
Your rights can be exercised accordingly by getting in touch with us, by phone, email or post using the contact details in part 2. Please bear in mind that we may require further information to help us confirm your identity and your right to make any request.
Linking to other websites / third party content
Our websites and services may provide links to other third-party websites and services which are outside our control and not covered by this policy. We encourage you to review the privacy policies posted on these (and all) sites you visit or services you use.
Email marketing messages & subscription
Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed in the “Processing of your personal data” above. Any email marketing messages we send are done so through an EMS, email marketing service provider.
An EMS is a third party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages.
Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations, will show the activity each subscriber made for that email campaign.
Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences.
Our EMS provider HubSpot & MailChimp. We hold the following information about you within our EMS system;
- Email address
- IP address
- Subscription time & date
- Full Name
- Company Name
- Company website
- Company Social Media Details
Questions or concerns or wish to submit a request for your data?
If you have any questions about our policy please contact us via email or contact form firstname.lastname@example.org