The Data Business

Privacy and Cookie Policy

This Privacy Policy sets out the data processing practices of The Data Business Ltd (“The Data Business”). Please note that all data thus captured will be used and held in accordance with the requirements of the Data Protection Act 2018.

Who we are and what we do

The Data Business is a data management business operating across the B2B sector. The Data Business helps its clients to better manage their data through a variety of services which, include:

  • Data Cleansing
  • Data Consultancy
  • CRM Management & Migration
  • Data Classification
  • Data Auditing
  • Market Research & Analysis
  • Data Sales

The Data Business is the controller and If you have any requests concerning your personal data or any queries regarding how we handle your data, you can contact our Data Protection Officer via:

The Data Business info@the databusiness.net

The Data Business Post: Data Protection Officer, The Data Business Ltd, Mill Studio, 17A Stour Street, Canterbury, CT1 2NR.

The Data Business Telephone: +44(0)7986 094 841

Purpose of processing your personal data

We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:

The Data Business to provide you with the services you have requested;

The Data Business to respond to any communications, you might send to us;

The Data Business to perform our duties under a service contract to which you are a connected party;

The Data Business to communicate with you about our activities or services;

The Data Business to perform our duties as an employer;

The Data Business to monitor the provision of services or business relationship between The Data Business and you

Compliance with our legal and regulatory obligations

For The Data Business to use your information lawfully, we may rely on one or more of the following legal bases:

Contractual

Legal obligation

Legitimate interest

Consent

to deal with any legal claims;

to manage and administer The Data Business’ business, to improve and manage relationships with employees and other stakeholders and for marketing and business development activities and analysis;

to communicate with you in respect of your relationship with The Data Business;

for risk assessment/risk management and statistical analysis, for system administration, operation, testing and support and to operate control systems and management information systems;

to help prevent and investigate criminal activity;

to manage and ensure the security of The Data Business’ information technology systems;

to disclose information to a regulatory body or another relevant intermediary;

to investigate and respond to any complaints about The Data Business.

To meet our legal and regulatory obligations, we may need to collect your personal data, verify it and keep it up to date by performing ongoing reviews. We may also gather information/ personal data about you from publicly available sources, and from third parties to help us meet our legal and regulatory obligations.

If ever we need to collect and use sensitive personal data about you, we will ask for your consent. Before you give your consent, we will tell you what data we need to collect and what we will use it for. You can withdraw your consent at any time by contacting us.

1. Marketing

We would like to use your personal data to send you details of products or services that we offer that we have identified as likely to be of interest to you. We will only send you information in line with the preferences you indicated when you provided the personal data.

If at any point, you would like to opt-out of receiving communications from us, or would like to change the channels (such as email or post) that we use to contact you, please contact our Data Protection Officer (all details included above).

2. Recipients/categories of recipients

In carrying out our business including our obligations to you, we may use sub-contractors. These will be mailing houses, email broadcasters, marketing agencies. We will ensure that they respect your privacy and abide by all data protection laws.

3. Transfers to third countries

Your personal information may be transferred to, and processed by our trusted data management suppliers. We have therefore taken appropriate safeguards to ensure that your personal information will remain protected in accordance with this Privacy Notice. These include implementing the European Commission’s Standard Contractual Clauses for international transfers of personal information, which require all companies to protect personal information they process from the EEA in accordance with European Union data protection law.

4. Retention Periods

We will keep your personal data in connection with the services/products you have bought for 3 years after the last purchase. We need to retain this data for our own accounting purposes and for legal and tax purposes.

In terms of personal data that we use for marketing, we will keep this data for as long as we are able to market to you and if you withdraw your consent or opt-out of marketing communications, we will keep your contact details only to ensure that we do not contact you again for marketing purposes.

5. Data subject’s rights

You have rights in respect of your personal data. We will need to confirm your identity before we can consider your request so, if you wish to exercise any of these rights, we will need to receive your request via either a business email address or by post on company headed paper. In both cases confirming your name, job titles, company name, address, telephone and business email address.

The right to be informed – you have the right to be told about the collection and use of the personal data you provide. This privacy policy sets out the purpose for which we process your personal data, how long we will keep your data, who we will share your data with. If you have any questions on how and why we process your data please contact the DPO. If you want to know more about this right, the ICO has more guidance on their website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-be-informed

Right of access – you have the right to know whether we are processing your personal data, and to a copy of that data. We would need as much information as possible to enable us to locate your data. We will respond to your request within 28 days of receipt of your request. If you want to exercise this right, please contact the DPO at the contact details above. If you want to know more about this right, the ICO has more guidance on their website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-of-access

Right to rectification – you have the right to have any incorrect personal data corrected or completed if it is incomplete. You can make this request verbally or in writing. We will need as much information as possible to enable us to locate your data. We will look at any request and inform you of our decision within 28 days of receiving the request. If you want to exercise this right, please contact the DPO at the contact details above. If you want to know more about this right, the ICO has more guidance on their website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-rectification

Right to erasure – this right, often referred to as the right to be forgotten allows you to ask us to erase personal data where there is no valid reason for us to keep it. We will look at any request and inform you of our decision within 28 days of receiving the request. If you want to exercise this right, please contact the DPO at the contact details above. If you want to know more about this right, the ICO has more guidance on their website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-erasure

Right to restrict processing – you have the right to ask us to restrict processing of your data. We will look at any request and inform you of our decision within 28 days of receiving the request. If you want to exercise this right, please contact the DP at the contact details above. If you want to know more about this right, the ICO has more guidance on their website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-restrict-processing

Right to data portability – you have the right to move, copy or transfer your personal data from one IT environment to another. This right applies to data that you have provided to us and that we are processing on the legal basis of consent or in the performance of a contract and that processing is by automated means. We will respond to your request within 28 days of receipt of your request. If you want to exercise this right, please contact the DPO at the contact details above. If you want to know more about this right, the ICO has more guidance on their website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-data-portability

Right to object – you have the right to object to our processing of your personal data based on (i) legitimate interests, or for the performance of a task in the public interests/exercise of official authority (including profiling); (ii) direct marketing (including profiling); and (iii) for purposes of scientific/historical research and statistics.

(i) Legitimate interests/legal task – your objection should be based on your situation. We can continue to process the data if we can demonstrate compelling legitimate grounds which override your interests. (ii) Direct marketing – you have an absolute right to ask us to stop processing for the purposes of direct marketing. We will action your request as soon as possible. (iii) Scientific/historical research and statistics – your objection should be based on your situation. If we are conducting research where the processing is necessary for the performance of a public task, we can refuse to comply with your objection. If you want to exercise this right, please contact the DPO at the contact details above. If you want to know more about this right, the ICO has more guidance on their website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-object

Rights relating to automated decision making including profiling – you have the right in respect of automated decision making, including profiling. Where we carry out solely automated decision making, including profiling, which has legal or similarly significant effects on you, we can only do this if it is in connection with a contract with you, we have a right under law or you have provided your explicit consent. We will tell you if this happens and tell you how you can request human intervention or challenge the decision. If you want to exercise this right, please contact the DPO at the contact details above. If you want to know more about this right, the ICO has more guidance on their website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/rights-related-to-automated-decision-making-including-profiling

6. Processing based on consent

Where we process your personal data based on your consent you have the right to withdraw that consent at any time without reason. You can opt-out by using the unsubscribe/opt-out in any marketing we send you and you can contact the DPO at the contact details above.

7. The right to lodge a complaint to the supervisory authority

If you are unhappy with any aspect of our handling of your data you can make a complaint to the Information Commissioner’s Office – https://ico.org.uk/concerns

8. Statutory/contractual requirement to provide personal data

The personal data that you provide to us is necessary for us to carry out the contract you have entered into with us or for us to perform our obligations under Statute. [If this applies to your business you should explain what personal data this refers to and the consequences of the data subject not providing this.

9. Cookies

A cookie is a small piece of information sent by a web server to a web browser, which enables the server to collect information from the browser. Find out more about cookies on http://www.allaboutcookies.org. We use cookies to identify you when you visit this website and to keep track of your browsing patterns and build up a demographic profile.

Our use of cookies also allows registered users to be presented with a personalised version of the site, carry out transactions and have access to information about their account. Most browsers will allow you to turn off cookies. If you want to know how to do this please look at the menu on your browser, or look at the instruction on http://www.allaboutcookies.org. Please note however that turning off cookies will restrict your use of our website.

10. Third party websites

Our website may contain links to other websites that are outside our control and are not covered by this Privacy Policy. If you access other sites using the links provided, the operators of these sites may collect information from you that will be used by them in accordance with their privacy policy, which may differ from ours.

11. Changes to the privacy policy

This privacy policy is regularly reviewed and will be updated when necessary. If we make any significant changes to the policy we will communicate these to you.

*Last updated: 1st March 2019

© Copyright 2019 thedatabusiness.net All rights reserved.*