Privacy Policy - Website
 

Privacy Policy - Website

Purpose
This document describes the Privacy Policy operated by GCP COMPASS with respect to any information provided by or collected from users of its website. GCP COMPASS is committed to protecting and respecting your privacy.

Scope
This policy is applicable to anyone who accesses any pages on GCP COMPASS’s website either directly or indirectly on any electronic device. It sets out the basis on which personal data you provide or we collect from you via our website will be processed and stored by us.

Policy
The Data Controller for all personal data collected via GCP COMPASS’s website is GCP COMPASS. GCP COMPASS is located at the 28 Champlain Street, Reading RG2 6 AF, Berkshire United Kingdom. If you have any questions about this privacy policy or about your legal rights, please contact us using the details set out below .

What we collect
We collect, use, store and transfer different types of both personal and non-personal information through our website.

Personal data, or personal information means any information about an individual from which that person can be identified. It does not include data from which you cannot identify a person.

We collect the following categories of personal data about you:

  • Identity Data – your name
  • Contact Data – your email address and telephone numbers.
  • Technical Data – your internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
  • Usage Data – information about how you use our website, Rough location, Browser User, Pages Visited, Time On Page, Referral Site, Search terms,adverts clicked.
  • Marketing and Communications Data – your preferences in receiving marketing from us and our third parties and your communication preferences.

 

We also collect, use and share non-personal information such as statistical data for any purpose. This nonpersonal information may be derived from your personal data but is not considered personal data by the law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature.

If we combine any non-personal information with your personal data so that you can be identified from it, we will treat the combined data as personal data which will be used and protected in accordance with this privacy policy.

We do not collect any Special Categories of Personal Data about you (such as details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). We do not collect any information about criminal convictions and offences.

How we collect data
We collect data in different ways through our website. You may provide us the data directly when you complete our “Contact Us” forms. Additionally, through the use of cookies, server logs and similar technologies, we may automatically collect Technical Data about your equipment, browsing activity and patterns. Please see our Cookie policy (link to be provided) for more information.

Purposes and Lawful Bases
We will use your personal data only where we have a lawful basis for doing so. We process your personal data for a number of purposes. The lawful basis for processing your personal data will depend on the purpose for which it was obtained. We process your Identity Data, Contact Data, and Marketing and Communications Data to respond to your enquires submitted via the GCP COMPASS website. We do this with your consent as you have provided that personal data voluntarily and to enable us to get in contact with you.

We will only process your personal data for the purpose(s) for which we collected it. If we do need to use your personal data for a new purpose, we will notify you of this and explain the lawful basis we will be relying on.

Please be aware that we may process your personal data without your knowledge or consent where this is required or permitted by law.

Sharing
We do not share your personal data collected via our website with any third party.

Where we store your personal data
The information that you provide or we collect from you via our website may be transferred to, and stored at, a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us. By using our website, you agree to this transfer, storing and processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy, including by ensuring that there are appropriate contractual terms in place to protect your data when it has been transferred outside the EEA.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted via our website; any transmission is at your own risk. We will use strict procedures and security features to try to prevent unauthorised access to any information we store about you.

Access to information
If you want to access the information, we hold about you, please fill out our contact form or write to us at the above address.

Data security
Whilst we store and use your personal data, we will ensure the appropriate security of your personal data including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach as is required by the law .

Retention of your data
We will not keep your personal data longer than is necessary for the purpose for which we use it.

We will retain your personal data for until we no longer have a relationship with you and will delete or destroy it when it is no longer required.

In some circumstances we may anonymise your personal data (so that it can no longer identify you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

Your other privacy rights
By law you have certain additional privacy rights. These are to:

  • be informed of how we are processing your personal data – this privacy policy serves to explain this you but please do get in touch if you have any questions;
  • have your personal data corrected if it is inaccurate or incomplete;
  • have your data erased (the right to be forgotten) in certain circumstances – e.g. where it is no longer needed by us the purpose for which it was collected or you have withdrawn your consent. Please note however, that in certain circumstances, we may not be able to comply with your request of erasure for legal reasons. If this is the case, we will notify you at the time you request erasure;
  • restrict the use of your data in certain circumstances e.g. where you have told us the data is inaccurate and we are in the process of checking this. In such circumstances we will continue to store your data but will not process it further until we have checked and confirmed whether the data is inaccurate;
  • object to the processing of your data in certain circumstances - e.g. you may object to processing of your data for direct marketing purposes;
  • object to decisions being taken by automated means;
  • request the transfer of your personal data to a third party. Please note this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you;
  • to withdraw your consent at any time to processing where we are relying on consent as the lawful basis - e.g. to receiving marketing communications. Please note if you withdraw your consent, we may not be able to provide certain products and services to you. We will let you know if this is the case at the time you withdraw your consent.

 

If you have any concerns about the way we are collecting or using your personal data, please contact us in the first instance. You also have the right to lodge a complaint with the UK’s supervisory authority for data protection matters - the Information Commissioner’s Office at https://ico.org.uk/concerns/

Changes to your personal data
It is important that the personal data we hold about you is accurate and current. Please let us know if your personal data changes and we need to update our records.

Date: 20 May 2020.