This Privacy Notice is here to help explain the types of personal data we may collect about you during our interactions. We also want to let you know how we’ll store and handle that data, and most importantly, how we will keep it safe.
There is a lot to share with you but it is important you are fully informed of your rights, and how Public World use your data; for example we will explain things such as how and when we would share your data with our associates.
We hope the following sections will answer any questions you have but if not, please do get in touch with us.
Who we are
Public World is a small business with a network of associates we partner with to support you, our client.
Our registered address is Public World, Lewis House, Great Chesterford Court, Great Chesterford, Essex, CB10 1PF. Our team mainly work from home, but from time to time also work on-site with clients and at other exciting places.
Public World is the data controller and can be contacted by emailing firstname.lastname@example.org
Other team members are the data processors.
When it matters to the work we do with you there may be other associates who will have access to and a need to process your data and we will be sure to let you know who they are when and if the time comes.
Explaining the Legalities
The General Data Protection Regulations (GDPR) came into force on 25th May 2018 and has set out a number of different reasons why we might reasonably have your data. This includes:
Consent – You have told us we can have it
Contracts – We have contracted with you and need it to complete our obligations
Legal – Legally we need to have it (we may need to ask for your ID when working on your accounts)
Legitimate reason – In the interest of running our business effectively and to supply you with relevant information
When will we collect your personal data
- When you purchase a product or service
- When you engage with us on social media
- When you sign up to our newsletter or have asked to be kept informed
- When you use our websites contact form
- When you contact us by any means with queries, complaints etc
- When you ask one of our team to email you information about a product or service
- When we meet with you at events and we share it with each other
- When you book any kind of appointment with us or book to attend an event, for example, at a conference or training event
- When you choose to complete any surveys we send you
- When you comment on or review our products and services (Any individual may access personal data related to them, including opinions. So if your comment or review includes information about the team member who provided that service, it may be passed on to them if requested)
- When you fill in any forms we may ask you to complete
- When we will be passing on your information to our of our associates in line with our contract with you
- When you have given a third party permission to share information with us that they hold about you
- When you attend our office or home which usually have CCTV systems operated for the security of both customers and staff. These systems may record your image during your visit.
What sort of personal data do we collect
For enquiries, networking and general conversation we will likely gather your name, email address and telephone number.
When we create a contract to work with you, we will gather additional information that is relevant to the processing of data that needs to be completed. For example, it might mean we need log in details to your social media accounts or you choose to share with us access to your systems in order to complete the activity contracted.
When you are attending a study visit to our partner in the Netherlands.
Under GDPR we do not usually have a need to gather or process any data that would be considered or classed under a special category of data
How and why we will use your data
Remember if you choose not to share information with us or refuse certain contact permissions we may not be able to fulfil our commitments to you.
Why we will use your data?
- To process any enquiries you have made with us
- To respond to your queries, requests or complaints
- To protect our business and your data from fraud and illegal activities
- To protect our business, customers, you, data and your business from crime
- To send you communications about our products and services
- To send out any prizes won during competitions
- To improve or develop our products or services
- To comply with our contracts or legal obligations as requested by law enforcement agencies
- To send you survey and feedback requests in relation to our work
Please remember you can also request to no longer receive communications in relation to any of the above at any time by emailing our data processors or controller at email@example.com
How we protect your personal data
We know how much data protection means to us all and with this in mind we take great care in looking after the data you share with us.
We have significantly reduced the amount of paper notes we keep
We protect all devices with passwords and change these on a regular basis
We have CCTV on premises where paper records and devices are kept
We use encrypted password sharing tools to share access information to your accounts on social media and tools you use to run your business
We only share information with trusted colleagues and associates who also have relevant policies in place and comply with GDPR
How long will we keep your data?
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected and to comply with relevant laws on the type of data.
At the end of that retention period, your data will either be deleted and paper records shredded completely or we will inform you of why we would need to keep that data for any longer and request your permission.
Who do we share your personal data with?
We sometimes need to share your personal data with third parties that are not our team members.
Some examples of these:
- Buurtzorg Netherlands
- Our associates working on your contracts
- Tool providers where data is held (e.g. Google, CRM Systems, Mailchimp)
However in sharing this information we ensure that they are GDPR compliant by asking them to sign a contract with us.
We provide only the information they need to perform their specific services.
We will not share your personal data outside of the EEA unless we have been asked or have agreement by you.
What are your rights for your personal data?
You have the right to request:
- Access to the personal data we hold about you, free of charge in most cases.
- The correction of your personal data when incorrect, out of date or incomplete.
- For example, when you withdraw consent, or object and we have no legitimate overriding interest, or once the purpose for which we hold the data has come to an end (such as the end of a warranty).
- That we stop using your personal data for direct marketing (either through specific channels, or all channels).
- That we stop any consent-based processing of your personal data after you withdraw that consent.
- You have the right to request a copy of any information about you that Public World holds at any time, and also to have that information corrected if it is inaccurate. To ask for your information or for it to be amended, please contact Data Protection Officer, Public World, Lewis House, Great Chesterford Court, Great Chesterford, Essex, CB10 1PF or email firstname.lastname@example.org
If we choose not to action your request we will explain to you the reasons for our refusal.
Your right to withdraw consent
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.
Where we rely on our legitimate interest
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request.
Checking your identity
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
If you don’t feel we have done enough to comply
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office. You can contact them by calling 0303 123 1113.
Or go online to http://www.ico.org.uk/concerns (opens in a new window; please note we can’t be responsible for the content of external websites)
If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence. Details can be found in Section 16.
We hope this Privacy Notice has been helpful in setting out the way we handle your personal data and your rights to control it.
If you have any questions that haven’t been covered, please contact our Data Protection Officer who will be pleased to help you:
Email us at email@example.com
Or write to us at Public World, Lewis House, Great Chesterford Court, Great Chesterford, Essex, CB10 1PF.
Use of ‘cookies’
It is possible to switch off cookies by setting your browser preferences. For more information on how to switch off cookies on your computer, visit our full cookies policy. Turning cookies of may result in a loss of functionality when using our website