PRIVACY NOTICE - CLIENTS
The Privacy Worx Ltd (including associated undertakings and licensees) is committed to protecting and respecting your privacy.
This notification sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our practices regarding your personal data and how we will treat it.
For the purpose of data protection legislation, including the UK Data Protection Act 2018, the UK General Data Protection Regulation (GDPR), the UK Privacy and Electronic Communications Regulations 2003 (PECR), and other applicable legislation, The Privacy Worx Ltd, including all subsidiaries, is a
controller and our contact details are:
71-75 Shelton Street
Information we collect
Personal information is any information that can be used to identify a living individual. When contracting with us for our services, we collect your name and contact details, job title, bank details (only if Sole Traders or Partnerships).
Source of Information
We may receive and process information about you from:
yourself (data you provide)
ourselves (data we generate)
Our lawful basis for processing this data is:
our contract with you for the provision of Data Protection & Privacy compliance or other related services;
our legal obligations (including our obligations under the Finances Act 2008)
The consequences for you if we are unable to process this data would be:
we would not be able to continue to provide the contracted services or would not be able to provide the same quality of service.
Any data related to payments between us will be retained for 7 years to conform with our legal obligations regarding record keeping under the Finance Act 2008.
Other data may be kept for up to 7 years from termination of the contract in case there are queries, unless you request that we delete the data beforehand.
To the extent that is necessary to meet our legal obligations and manage and satisfy our contract with you, your data may be shared with:
our software and IT Solutions Partners
bankers (sole traders, partnerships)
other professional advisors or suppliers (at your request)
Uses made of the information
We use information hold about you in the following ways:
to communicate with you
to provide the contracted services
Disclosure of your information
Where we may occasionally be required to disclose certain information to additional third parties. We will disclose data only when and to the extent that we have a legal obligation to do so.
Such third parties may include:
law enforcement (by warrant or subpoena)
courts, tribunals or other judicial bodies
Transfer outside the UK
We may transfer your data to cloud or software service providers who may store or process your data outside the UK.
Where we do this, we will only transfer personal data using lawful transfer mechanisms and if there are adequate protections in place to ensure that your rights and freedoms are protected, and UK data protection legislation is not undermined.
At the conclusion of all relevant retention periods, physical documents containing your personal data will be shredded, and all personal data held electronically will be deleted or anonymised and or turned into statistical or analytical data.
Data protection legislation states that you have the following qualified rights regarding your personal data:
Access – you may request we provide you with the data we hold
Rectification – you may request we correct any inaccurate data
Erasure – you may request we erase your data
Restriction – you may request we stop processing your data but retain it
Portability – you may request we provide you or a nominated party with your data in a commonly used, structured and machine-readable format
You can exercise your rights in relation to the personal data processed by us at any time by using the postal address above or by contacting us at firstname.lastname@example.org
If you wish to object to the processing or make a complaint about how we have handled your personal data, please email email@example.com and we will investigate the matter.
If you are not satisfied with our response or believe we are not processing your data in accordance with the law, you can contact a National Data Protection Authority which, in the UK is the Information Commissioner’s Office.
Reviewing of this Privacy Notice