Website Privacy Policy
Introduction
This policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the users, the website and website owners. Furthermore, the way this website processes, stores and protects user data and information will also be detailed within this policy.
The website
This website and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies with all UK national laws and requirements for user privacy.
Use of cookies
Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
What do we use cookies for?
We may use cookies to remember personal settings you have chosen at our website. In no other context do we use cookies to collect information that identifies you personally. Most of the cookies we set are automatically deleted from your computer when you leave our website or shortly afterwards.
We use anonymous session cookies (short-term cookies that disappear when you close your browser) to help you navigate the website and make the most of the features. If you log into the website, application or a course as a registered user, your session cookie will also contain your user ID so that we can check which services you are allowed to access.
This website uses tracking software to monitor its visitors to better understand how they use it. This software is provided by 1and1 Limited which uses cookies to track visitor usage. The software will save a cookie to your computer’s hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information.
Should users wish to deny the use and saving of cookies from this website onto their computer’s hard drive, they should take necessary steps within their web browser’s security settings to block all cookies from this website and its external serving vendors.
Personal information
Whilst using our website, software applications or services, you may be required to provide personal information (name, address, email details, etc.). We will use this information to administer our website, applications, client databases and marketing material. We will ensure that all personal information supplied is held securely in accordance with GDPR. Further, by providing telephone, and email details, you consent to Commercial Strategy and Business Support Limited contacting you using that method. You have the right at any time to request a copy of the personal information we hold on you. Should you wish to receive a copy of this, or would like to be removed from our database, please contact us at info@commercialstrategy4.co.uk.
Information collection and use
How do we collect information?
Commercial Strategy and Business Support Limited collects information in two possible ways:
When you directly give it to us (“Directly Provided Data”)
When you sign up for our site, purchase our products or communicate with us, you may choose to voluntarily give us certain information – for example, by filling in text boxes or completing registration forms. All this information requires a direct action by you at that time in order for us to receive it.
When you give us permission to obtain from other accounts (“User Authorised Data”)
Depending on your settings or the privacy policies for other online services, you may give us permission to obtain information from your account with those other services. For example, this can be via social media or by choosing to send us your location data when accessing our website from your smartphone.
How long do we keep your data for?
Commercial Strategy and Business Support Limited will not retain your personal information longer than necessary. We will hold onto the information you provide either while your account is in existence, or as needed to be able to provide the Services to you, or (in the case of any contact you may have with our team) for as long as is necessary to provide support-related services.
If legally required or if it is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our Terms and Conditions, we may also retain some of your information for a limited period of time as required, even after you have closed your account or it is no longer needed to provide the Services to you.
Registration forms
Commercial Strategy and Business Support Limited will not sell or rent your personally identifiable information, gathered as a result of filling out the site registration form or through other means of collection, to anyone.
Choosing how we use your data
We understand that you trust us with your personal information and we are committed to ensuring you can manage the privacy and security of your personal information yourself.
With respect to the information relating to you that ends up in our possession, and recognising that it is your choice to provide us with your personally identifiable information, we commit to giving you the ability to do all of the following:
You can verify the details you have submitted to Commercial Strategy and Business Support Limited by contacting info@commercialstrategy4.co.uk. Our security procedures mean that we may request proof of identity before we reveal information, including your e-mail address and possibly your address.
You can also contact us by the same method to change, correct, or delete your personal information controlled by Commercial Strategy and Business Support Limited regarding your information at any time. Please note though that, if you have shared any information with others through social media channels, that information may remain visible, even if your account is deleted.
You are also free to close your account through our account settings. If you do so, your account will be deactivated. However, we may retain archived copies of your information as required by law or for legitimate business purposes (including to help address fraud and spam).
You can always feel free to update us on your details at any point by contacting info@commercialstrategy4.co.uk.
You can unsubscribe from receiving marketing emails from us by clicking the “unsubscribe” link at the bottom of any email. Once you do this, you will no longer receive any emails from us.
You can request a readable copy of the personal data we hold on you at any time. To do this, please contact us info@commercialstrategy4.co.uk.
Please note, we are constantly reviewing how we process and protect data. Therefore, changes to our policy may occur at any time. We will endeavour to publicise any changes.
PRIVACY AND DATA PROTECTION POLICY
Introduction
Purpose
Commercial Strategy and Business Support Ltd (T/A commercial strategy4) is committed to being transparent about how it collects and uses the personal data of its customers, and to meeting its data protection obligations. This policy sets out Commercial Strategy and Business Support Ltd's commitment to data protection, and individual rights and obligations in relation to personal data.
This policy applies to the personal data of customers and their employees.
Commercial Strategy and Business Support Ltd has appointed Andrew Bailey as its data protection officer. His role is to inform and advise Commercial Strategy and Business Support Ltd on its data protection obligations. He can be contacted at info@commercialstrategy4.co.uk. Questions about this policy, or requests for further information, should be directed to the data protection officer.
Definitions
"Personal data" is any information that relates to an individual who can be identified from that information. Processing is any use that is made of data, including collecting, storing, amending, disclosing or destroying it.
"Special categories of personal data" means information about an individual's racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life or sexual orientation and biometric data.
Data protection principles
Commercial Strategy and Business Support Ltd processes personal data in accordance with the following data protection principles:
- Commercial Strategy and Business Support Ltd processes personal data lawfully, fairly and in a transparent manner.
- Commercial Strategy and Business Support Ltd collects personal data only for specified and legitimate purposes.
- Commercial Strategy and Business Support Ltd processes personal data only where it is adequate, relevant and limited to what is necessary for the purposes of processing.
- Commercial Strategy and Business Support Ltd keeps accurate personal data and takes all reasonable steps to ensure that inaccurate personal data is rectified or deleted without delay.
- Commercial Strategy and Business Support Ltd keeps personal data only for the period necessary for processing, fulfilment of our obligations under our working agreements/contracts and/or legal requirements.
- Commercial Strategy and Business Support Ltd adopts appropriate measures to make sure that personal data is secure, and protected against unauthorised or unlawful processing, and accidental loss, destruction or damage.
Commercial Strategy and Business Support Ltd tells individuals the reasons for processing their personal data, how it uses such data and the legal basis for processing in its privacy notices. It will not process personal data of individuals for other reasons.
Commercial Strategy and Business Support Ltd will update personal data promptly if an individual advises that his/her information has changed or is inaccurate.
Personal data is held in file (in hard copy or electronic format, or both). Commercial Strategy and Business Support Ltdtakes the security of your data seriously. Commercial Strategy and Business Support Ltdhas internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties.
WhereCommercial Strategy and Business Support Ltdengages third parties to process personal data on its behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and Commercial Strategy and Business Support Ltdmeasures to ensure the security of data.
Commercial Strategy and Business Support Ltd keeps a record of its processing activities in respect of personal data in accordance with the requirements of the General Data Protection Regulation (GDPR).
Data we collect.
We may ask you to provide us with certain personal data that can be used to contact or identify you. Personal Data may include:
- Email address.
- First name and last name.
- Phone number.
- Company address.
- Job title.
- Company name.
Special categories of personal data
We request that you do not send us any sensitive data, such as racial or ethnic origin, national insurance numbers or health records. We do not use this information and do not need it, therefore please do not send or submit.
We do not provide Products and Services to children and therefore do not collect any data in this regard. Our materials, website and content is designed and meant for Businesses and companies only.
How we use this information.
We may use information that we collect for the following reasons:
- To provide our Products and Services to you, fulfil our commitments to you under our working arrangements/contracts.
- To improve our Products and Services.
- Communicate with you.
- Responding to your requests.
- Provide information and marketing content.
Individual rights
As a data subject, individuals have a number of rights in relation to their personal data.
Subject access requests
Individuals have the right to make a subject access request. If an individual makes a subject access request, Commercial Strategy and Business Support Ltd will tell him/her:
- whether or not his/her data is processed and if so why, the categories of personal data concerned and the source of the data if it is not collected from the individual;
- to whom his/her data is or may be disclosed, including to recipients located outside the European Economic Area (EEA) and the safeguards that apply to such transfers;
- for how long his/her personal data is stored (or how that period is decided);
- his/her rights to rectification or erasure of data, or to restrict or object to processing;
- his/her right to complain to the Information Commissioner if he/she thinks the Commercial Strategy and Business Support Ltd has failed to comply with his/her data protection rights; and
- whether or not the Commercial Strategy and Business Support Ltd carries out automated decision-making and the logic involved in any such decision-making.
Commercial Strategy and Business Support Ltd will also provide the individual with a copy of the personal data undergoing processing. This will normally be in electronic form if the individual has made a request electronically, unless he/she agrees otherwise.
If the individual wants additional copies, Commercial Strategy and Business Support Ltd will charge a fee, which will be based on the administrative cost to the Commercial Strategy and Business Support Ltd of providing the additional copies.
To make a subject access request, the individual should send the request to info@commercialstrategy4.co.uk. In some cases, Commercial Strategy and Business Support Ltd may need to ask for proof of identification before the request can be processed. Commercial Strategy and Business Support Ltd will inform the individual if it needs to verify his/her identity and the documents it requires.
Commercial Strategy and Business Support Ltd will normally respond to a request within a period of one month from the date it is received. In some cases, such as where Commercial Strategy and Business Support Ltd processes large amounts of the individual's data, it may respond within three months of the date the request is received. Commercial Strategy and Business Support Ltd will write to the individual within one month of receiving the original request to tell him/her if this is the case.
If a subject access request is manifestly unfounded or excessive, Commercial Strategy and Business Support Ltd is not obliged to comply with it. Alternatively, the Commercial Strategy and Business Support Ltd can agree to respond but will charge a fee, which will be based on the administrative cost of responding to the request. A subject access request is likely to be manifestly unfounded or excessive where it repeats a request to which Commercial Strategy and Business Support Ltd has already responded. If an individual submits a request that is unfounded or excessive, Commercial Strategy and Business Support Ltd will notify him/her that this is the case and whether or not it will respond to it.
Other rights
Individuals have a number of other rights in relation to their personal data. They can require the Commercial Strategy and Business Support Ltd to:
- access and obtain a copy of your data on request(we will respond with 10 days);
- rectify inaccurate data;
- stop processing or erase data that is no longer necessary for the purposes of processing;
- stop processing or erase data if the individual's interests override Commercial Strategy and Business Support Ltd's legitimate grounds for processing data (where Commercial Strategy and Business Support Ltd relies on its legitimate interests as a reason for processing data);
- stop processing or erase data if processing is unlawful; and
- stop processing data for a period if data is inaccurate or if there is a dispute about whether or not the individual's interests override the Commercial Strategy and Business Support Ltd's legitimate grounds for processing data.
To ask Commercial Strategy and Business Support Ltd to take any of these steps, the individual should send the request to info@commercialstrategy4.co.uk.
Data security
Commercial Strategy and Business Support Ltd takes the security of personal data seriously. Commercial Strategy and Business Support Ltd has internal policies and controls in place to protect personal data against loss, accidental destruction, misuse or disclosure, and to ensure that data is not accessed, except by employees in the proper performance of their duties.
We use reasonable measures to safeguard your personal information against loss, theft or unauthorised access. No measures can be guaranteed to provide 100% security. We make every effort to ensure your data is as secure as is possible.
Impact assessments
If the processing that Commercial Strategy and Business Support Ltd carries out may result in risks to privacy. Where processing would result in a high risk to individual's rights and freedoms, Commercial Strategy and Business Support Ltd will carry out a data protection impact assessment to determine the necessity and proportionality of processing. This will include considering the purposes for which the activity is carried out, the risks for individuals and the measures that can be put in place to mitigate those risks.
Data breaches
If Commercial Strategy and Business Support Ltd discovers that there has been a breach of HR-related personal data that poses a risk to the rights and freedoms of individuals, it will report it to the Information Commissioner within 72 hours of discovery. Commercial Strategy and Business Support Ltd will record all data breaches regardless of their effect.
If the breach is likely to result in a high risk to the rights and freedoms of individuals, it will tell affected individuals that there has been a breach and provide them with information about its likely consequences and the mitigation measures it has taken.
Individual responsibilities
Individuals may have access to the personal data of other individuals. Where this is the case, Commercial Strategy and Business Support Ltd relies on individuals to help meet its data protection obligations to staff and to customers and clients.
Individuals who have access to personal data are required:
- to access only data that they have authority to access and only for authorised purposes;
- not to disclose data except to individuals (whether inside or outside) Commercial Strategy and Business Support Ltd who have appropriate authorisation;
- to keep data secure (for example by complying with rules on access to premises, computer access, including password protection, and secure file storage and destruction);
- not to remove personal data, or devices containing or that can be used to access personal data, from Commercial Strategy and Business Support Ltd's premises without adopting appropriate security measures (such as encryption or password protection) to secure the data and the device; and
- not to store personal data on local drives or on personal devices that are used for work purposes.
Failing to observe these requirements may amount to a disciplinary offence, which will be dealt with under Commercial Strategy and Business Support Ltd's disciplinary procedure. Significant or deliberate breaches of this policy, such as accessing
customer data without authorisation or a legitimate reason to do so, may constitute gross misconduct and could lead to dismissal without notice.
Training
Commercial Strategy and Business Support Ltd will provide training to all individuals about their data protection responsibilities as part of the induction process.
Individuals whose roles require regular access to personal data, or who are responsible for implementing this policy or responding to subject access requests under this policy, will receive additional training to help them understand their duties and how to comply with them.
Policy Review
This Policy will be reviewed at least annually and in line with any legislative changes applicable.