Article 27 Representation, which includes Article 27 Representation (UK) Limited and Article 27 Representation (ROI) Limited are committed to protecting the privacy and security of your personal information as part of the provision of our services to you.
We take steps to ensure protection of the privacy of our clients and website visitors who may visit and communicate with us via our website and social media platforms, as well as, through the swapping of details at events, over the phone or by email.
Where we refer to data protection or data privacy legislation (“the legislation”), we mean those categories of personal data that we collect at events, over the phone, by email, via within the UK, we mean the Data Protection Act 2018, which incorporates the General Data Protection Regulation (GDPR), as well as the Privacy and Electronic Communications (EC Directive) Regulations 2003. Relevant legislation also includes any local implemented version of GDPR, as it is applies across the European Union (EU) and European Economic Area (EEA). This includes any replacement legislation coming into effect from time to time.
Anticipating the United Kingdom’s departure from the EU, the definition of relevant legislation will include of The Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019, which will lead to the creation of a separate UK version of GDPR (UK GDPR) which will reflect the creation of a distinct regulatory framework.
What data we collect and when
We collect minimum amount of personal data that we will need to perform the processes, in accordance with the legislation. The categories of data that we will collect from you, should you voluntarily choose to provide to us through this website, an enquiry form or other contact methods includes:
· Your name
· Telephone number(s)
· Role or position
· Business name and address
· Email address
· Your IP address
You are not obliged by any statutory or contractual requirement to provide us with your personal information; however if you or your organisation engage our services we require at least the information above in order for us to deal with you as a prospective customer and/or client in an efficient and effective manner.
We may additionally, extend this information to include your address, records of purchases made and services used, as well as any subscriptions, records of conversations, contract agreements and payment transactions made.
The legal basis for processing your data is based on your specific consent, the performance of a contract and compliance with a legal obligation to have conducted sufficient due diligence to be able to properly conduct our representative duties on your behalf. Therefore, we will not store, process or transfer your data beyond those parts detailed above unless we have your informed consent and an appropriate lawful reason to do so.
How do we collect that data
We only collect data that you have agreed to share with us via the link that launches the Enquiry email to contact us.
How we use your information
The purpose of this site is to raise your awareness of the changes that will need to take place to your organisation; whether you are in the UK or in the EU/EEA, coming about due to the UK’s departure from the EU.
Should you consent to leave your personal details with us following your visit to our site, we will respond to your initial enquiry by contacting you with follow up communication, in the form of e-mails and marketing material once we have a clearer understanding of the terms, conditions and timeline agreed for the UK’s departure from the EU.
Furthermore, we will;
· Reply to any questions about how our services and solutions will be beneficial to you or your organisation.
· Happily accept and consider any suggestions that you might have, particularly those that improve the quality of service that we are able to offer our customers.
· Address any issues, requests or complaints that you might contact us about. We will aim to respond to any complaints within the regulatory standard of one month.
Once we have clarity on the terms and conditions of departure, we will
· Make you aware of the date for departure and details of the services that we can offer you or your organisation.
· Advise you on any supplementary information needed for compliance purposes, so that we can represent your organisation; either in the UK or the EU/EEA.
· Receive your order and the required additional information, documents and details to represent your organisation.
· Confirm and process your order.
· Take payment from you or;
· Refund you, should the need arise.
· Begin to fulfil our contract to provide you with the agreed services.
· We will correspond with your designated internal contact, providing them with a regular report of any enquiries made, who made them and activities that have taken place to address them, along with a report of the outcomes achieved.
· We will notify you whenever we receive a request from either a supervisory authority or a request from a data subject.
· For statistical analysis and in order to get feedback about the quality of our service, we may invite you or your organisation to respond to a questionnaire.
· We may invite you to participate in a case study.
We will also use personal data supplied by you in order to
· Implement our security measures, so you can safely access our website and your account.
· Help us understand more about you as a customer, the products and services you consume, so we can serve you better
· Help answer your questions and solve any issues you have
Storing your data
We receive the data that you send to us and transfer it to an off-line secure, encrypted database that has a back-up process.
Sharing your data
We may share your personal data with other organisations in the following circumstances:
· If law enforcement agencies, regulatory or public authorities say we must share or disclose it to them for the purpose of their investigations.
· If we need to share personal data in order to establish, exercise or defend our separate legal rights as your representative, should your organisation fail to comply with any judicial or regulatory sanction.
Marketing & Introducer Activities
As a service provider, we may wish to contact you about new products and services or changes to existing ones. These may be:
· From ourselves; or
· From other service or product providers who we enter into partnership with, either;
o for the explicit purpose of either providing your current service, or
o where we believe it will enhance the range of services and protection which you have previously selected for yourself or your organisation.
How we keep you updated on our products and services
We will send you relevant news about our services in a number of ways including by email, but only if you have previously consented to receive these marketing communications. When you register with us we will ask if you would like to receive marketing communications, and you can change your marketing choices online, over the phone or in writing at any time.
If you wish to amend your marketing preferences, you can do so by email or by calling us on the number displayed on our website.
Your rights over your personal data
Right to Access to your personal information
You have the right to access the personal information that we hold about you by making a request.
This is usually termed a ‘Subject Access Request’.
To confirm your request, we will ask for proof of identity and sufficient information about your interactions with us, so that we can confidently locate all of your personal information that we hold.
If we agree that we have an obligation to provide the personal information you have asked for to you (or someone else on your behalf), we will provide it to you or them free of charge and in most instances do so within 30 days from when your identity has been confirmed.
If we think the request is excessive, or unreasonable, we will contact you.
Right of data portability
We will ordinarily supply this data to you in a format, which is secure and is data portable. This usually will be as a document in a portable data format (.pdf). This can be read by using a reader available by following this link to Adobe. Please note that there are other .pdf data readers available.
Right to correct your personal information
If any of the personal information we hold about you is inaccurate, you have the right to ask us to correct it. We will usually comply and notify you of the changes once applied. This is usually within 30 days of verifying your identity.
Please note that it is important that you ensure that any changes to the information we hold about you or your organisation is passed to us at the earliest opportunity, so that we have current and up to date records.
Right of Erasure (Right to be Forgotten)
If you have made enquiries about our products and services, but have not purchased them, we will be happy to comply with a request to be removed from our database. This will be confirmed to you.
If you have purchased our products or services, we will usually comply with a request to erase personal data so long as you are not a sole-trader and there has been a nominated change of personnel within your organisation.
If you are a sole-trader who has purchased our products and services, we will reserve the right to retain a record of your request and the records of all communications and transactions in line with our retention policy.
How long we keep your information for
We retain a record of your personal information in order to provide you with a high quality and consistent service.
We will always retain your personal information in accordance with the current legislation and never retain your information for any longer than is necessary.
Although we may reserve the right to write to you beforehand; unless otherwise required by law, your data will be stored for a period of 7 years after our contract with you or your organisation expires, or 2 years from our last contact with you for some other reason. Following this, it will be automatically deleted from our records.
Right to Stop or Limit Our Processing
You have the right to object to us processing some or all of your personal information, particularly if we are not entitled to use it any more, to have your information deleted if we are keeping it too long or have its processing restricted in certain circumstances.
Who is the Data Controller
The Data Controller responsible for keeping your information secure and confidential is:
Article 27 Representation (UK) Limited.
How to contact us
• By email: firstname.lastname@example.org
• By telephone: +44 (0)1622 820474
• By post: Old Forge Cottage, Hunton Road, Chainhurst, Kent, TN12 9TB.
For more information about your privacy rights
The Information Commissioner’s Office (ICO) regulates data protection and privacy matters in the UK. All organisations collecting and processing personal data are required to register annually with the Information Commissioner, stating their purposes for handling personal and sensitive information from data subjects.
This information is available on the Information Commissioners Office website: www.ico.org.uk.
You can make a complaint to the ICO at any time about the way we use your information. However, we hope that you would consider raising any issue or complaint you have with us first. Your satisfaction is extremely important to us, and we will always do our very best to solve any problems you may have.
Giving your reviews and sharing your thoughts
When using our website you may be able to share information through social networks like Facebook and Twitter. For example, when you ‘like’, ‘share’ or review our Services. When doing this, your personal information may be visible to the providers of those social networks and/or their other users. Please remember it is your responsibility to set appropriate privacy settings on your social network accounts so you are comfortable with how your information is used and shared on them.
Data security is of great importance to us and to protect your data we have put in place physical, electronic and managerial procedures to safeguard and keep secure your data.
We take the following security measures to protect your data including:
· Limiting and monitoring access to our premises to those whom are entitled to be there.
· Implementing access controls to our information technology.
· Employing procedural and technical security measures including encryption, anonymisation and back-up techniques to safeguard your information across our computer systems, websites and offices.
· Routinely check our partners’ processes and technical measures.
We regularly assess our own processes and procedures against a range of potential threats.
reCAPTCHA from Google helps protect websites from spam and abuse. A “CAPTCHA” is a test to tell human and bots apart. It is easy for humans to solve, but hard for “bots” and other malicious software to figure out. By adding reCAPTCHA to our site, we can block automated software while helping us welcome real users like you.
First, the reCAPTCHA algorithm will check to see if there’s a Google cookie placed on the computer being used. Then, an additional reCAPTCHA-specific cookie will be added to your browser, and a complete snapshot of the browser window at that moment in time will be captured, pixel by pixel.
Some of the browser and user information collected at this time includes:
• All cookies placed by Google over the last 6 months
• How many mouse clicks you’ve made on that screen (or touches if on a touch device)
• The CSS information for that page
• The date
• The language your browser is set to
• Any plug-ins you have installed on the browser
• The data you supply via the form
This Policy was last updated on: 16th Oct 2019