Your personal data â€“ what is it?
Personal data relates to a living individual who can be identified from that data.Â Identification can be by the information alone or in conjunction with any other information in the data controller â€˜s possession or likely to come into such possession. The General Data Protection Regulation (the GDPR) governs the processing of personal data.
Who are we?
Guidemark Ltd. is the data controller (contact details below).Â This means that we decide what personal data Guidemark collects, why it is required to be collected and how it is processed.
What personal data do we use?
Guidemark may hold any of the following details about you:
- Your name and contact details
- Any correspondence or records that have arisen as we provide (or whilst we propose to provide) our consultancy services to you
- Any correspondence or records that have arisen as you provide (or whilst you propose to provide) services to us
How do we process your data?
Guidemark takes protecting your privacy seriously. We comply with obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
We use personal data for the following purposes:
- To enable us to administer our consultancy services
- To inform you of news, events, activities and other issues related to Guidemark that we think may be of interest to you
- To operate the Guidemark website and other social media tools and deliver the services that have been asked of us
- To administer financial procedures and records
- To manage our employees and administer employee records
- To maintain our own accounts and records
How do we protect your data?
Any personal data submitted by you via our email system is transferred using SSL, the standard security technology for establishing an encrypted link between a server and a browser. This link ensures that all the data remains private.
All our computers and backups are password protected and encrypted; only authorised Guidemark personnel have access to this data.
To provide the best service at our client sites, some client files are stored on a cloud-based server based in the US, which complies with the US-EU agreement Private Shield.
What is the legal basis for processing your personal data?
When you have given us your consent to do so, we can keep you informed about Guidemark news, events, and activities;
We are able to process your data when it is necessary in order for us to offer and supply our services to you (i.e. it is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract);
Processing is necessary for carrying out our obligations under employment, social security or social protection law
Processing relates to personal data, which is very obviously made public by you.
Sharing your personal data
Your personal data will be treated as strictly confidential and will only be shared with, as appropriate and relevant to:
- Guidemark Directors and employees
- The following third parties: web administrator and cloud-based secure file sharing and storage provider and only for purposes connected with Guidemark
We will not share your data with any other third parties.
How long do we keep your personal data?
We keep data as required by our statutory obligations and as follows:
- Contractual information 6 years post the last contract entered into (unless it is information that is manifestly made public by yourselves)
- Recruitment unsuccessful candidates: 6 months post-campaign
Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:
- The right to request a copy of your personal data, which Guidemark holds about you
- The right to request that Guidemark corrects any personal data if it is found to be inaccurate or out of date
- The right to request your personal data is erased where it is no longer necessary for Guidemark to retain such data
- The right to withdraw your consent to the processing at any time
- The right to request that Guidemark â€˜s data controller provides you with your personal data. The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing
- The right to object to the processing of personal data, (where applicable) [Only applies where processing is based on legitimate interests (or the performance of a task in the public interest/exercise of official authority); direct marketing and processing for the purposes of scientific/historical research and statistics]
- The right to lodge a complaint with the Information Commissionerâ€™s Office.
If we wish to use your personal data for a new purpose, not covered by this Privacy Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
If you have any questions or require further information, please contact:
Guidemark Ltd., Percheron House, 2, The Hawthorns, Malmesbury, Wiltshire, SN16 0HS
You can contact the Information Commissionerâ€™s Office on 0303 123 1113 or via emailÂ https://ico.org.uk/global/contact-us/email/Â or at the Information Commissionerâ€™s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.