From the 25th May 2018, the General Data Protection Regulations (GDPRs) imposes legal obligations upon EU businesses who collect and process personal data, which is any information relating to an identifiable person. The policy sets out what data we collect, why we need it, how we protect it and your rights.
From time to time we may change this policy by updating this page. You should regularly check this page to ensure that you are happy with any changes.
What we collect
We may collect the following information:
- Your name
- Your postal address
- Your email address
- Your telephone number
What we do with the information we gather
For general enquiries:
• To be able to respond to your enquiry
- To administer your contract with us, including service delivery and invoicing
- To contact your directly to inform you of important services relating to their website and other services we provide
For website comments:
- To show your name alongside the comment on our blog comments system
who is responsible for this data?
The Data Controller is responsible for the way in which personal data is processed. For all enquiries to the Data Controller, please use the following details:
Data Controller: Michelle Rose-Innes
Address: Office 5, Rombourne Business Centre, Moy Road Industrial Estate, Moy Road, Taffs Well, Cardiff, CF15 7QR
Telephone: 02920 098713
how we protect your data and keep it secure
We are committed to doing all that we can to keep your data secure. We have set up systems and processes to prevent unauthorised access or disclosure of your data. See our security policy tab for more information.
You have the right to request:
- information about how your personal data is processed
- a copy of that personal data
- that anything inaccurate in your personal data is corrected immediately
You can also:
- raise an objection about how your personal data is processed
- request that your personal data is erased if there is no longer a justification for it
- ask that the processing of your personal data is restricted in certain circumstances
If you have any of these requests, get in contact with our Data Protection Officer above, clearly stating what your request is for.
sharing your information
We will not share your information with any third parties for the purposes of direct marketing, nor for any reason unrelated to fulfil the nature of the enquiry or contractual service we provide. If we need to share your data with third parties in order to deal with your enquiry or service we provide, we will contact you for consent.
We will have contracts in place with any data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.
In some circumstances we are legally obliged to share information. For example under a court order or where we cooperate with other European supervisory authorities in handling complaints or investigations. We might also share information with other regulatory bodies in order to further their, or our, objectives. In any scenario, we’ll satisfy ourselves that we have a lawful basis on which to share the information and document our decision making and satisfy ourselves we have a legal basis on which to share the information.
how long we keep your data
We will only retain your personal data for as long as:
- it is needed for the purposes set out in this document
- the law requires us to
In general, this means that we will only hold your personal data for a minimum of 1 year and a maximum of 7 years.
links to other websites
This site contains links to other websites.
contact us or make a complaint
You can contact us via the contact form on the home page or the details above
You can make a complaint using our complaints process tab