We are The Data Support Agency, the ‘Controller’ of the personal data you provide to us, as we make decisions on what information we hold and what we do with it. We are committed to managing and protecting the privacy of your personal information in line with all current applicable data privacy laws.
This privacy notice outlines what data we collect, why we collect it and how we manage it while we are holding it. It also highlights your rights with regard to the data. It may change from time to time, so please check it at regular intervals.
Should you have a concern regarding our management of your personal data, or need further information, please do not hesitate to contact us:
- The Data Support Agency Ltd., 8 Elmwood, Chineham Park, Basingstoke RG24 8WG, UK
- Email: email@example.com
- Telephone: 0345 646 0066
What personal information do we collect?
You may be asked to enter or confirm your name, job title, email address, phone number, bank details or other information when you are subscribing, visiting our websites or making other enquiries.
When do we collect it?
We collect information from you when we contact you, or when you: visit our website, make an enquiry, respond to a communication, fill out a form, request 15 minutes’ free consultation, use live chat, request a call back, book a webinar, book a place at a seminar, subscribe to our services directly or through a partner organisation, place an order, log in to your portal, open a support ticket, subscribe to a newsletter, or otherwise submit your personal data to us. We may also acquire your B2B contact information from exhibitions, events and social media platforms or from third party business data organisations, such as the 118 Group, for marketing purposes. Because we are a partner of The National Merchant Buying Society Ltd (NMBS), we may contact NMBS members’ businesses (for example, a reception desk) to collect your contact information. If you would like to know more about where we have collected your information from, please contact us using the details above.
Why do we need it?
We require this basic personal information so that we can:
- Enable you to subscribe to or purchase our services.
- Fulfil and manage your contract and your enquiries when using our service.
- Improve your experience of using our websites.
- Manage your enquiries when you are considering using or subscribing to our services.
- Send you marketing communications, or invite you to marketing events, in relation to our products and services. You may opt out of marketing at any time.
- Enable us to contact you when you visit our website.
- Safeguard the assets of our company, its employees, its customers and other key stakeholders.
We do not collect any personal information from you that we do not need to facilitate these tasks.
What is our lawful basis for using your information?
We consider we have the following lawful bases to process your data:
- In processing your transactions and orders and providing services, advice and information to manage and fulfil your contract, either directly or through a partner organisation, we rely on the lawful basis of contract.
- When we respond to your sales enquiries, we consider this to be in our legitimate business interest.
- We are a B2B company and only market our services to other organisations. We may market our GDPR compliance services to you, as the employee of an organisation that we feel would find benefit and value in our services. We feel that such marketing should not be wholly unexpected, nor should it adversely impact your rights. We consider this marketing to be in our legitimate interest. Our information sources assure us that they have a legitimate lawful basis in place for providing this contact information to us. You may opt out of marketing at any time.
- We may send you marketing communications if you are, or have been, a direct or indirect customer or if you have consented to receiving them. This is our legitimate business interest. You may opt out of marketing at any time.
- In order to protect our assets and interests, we may need to use your information as part of a legal process.
How do we protect your information?
The Data Support Agency is committed to protecting your personal data and has implemented the appropriate systems and procedures to ensure this.
Our websites are scanned on a regular basis for known threats in order to make your visit to our site as safe as possible. We also use regular malware scanning. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential.
We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information. All payment transactions are processed through a gateway provider and are not stored or processed on our servers.
All the personal data we collect is managed by our staff in the UK. The information is hosted on servers within the EU, or in the USA under the EU-US Privacy Shield agreement.
We may share your data with our business partners when you ask us to book your place on one of our joint seminars. We may also ask a third-party marketing agency to use your data to send marketing communications to you in line with our legitimate interest. No other third parties have access to your personal data, unless the law allows or obliges them to do so.
Do we use ‘cookies’?
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off cookies. You do this through your browser settings. Since each browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies. If you turn cookies off, some of the features that make your site experience more efficient may not function properly.
How long do we keep your personal information?
If you are, or have been, a customer, we will retain your data for up to 3 years after the end of your contract, or the last point of contact (whichever is latest) for marketing as part of our legitimate interest and as part of our statutory obligations.
If you are not a customer and we send you marketing communications, we will keep your information for a maximum of 3 years after the last point of contact.
You can opt out of receiving marketing communications at any time by contacting us using the details above or unsubscribing on the marketing emails we send you.
What are your rights with regard to your personal data?
You have a number of rights regarding the processing of your personal data.
- You have the right to have your personal data corrected if it is not correct or incomplete. Please update the information in the GDPR Portal if you are a client or authorised user, or contact us using the above details.
- You have the right to have your personal data deleted. Please contact us using the details provided above. Please note that we may not be able to fulfil our contractual obligations without your contact details.
- You have the right to have data transferred to another party. Please ask us if this is what you would like to do.
- You have the right of access to your data. Please contact us and we will let you know what personal data we hold.
- You can ask us to restrict the use of your information, by asking us using the contact details above.
- You have the right to register a complaint regarding the use of your personal data to a supervisory authority at any time. The Information Commissioner’s Office is the UK authority, details of which can be found at ico.org.uk
- We do not carry out profiling or automatic decision making.
- Your personal data will not be stored or processed in any countries outside of the EU without your express consent and the appropriate security measures.
Last Updated: 22/11/2018