Privacy Policy

What does this privacy policy cover?

This policy sets out how we handle personal data if you visit our website or we’re engaging with you for work or potential work as of the 25th May 2018.

This policy details:

  • What information we collect and why/what we use it for
  • Where that information is stored
  • Who has access to that data
  • How is this data secured?
  • How long we retain that data
  • How to control your data
  • Contact details
  • Updates to this policy

As part of the day-to-day running of the business we also collect generic business information e.g. VAT numbers, addresses, generic emails etc. which is not detailed in this policy.

What information do we collect and how do we use it?

Service related information

We collect information when you engage us for work or prospective work, for example via phone, email, in-person or through our website.

We have a legitimate interest in storing the information referenced below, in order to work with you. By continuing to work with Idealogy you agree to have this data stored where required.

We may collect some or all of the following personal data types:

Data Types Purpose(s) Source(s)
Name To contact relevant persons regarding current, past and potential projects/work.Managing our relationship with the business and key contacts.

Providing general administrative functions e.g. referencing the relevant contact on estimates and invoices.

For records such as meeting notes.

We receive names through email, phone, website entries, from other contacts, in-person meetings and publicly available sources such as LinkedIn.
Email To contact relevant persons regarding current, past and potential projects/work.Managing our relationship with the business and key contacts.

Providing general administrative functions.

To send work completed.

To communicate key company information e.g. privacy policy, office hours.

We receive emails through email messages, website entries, from other contacts, in-person meetings, business cards and publicly available sources.
Job role Managing our relationship with the business and key contacts.Providing general administrative functions. Email signatures, business cards, publicly available sources such as LinkedIn.
Mobile number If provided, as a way of contacting relevant persons regarding current, past and potential projects/work. Supplied as a method to make contact, business cards, email signatures.
Direct number/ Extension If provided, as a way of contacting relevant persons regarding current, past and potential projects/work. Supplied as a method to make contact, business cards, email signatures.
Home phone If provided, as a way of contacting relevant persons regarding current, past and potential projects/work. Supplied as a method to make contact.
Social media profiles Managing our relationship with the business and key contacts. Publicly available sources such as LinkedIn.
Photographs For use as a user profile Uploaded directly by user to their profile e.g. Basecamp.
Email content, messages, documents For day-to-day business use, keeping track of projects, agreements, key information regarding future, past and ongoing work etc. Supplied by email or otherwise shared with us.
Other We may receive other personal data which is relevant to a project or particular requirement which we will utilise to fulfil this work/requirement. Supplied by email or otherwise shared with us.

Marketing related information

With your permission and/or in instances of legitimate interest, we may use your data for marketing purposes including contacting you by email, telephone or post etc.

Data Purpose Source
Name To contact relevant persons regarding potential projects/work. We receive names through email, phone, website entries, from other contacts, in-person meetings and publicly available sources such as LinkedIn.
Email To send information and promotional content which we feel is relevant/useful to our audienceTo keep note of preference not to be subscribed Sign up to our newsletter.
Job role To help us send content which is relevant to the recipient Email signatures, business cards, publicly available sources such as LinkedIn.
Mobile number To contact relevant persons regarding potential projects/work. Supplied as a method to make contact, business cards, email signatures.
Direct number/ Extension To contact relevant persons regarding potential projects/work. Supplied as a method to make contact, business cards, email signatures.
Social media profiles Managing our relationship with the business and key contacts. Publicly available sources such as LinkedIn.
Email behaviour (e.g. opens and clicks) To improve our communications by reviewing behaviour (clicks and opens) and performance of campaigns and using this to develop content ongoing Mailchimp.
Web analytics data (e.g. behaviour, IP address, web browser type and version, operating system) To review the performance of our website and improve the experience for users. Google Analytics, Cookies
Other We may store other preferences or interests etc. to help us send relevant content Form submissions.

Other

Other examples of data include items such as personal information for job applications e.g. CV, cover letter.

Where is your information stored?

We store the data on premise in our UK based office, as well as offsite backups for business continuity.

We use third party data processors, who may sometimes have the data stored out of the European Economic Area (“the EEA”), please see individual service privacy policy details for more information.

We have outlined these third-party processors below, the purpose for storing data with them and their privacy policies below.

External processors

Who Purpose Privacy Policy
Synergist Project management and CRM https://www.synergist.co.uk/privacy-policy
Mailchimp Email marketing https://mailchimp.com/legal/privacy/
Basecamp Project communication https://basecamp.com/about/policies/privacy/privacy-shield
Kerio Email service https://www.gfi.com/legal/global-privacy-policy
Shoretel Phone technology https://summit.shoretel.com/privacy-policy/
Wetransfer File transfer https://idealogyltd.wetransfer.com/legal/privacy
Webex Conferencing https://www.webex.com/cisco-privacy_full-text.html
Google Analytics Website analytics https://policies.google.com/privacy?hl=en
Cloud backup Data recovery http://www.autotask.com/privacy-policy

Who has access to your data and do we share it?

Our data is accessed by Idealogy employees.

Where relevant we may disclose personal information to third parties, subcontractors and our partners, for the specific purpose of delivering agreed services.

Data is also transferred, where necessary, to the external processors mentioned above.

In exceptional circumstances, we may share information with a third party if legally required (to comply with a legal requirement or a court order etc.), to enforce our agreements or to protect Idealogy employees/customers.

How is this data secured?

We store the information on our servers which are protected by a firewall and endpoint protection software.

Each of our external processors have security measures in place which are detailed in their privacy policies above.

While we will put measures in place to secure your data, we cannot guarantee that data during transmission through the internet and while stored on our systems is absolutely safe.

How long do we retain your data?

Service related information

We retain business information for as long as the business is an active client of Idealogy and the individual remains in their employ. We keep data for a period after either the business no longer works with us or the contact leaves that business, as necessary. This data is kept for legitimate business interests such as resolving disputes, complying to legal obligations, assist with investigations and supporting business operations. This is reviewed on a regular basis to clear data which is no longer needed.

Marketing information

If you have consented to receive marketing emails, we retain this information until you unsubscribe. Though we may review activity and clear information if there has been no activity for a significant amount of time e.g. email opens.

We store data on a legitimate interest basis for a limited time to establish if there is interest in our services.

How to control your data

Right of access and rectification: You have the right to request a copy of the information we hold. Should any of this data be incorrect or incomplete, despite our efforts to ensure up-to-date and accurate information, we will correct it on request.

Right to object, to be forgotten, to restrict: You have the right to:

  • Request deletion of certain information
  • Restrict the information we collect/store and purposes for which we use your information
  • Withdrawn previously given consent

Right of portability: To the best of our ability and depending on the context, at your request we will provide an electronic file with your personal information to be ported elsewhere

Exceptions: These rights a limited in some situations, where there is a legal requirement, predominant interest or compelling legitimate grounds to process your personal information and where we require the information to comply with contractual obligations.

For all of the above, we make an exception where the burden or expense of providing access, rectification or deletion would be disproportionate to the risks of the privacy of the individual or where the rights of another person would be violated.

Contact information

If you have any questions or concerns about how your personal data is handled, please contact: gdpr@idealogyltd.com or call the office on +44 (0)23 80 211 642

Modification of privacy policy

We may revise this policy from time to time as appropriate, the latest version will be available at www.idealogyltd.com/privacy-policy. For significant changes we will send an email notification.