Privacy Policy
Compass IT Consulting Limited respects your privacy and is committed to protecting your personal data. This policy informs you how we use your data.
1. Contact details
2. The data we process
3. How we collect personal data
4. How we use personal data
5. How we use third parties
6. How we secure and retain data
7. Your legal rights
1. Contact details
This privacy notice aims to give you information on how Compass IT Consulting Limited collects and processes your personal data.
Key Contacts
Our Data Protection Officer (DPO) is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the DPO using the details set out below.
Email: enquiries@compassitconsulting.co.uk
Post: Data Protection Officer, Compass IT Consulting Limited, 29 Abbey Road, Chertsey, Surrey KT16 8AL
Phone: +44 (0) 1932 562 276
2. The data we process
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We may collect, use, store and transfer personal data about you, categorised as:
• Identity Data includes first name, last name, title, company name, and job title• Contact Data includes email address and telephone numbers• Technical Data includes internet protocol (IP) address, browser type and version, time zone setting and location on the devices you use to access this website• Financial Data includes data relating to charges, payment and fees• Marketing and Communications Data includes your preferences in receiving marketing from us and your communication preferences
We do not collect other Personal Data about you. This includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data, or information about criminal convictions and offences.
3. How we collect personal data
We may collect personal data via direct interactions where you may give us your identity and contact details by corresponding with us by post, phone, email or otherwise. As you interact with our website, we may automatically collect Technical Data.
4. How we use personal data
We will only use your personal data when the law allows us to. We will use your personal data where we need to perform the contract we are about to enter into or have entered into with you. We may use your personal data where we need to comply with a legal or regulatory obligation.
Activity:
New client registration:
Type of data:
IdentityContact
Why:
To undertake our contract work with you
Activity:
To manage our relationship with you
Type of data:
IdentityContactMarketing & Communication
Why:
Performance managementAny legal obligation
Activity:
Running our business and website
Type of data:
IdentityContactTechnicalMarketing & Communication
Why:
For legitimate reasons to run our company and services to our clients
Activity:
Improve our website and services
Type of data:
Technical
Why:
For legitimate reasons to improve our company and services to our clients
5. How we use third parties
We use third party system providers to enable us to deliver our services effectively and store our information (including personal data) securely.
6. How we secure and retain data
We use cyber security controls, encryption and an Information Security Management System (ISMS) to secure the data we control. We use Multi-Factor Authentication, Encryption of data in transit and at rest, controlled access, screening and process and procedures to operate and secure our systems.
We retain data for as long as is necessary to provide our services. By law we have to keep basic information about our clients (including Contact, Identity, Financial and Transaction Data) for six years after they cease being clients for tax purposes.
7. Your legal rights
You have rights under data protection laws in relation to your personal data to:
• request access to receive a copy of the personal data we hold against you to check we are processing it lawfully (data subject access request)• request rectification to correct an inaccurate information we hold about you• request erasure of your personal data, for us to delete or stop processing your personal data• object to us processing your data• request transfer of your data to another service provider• lodge a complaint to the Information Commissioner's Office
