Privacy Notice

We want to make sure you are confident in the collection and processing of the data we collect when we are working with you to prepare bids, contracts, tender and funding proposals, award submissions or other business documentation, and if we are working with you via our 1 – 1  business coaching.  We also want you to be confident if you are just enquiring about our services.

GDPR is a legal requirement but we want to make sure you know exactly what we are doing, why we keep it, where we keep it, and for how long.

We only collect the data we need to be able to provide you with the service you have asked us for.

 

Data Area Details GDPR lawful basis for processing
Client Details If you do business with us, contact us, are referred to us, then we keep your contact details so that we can communicate with you about potential/actual provision of our services. We do not give, sell, or exchange these details with third-party companies for marketing purposes.

This information is kept in our internal email and phone contact databases, call logging, and CRM systems.

legitimate interest.
Processing Your Data So that we can deliver the contract, we will often need to use the data for which you are the GDPR data processor, for example, beneficiary case studies, beneficiary data, employee details etc.

We will take the safety of this information very seriously, doing our utmost to keep it safe and only keep it for as long as we need it. Often, we reuse this information for later bids/contracts/funding opportunities, so after 12 months from submission we will strip out any personal data, keeping only the anonymous data for future reference.  If you are unsure about this, please ask us.

contract.
If we need to pass such data onto a sub-processor, such as an Award Competition organiser or Funder, we only do so with your explicit consent as part of the contract delivery. consent.
Finance & Accounting If you are a client then your contact details, bid information and hours records are stored in our OneDrive Cloud based system. We use this information to issue quotes, invoices, and track financial performance. We are likely to store this data for at least six years.

This information will also be visible to our accountants Accountancy & Business Support, http://www.ouraccounts.info/

For further details, please see the Accountancy & Business Support’s privacy policy.

legitimate interest.
Marketing Communication At present we do not send out an email newsletter.  We may send you emails time to time with information regarding networking events that you have been to previously, or funds that have become available, which, based on our past experience of working together we think you will find interesting.  If you do not want to receive these, please do let us know and we will delete your details from our email records.

In the future we may develop an email newsletter list. You will be able to opt out of this at any time.

legitimate interest.
Website data Each time you visit our website, Godaddy (our hosting provider) logs your IP address, device type, where you’ve linked from, pages visited, and access date/time. We use this information to enhance our website’s performance, making sure it’s safe and get an understanding of how our site is used.

Whilst IP address is regarded as personal data from a GDPR perspective, and can be linked to your general geographic location, it is actually stored in a pseudonymous form, and we do not aim to personally identify you from it.

We believe that Godaddy comply with the provisions of the GDPR.

For more details, please see the Godaddy privacy policy.

legitimate interest.
Cookies

These are small data files which are saved on your device when you visit our websites. They are used to remember your preferences between visits, implement ‘shopping cart’ functionality etc.  They help us track website performance, usage, and the effectiveness of our marketing campaigns. The vast majority of websites nowadays use ‘cookies’ for these purposes. The first time you visit one of our websites,  we warn you of this and seek your explicit consent.

If you don’t like this then you can use your browser in ‘private mode’ to temporarily prevent them being stored, or change your browser settings to permanently disable them. To find out how to do this, please see the user guide for your specific browser. Be aware, however, that if you disable ‘cookies’, our websites might not function as intended.

consent.
Beacons

These are file requests that are embedded within our emails and websites that are used in conjunction with ‘cookies’ to track website usage and the effectiveness of our marketing campaigns. This is a very common industry practice.

If you don’t like the idea of beacons, then you can disable those within emails by instructing your email program to not load externally hosted images, or to not display emails sent in HTML format.

legitimate interest.
Third-Party Analytics

When someone visits our website we use a third-party service, Google Analytics, to collect aggregated visitor information and behaviour patterns. We do this so we can broadly see the types of people that visit our websites, the technology they use to access them, how they find us, and what they do once they are there. We use this information in order to make the websites more useful, relevant, easier to find, and simpler to use. This is a very common industry practice across a huge number of the websites that you are likely to already visit. The tracking information is only processed in a way which does not personally identify anyone.

For further details, please see the Google Analytics privacy policy.

Data Retention For accounting, audit, and liability management purposes we are likely to retain data for up to five years in relation to our work with you. We will have stripped all relevant personal data and kept the basic content for such archived monitoring purposes. legitimate interest.

 

Client Testimonials

We publish testimonials on our website and also via social media (Twitter, LinkedIn).  We only do this if you have given us your consent to do so.  If, prior to GDPR implementation, you have given us a testimonial and you would like it to be removed, please let us know.

 

Data Security

We take the security of your data extremely seriously. We use good working practices, security policies, passwords, encryption, and physical security to prevent unauthorised access.

We aim to keep your data only for the minimum reasonable time period necessary.

Any IT equipment that we dispose of (laptops, mobile phones etc) is securely wiped or destroyed to make sure that data recovery is not possible.  In the unlikely event that we do suffer a breach affecting your data, we will inform you as soon as we are aware of it.

 

Your Rights

You have certain GDPR rights to access, restrict, amend, or delete any personal data that we, or our third-party data processors, hold about you.

Likewise, if we are processing data on your behalf, we will support such requests from your own data subjects.

If you’d like to do either of these, please let us know.

 

Privacy Notice Updates

This notice will be updated as is necessary to make it easier to understand and/or in line with best practice/legislative changes.

University of Derby
Small Business Saturday
Federation of Small Businesses
East Midlands Chamber Member
Marketing Derby
Chartered Institute of Personnel and Development

Website designed by OJStanley.