Data protection & privacy
Data Protection and Privacy for Ecokeys.co.uk
1.1 This policy sets out the basis on which any personal data we (Ecokeys) collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
1.2 For the purpose of the Data Protection Act 1998 (the “Act”), the data controller is ecokeys
2. Personal information we may collect
2.1 We only collect identifiable personal data or information that is voluntarily provided by a visitor to our site. For example, a visitor to our site may choose to provide personal information in order to contact us for further information, join our mailing list, sign up for our membership or register for a course or event.
2.2 We may collect the data about you via: 2.2.1 Information that you provide by filling in forms on our site, 2.2.2 completing our events/training course booking forms or email enquiries. 2.2.3 telephone enquiries 2.2.4 subscribing to our services and offers 2.2.5 registering to use our site, 2.2.6 We may also ask you for information if you report a problem with our site.
2.3 We may collect the following data about you: 2.3.1 If you contact us, we may keep a record of that correspondence. 2.3.2 We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them. 2.3.3 Details of transactions you enter into with us either through or in connection with our site. 2.3.4 Details of your visits to our site and the resources that you access. 2.3.5 Information you provide to us for the purpose of subscribing to our site services, email notifications and/or newsletters.
3. IP Address
3.1 We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our user’s browsing actions and patterns, and does not identify any individual.
4.1 Cookies are small data files which most website operators place on the browser or hard drive of their user’s computer. Cookies may gather information about the user’s use of the website or enable the website to recognize the user as an existing customer when he returns to the website at a later date. Cookies may also be used to collect information about the user which allows the website operator or a third party to create a profile of the user, their preferences and their interests for the purpose of serving the user with targeted, interest-based advertising.
5. Information security – Storing Your Personal Data
5.1 All information you provide to us is stored on secure servers. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
5.2 All reasonable and appropriate technical and organizational measures will be taken against unauthorized or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
5.3 We will ensure that: 5.3.1 only authorized people will be able to access, alter, disclose or destroy personal data; 5.3.2 those people only act within the scope of their authority; and 5.3.3 if personal data is accidentally lost, altered or destroyed, it can be recovered to prevent any damage or distress to the individuals concerned.
5.4 As and when appropriate, we will conduct information risk assessments to ensure data protected to a reasonable and appropriate standard for the nature of data held.
6. How we may use your data
6.1 We use this information held about you in the following ways:
6.1.1 To ensure that content from our site is presented in the most effective manner for you and for your computer.
6.1.2 To provide you with information, products or services that you request from us or which we feel maybe of legitimate interest to you, or where you have consented to be contacted for such purposes.
6.1.3 To carry out our obligations arising from any contracts entered into between you and us.
6.1.4 To allow you to participate in interactive features of our service, when you choose to do so.
6.1.5 To notify you about changes to our service.
6.1.6 We may also use your data on behalf of selected third parties, to provide you with information about goods and services which may be of legitimate interest to you and we may contact you about these.
6.1.7 If you are a client, we may legitimately contact you (by e-mail, SMS, telephone, post) with information about goods and services similar to those which were the subject is relevant to the services previously provided to you.
6.1.8 If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this.
7. Legitimate interest
7.1 We may process your personal data on the grounds of legitimate interest. We will only process your data in this way if we think there is real and genuine interest to both you and ourselves.
7.2 We process personal information for certain legitimate business purposes, which include some or all of the following: 7.2.1 Where the processing enables us to enhance, modify, personalize or otherwise improve our services / communications for the benefit of our customers 7.2.2 To identify and prevent fraud 7.2.3 To enhance the security of our network and information systems 7.2.4 To better understand how customers interact with our website 7.2.5 To provide communications (postal, SMS text, telephone, email) containing information, products and/or services which we think will be of interest to you. 7.2.6 To determine the effectiveness of promotional campaigns and advertising. 7.3 Whenever we process your data for these purposes, we will ensure that we always keep your personal data rights in high regards and take account of these rights. If you do not want us to process your data in this way or have a specific objection, please notify us by email, [email protected] with the subject line “Data Protection”. Please bear in mind that if you object this may affect our ability to carry out services and the tasks in clause 7.2 for your benefit.
8. Data Retention
8.1 Personal data processed for any purpose or purposes will not be kept for longer than is necessary for that purpose or those purposes needed. We will regularly review the personal data we retain, securely deleting where appropriate, anything we no longer need.
8.2 Information that does not need to be accessed regularly, but which still needs to be retained, will be safely stored or archived.
8.3 If it is necessary to hold data for one of the reasons set out in Schedules 2 and 3 of the Data Protection Act (such as the performance of a public function or compliance with employment law), then we will retain data for as long as that reason applies.
8.4 At the end of the retention period, or the life of a particular record, it will be reviewed and deleted, unless there is some special reason for keeping it.
8.5 Further information about how to access data can be found in our Subject Access Request policy.
8.6 Further information related to the retention and deletion of data can be found in our Data Deletion & Shredding Policy.
9. Disclosure of Your Information
9.1 We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
10. Your Rights
10.1 You have the right to ask us not to process your personal data for marketing purposes. We will inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing at any time by contacting us via [email protected] using the subject line “Data Protection”.