Please note that we are required by law to provide this privacy notice and it is, necessarily, a legal text. It is important that you read this notice which is about your personal data, how we collect it, how we process it and your rights in respect of that data. If you need clarity on how this applies to you, please contact firstname.lastname@example.org.
Your privacy is important to us
At Propella we acknowledge that when you visit our website and provide us with Personal information, you trust that we will act responsibly and keep your information secure and confidential.
This privacy notice outlines how we will collect, store and use or process your personal data including through your use of our website.
This statement is about the rights of individuals. While we are also committed to protecting information about companies and other businesses we service, this policy isn't about them.
We may also get Personal Information about individuals when acting for businesses eg when we are given information about employees when acting for businesses.
Understanding the Jargon
To help you understand this Privacy Notice, please read the following words and phrases as they have meanings in the Data Protection Laws and are used throughout this Privacy Notice:
Personal data / information - means any information from which a living individual can be identified. This will include information such as telephone numbers, names, addresses, e-mail addresses, photographs, voice recordings. It will also include expressions of opinion about data subjects (and their own expressions of opinion/intentions).
Processing – covers virtually anything anyone can do with personal data, including: obtaining, recording, retrieving, reviewing, consulting, storing or holding it; organising, adapting or altering it; disclosing, disseminating or otherwise making it available; as well as aligning, blocking, erasing or destroying it.
Data Protection Laws in the UK, the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679, and the Data Protection Act 2018 Data Subject the living person to which the Personal Data relates
Our privacy commitments:
We are accountable for the information you give us.
We will tell you why we need information
We will use your personal information only for the purposes in this Notice, or as the law requires.
We do not sell your information.
We keep your information safe. We take security seriously.
We may also need to share your data with the courts or the government, if the law requires.
If you want to know what personal data we have about you, please ask us. See the contact section below.
If you ask us for marketing material or attend an event or click for any of our materials or news, we will keep your contact information in a database so that we can contact you in the future. If you don't want this, please tell us and we will remove your name.
Whenever you provide personal information to us, we are legally obliged to use it in accordance with Data Protection Laws.
What information will we collect about you?
Personal data, or personal information, means any information about an individual from which that individual can be identified. It does not include data where the identity has been removed (anonymous data) or information about corporate entities.
We may collect, store, and use the following categories of personal information about you:
Identity and contact details such as your name, title, billing address, delivery address, email address and telephone number.
If you are submitting an enquiry, we may request data that helps us tailor a response to you regarding our services, for example your age, interests or location.
Usage and technical data about how you use our website including data about your browsing actions and patterns.
Marketing and communications data.
Date of birth and other identity documentation that we need to collect to comply with legal and regulatory requirements
We collect this information when you enter our site or when you submit a request form. Without your permission, we will not disclose information about your visits to our website or any other personal information that you may give us to any third parties.
We do not collect any special categories of personal data about you (for example, details about your race or ethnicity, religious or philosophical beliefs, political opinions or information about your health).
How will we collect your personal information?
We use different methods to collect data from and about you including through:
Direct interactions. You may give us your personal information when corresponding with us by post, phone, text, messaging, email, attending events or otherwise.
Automated technologies or interactions. As you interact with our website, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also use analytics services providers such as Google.
Our purposes for using your personal data
We collect your information so that we can:
Deliver Services - Provide services and products, including software as agreed with you , answer your queries and provide you with information or materials you have asked to receive;
Comply with our Legal and Regulatory obligations - such as establishing your identity where necessary in order to comply with anti-money laundering regulations and our other legal and regulatory obligations which may require you to provide name, address, employment/business information, and/or other legally mandated forms of identification;
Carry out administration - invoice for our work and maintain internal records, which will include the collection of names, addresses, banking and/or financial details; to maintain and develop our relationship with you, to analyse and help us manage our business, to maintain and update our records.
Carry out Business Development and Marketing - to carry out market research; market our own products and services to you, including as may be permitted by the applicable law, by email or other means and to keep your information and preferences accurate. We may also use and analyse the Personal Data provided to us to track and manage your consent preferences, event reservations and any unsubscribe requests. From time to time, we may wish to send you updates; newsletters; press releases; information about our events and other communications that we think will be of interest to you and/or your business.
You can review and update your contact details and preferences or unsubscribe from our e-marketing communications at any time via the links in our e-marketing messages or by e-mailing us at email@example.com.
If you have consented to receive marketing materials from us, you can opt out at any time and you can also manage your preferences by sending a message to us at firstname.lastname@example.org
How is processing your data lawful?
We can process your Personal Data for the following reasons and on the following legal basis:
Where you have given consent - for example, where you have subscribed to a mailing list for us to send you legal alerts, information regarding updates/events or other information which may be of interest to you.
Where it is necessary for the performance of the contract for services.products or otherwise you have agreed to enter with Propella. You also agree by retaining us that we may process your Personal Data for the purposes of performing our services appropriately and billing our services.
Where we are subject to legal obligations to process your data for the purposes of compliance with applicable laws; for example, we are required to identify individuals in accordance with the anti-money laundering regulations in many countries and are required to gather and maintain records in compliance with health and safety legislation. We also have obligations pursuant to financial and tax legislation and reporting obligations in respect of tax administration.
Processing your Personal Data is also legal if it is based on our 'legitimate interests'. To process on this basis, we have considered the impact on your interests and rights, and have placed appropriate safeguards to ensure that the intrusion on your privacy is reduced as much as possible.
The following are examples of the purposes for which we will process your Personal Data on this basis:
Client administration - to enable us to maintain internal records
To ensure regulatory compliance - for example that conflict checks are carried out before we start work and to erect information barriers to restrict access to certain information
To enable us to maintain specific standards of quality in the professional services we provide and to obtain and maintain quality accreditations
To permit us to pursue available remedies or limit any damages that we may sustain
To permit us to manage and respond to any complaints
To liaise with representatives of clients of corporates and other business clients
To market our services
Please note that you have the right to object to the processing of your data for any of the legitimate interests identified.
Please contact us if you need details about the specific legal ground we are relying on to process your personal data.
Where we need to collect your personal data for the purposes set out above, if you fail to provide that data we may not be able to provide our services to you (for example, responding to a request or query that you submit to us).
International Data Transfers
Some of our external third parties, such as our website provider, may be based outside the UK/European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the UK/EEA.
Whenever we transfer your personal data out of the UK/ EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Links to third party sites
How will we share and disclose your personal information?
We may share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you or where we have another lawful basis for doing so.
We may need to share your personal information with the following parties for the relevant purposes set out above:
Our service providers supplying IT, e-commerce and system administration services and other technical IT services including data analytics.
Our professional advisors who provide consultancy, legal and accounting services.
We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. Where the third parties we use are data controllers in their own right (for example, the payment processors we use) then they will be required to comply with data protection laws.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way,altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality. Details of these measures may be obtained from us using the details in the “Contacting us” section below.
We have also put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
How long will we keep your personal information?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we must keep basic information about our customers for six years after they cease being customers for tax and other legal purposes. We may retain your contact details for these purposes.
In some circumstances you can ask us to delete your data: see section below for further information.
Please note that we may also anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Your data protection rights
Under certain circumstances, you have rights under data protection laws in relation to your personal information. This may include the following rights:
Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
Object to processing of your personal information. This right applies where we are relying on our legitimate interests (or those of a third party) and there is something about your situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
Right to withdraw consent. In any circumstances where we have relied on your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law. This will not affect the lawfulness of any processing carried out before you withdrew your consent.
If you wish to exercise any of the rights set out above, please contact email@example.com.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.
Data Protection Authority
You have the right to make a complaint at any time to the UK supervisory authority for data protection issues. This is the Information Commissioner's Office (ICO) whose details can be accessed via the ICO website at https://ico.org.uk/global/contact-us/
We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please do get in touch using the details in our “Contacting us” section below.
Changes to this privacy notice
We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information. If you have any questions about this privacy notice, please let us know using by using 'Contacting Us' information below.
Condor Communications, WR6 5QW