PRIVACY POLICY
WHAT DOES THIS PRIVACY POLICY COVER?
This policy sets out how we handle personal data if you visit our website or we’re engaging with you for work or potential work as of the 25th May 2018.
This policy details:
What information we collect and why/what we use it for
Where that information is stored
Who has access to that data
How is this data secured?
How long we retain that data
How to control your data
Contact details
Updates to this policy
As part of the day-to-day running of the business we also collect generic business information e.g. VAT numbers, addresses, generic emails etc. which is not detailed in this policy.
WHAT INFORMATION DO WE COLLECT AND HOW DO WE USE IT?
SERVICE-RELATED INFORMATION
We collect information when you engage us for work or prospective work, for example via phone, email, in-person or through our website.
We have a legitimate interest in storing the information referenced below, in order to work with you. By continuing to work with Idealogy you agree to have this data stored where required.
We may collect some or all of the following personal data types:
| Data Types | Purpose(s) | Source(s) |
|---|---|---|
| Name | To contact relevant persons regarding current, past and potential projects/work. Managing our relationship with the business and key contacts. Providing general administrative functions e.g. referencing the relevant contact on estimates and invoices. For records such as meeting notes. |
We receive names through email, phone, website entries, from other contacts, in-person meetings and publicly available sources such as LinkedIn. |
| To contact relevant persons regarding current, past and potential projects/work. Managing our relationship with the business and key contacts. Providing general administrative functions. To send work completed. To communicate key company information e.g. privacy policy, office hours. |
We receive emails through email messages, website entries, from other contacts, in-person meetings, business cards and publicly available sources. | |
| Job role | Managing our relationship with the business and key contacts. Providing general administrative functions. |
Email signatures, business cards, publicly available sources such as LinkedIn. |
| Mobile number | If provided, as a way of contacting relevant persons regarding current, past and potential projects/work. | Supplied as a method to make contact, business cards, email signatures. |
| Direct number/ Extension | If provided, as a way of contacting relevant persons regarding current, past and potential projects/work. | Supplied as a method to make contact, business cards, email signatures. |
| Home phone | If provided, as a way of contacting relevant persons regarding current, past and potential projects/work. | Supplied as a method to make contact. |
| Social media profiles | Managing our relationship with the business and key contacts. | Publicly available sources such as LinkedIn. |
| Email content, messages, documents | For day-to-day business use, keeping track of projects, agreements, key information regarding future, past and ongoing work etc. | Supplied by email or otherwise shared with us. |
| Other | We may receive other personal data which is relevant to a project or particular requirement which we will utilise to fulfil this work/requirement. | Supplied by email or otherwise shared with us. |
MARKETING-RELATED INFORMATION
With your permission and/or in instances of legitimate interest, we may use your data for marketing purposes including contacting you by email, telephone or post etc.
| Data | Purpose | Source |
|---|---|---|
| Name | To contact relevant persons regarding potential projects/work. | We receive names through email, phone, website entries, from other contacts, in-person meetings and publicly available sources such as LinkedIn. |
| To send information and promotional content which we feel is relevant/useful to our audience To keep note of preference not to be subscribed |
Sign up to our newsletter. | |
| Job role | To help us send content which is relevant to the recipient | Email signatures, business cards, publicly available sources such as LinkedIn. |
| Mobile number | To contact relevant persons regarding potential projects/work. | Supplied as a method to make contact, business cards, email signatures. |
| Direct number/ Extension | To contact relevant persons regarding potential projects/work. | Supplied as a method to make contact, business cards, email signatures. |
| Social media profiles | Managing our relationship with the business and key contacts. | Publicly available sources such as LinkedIn. |
| Email behaviour (e.g., opens and clicks) | To improve our communications by reviewing behaviour (clicks and opens) and performance of campaigns and using this to develop content ongoing | Squarespace. |
| Web analytics data (e.g., behaviour, IP address, web browser type and version, operating system) | To review the performance of our website and improve the experience for users. | Google Analytics, Squarespace, Cookies. |
| Other | We may store other preferences or interests etc. to help us send relevant content | Form submissions. |
OTHER
Other examples of data include items such as personal information for job applications e.g. CV, cover letter.
WHERE IS YOUR INFORMATION STORED?
We use third party data processors, who may sometimes have the data stored out of the European Economic Area (“the EEA”), please see individual service privacy policy details for more information. We also store data on our premises in the UK.
We have outlined these third-party processors below, the purpose for storing data with them and their privacy policies below.
EXTERNAL PROCESSORS
| Who | Purpose | Privacy policy and relevant links |
|---|---|---|
| Synergist | Project management and CRM | https://www.synergist.co.uk/privacy-policy |
| Squarespace | Email marketing and website analytics | https://www.squarespace.com/privacy/ |
| Microsoft 365 | Email service and conferencing | https://privacy.microsoft.com/en-gb/privacystatement https://www.microsoft.com/en-gb/trust-center/privacy |
| Gamma/Horizon | Phone technology | https://www.gamma.co.uk/privacy-policy/ |
| WeTransfer | File transfer | https://idealogyltd.wetransfer.com/legal/privacy |
| Google Analytics | Website analytics | https://policies.google.com/privacy?hl=en |
| Google Workplace | File storage | https://cloud.google.com/security/privacy |
WHO HAS ACCESS TO YOUR DATA AND DO WE SHARE IT?
Our data is accessed by Idealogy employees.
Where relevant we may disclose personal information to third parties, subcontractors and our partners, for the specific purpose of delivering agreed services.
Data is also transferred, where necessary, to the external processors mentioned above.
In exceptional circumstances, we may share information with a third party if legally required (to comply with a legal requirement or a court order etc.), to enforce our agreements or to protect Idealogy employees/customers.
HOW IS THIS DATA SECURED?
Each of our external processors have security measures in place which are detailed in their privacy policies above.
We also store information on our servers which are protected by endpoint protection software.
While we will put measures in place to secure your data, we cannot guarantee that data during transmission through the internet and while stored on our systems is absolutely safe.
HOW LONG DO WE RETAIN YOUR DATA?
SERVICE-RELATED INFORMATION
We retain business information for as long as the business is an active client of Idealogy and the individual remains in their employ. We keep data for a period after either the business no longer works with us or the contact leaves that business, as necessary. This data is kept for legitimate business interests such as resolving disputes, complying to legal obligations, assist with investigations and supporting business operations. This is reviewed on a regular basis to clear data which is no longer needed.
MARKETING INFORMATION
If you have consented to receive marketing emails, we retain this information until you unsubscribe. Though we may review activity and clear information if there has been no activity for a significant amount of time e.g. email opens.
We store data on a legitimate interest basis for a limited time to establish if there is interest in our services.
HOW TO CONTROL YOUR DATA
Right of access and rectification: You have the right to request a copy of the information we hold. Should any of this data be incorrect or incomplete, despite our efforts to ensure up-to-date and accurate information, we will correct it on request.
Right to object, to be forgotten, to restrict: You have the right to:
Request deletion of certain information
Restrict the information we collect/store and purposes for which we use your information
Withdrawn previously given consent
Right of portability: To the best of our ability and depending on the context, at your request we will provide an electronic file with your personal information to be ported elsewhere
Exceptions: These rights a limited in some situations, where there is a legal requirement, predominant interest or compelling legitimate grounds to process your personal information and where we require the information to comply with contractual obligations.
For all of the above, we make an exception where the burden or expense of providing access, rectification or deletion would be disproportionate to the risks of the privacy of the individual or where the rights of another person would be violated.
CONTACT INFORMATION
If you have any questions or concerns about how your personal data is handled, please contact: gdpr@idealogyltd.com or call the office on +44 (0)23 80 211 642
MODIFICATION OF PRIVACY POLICY
We may revise this policy from time to time as appropriate, the latest version will be available at www.idealogyltd.com/privacy-policy. For significant changes we will send an email notification.