GDPR Compliance Statement
Collected information (contact information) will be collected via Linkedin, Facebook and retained on a proprietary database by gdpr360 Limited. It will not be passed on to any third party.
gdpr360 Limited: GDPR-compliant General Privacy Notification
1) Our address as controller is 41 Mayfield Way, Cambourne, Cambridge, CB23 5JA
2) Your personal data is supplied to us by one or more of: yourself, LinkedIn or Facebook. We will notify you of this if the source was not yourself.
3) The data categories we collect are: name, contact details, and your indiccations of interest and any notes you may supply as part of the Contact Us forms;
4) Our processes, purposes, and legal bases for processing your personal data are:
[where: C=Consent, X=Contract, S=Statutory obligation, V=Vital/P=Public/L=Legitimate interests]
a) to permit you to register interest in data protection or other privacy services offered by gdpr360 Ltd. (C)
b) for us to consider whether you are appropriate for such services as and when they emerge (L)
c) to contact you to invite you to apply for further information on these or related services we may provide, and arrange related meetings (X)
d) for us to arrange and manage any resulting contracts including financial discussions (X)
e) for us to retain copies of the communications between us (L)
f) for us to comply with statutory obligations (eg GDPR, accounting, taxation, ML, etc.) (S)
5) If we have collected your data from others and notified you by email of this, we invite you to consent within one calendar month for us to continue to retain your data, by positively registering your interest via email. If you do not do one of these things within one month, we will destroy your data.
6) We store your data in England.
7) We store your personal data for a maximum of six years after the expiry of any financial year in which any contract we have arranged for you is discharged; otherwise we may choose to destroy your data at any time. Prior to destroying your data we may choose to invite you to re-consent.
8) Our legitimate interests (L) are contract, service assessment, and preserving systems integrity/security.
9) The GDPR provides you with rights to access, rectify, and erase your personal data; and to restrict or object to processing, and to supply or transfer your data in portable format.
10) Any consents you give may be withdrawn at any time, without affecting pre-withdrawal processing.
11) You have the right to lodge a complaint with a supervisory authority.
12) Further recipients of your data will be people offering services and information related to (4). We use a proprietary database and will not transmit your data to any other third party unless required by law.