The use of the Website and our social media pages is possible without the provision by you of personal data. If you submit personal data to us it will be maintained in accordance with the provisions of the General Data Protection Regulation ((EU) 2016/679) (“GDPR”) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK, until such time as the GDPR is no longer directly applicable to the UK, and then in accordance with the provisions of any successor legislation to the GDPR or the Data Protection Act 1998 (together, “the Data Protection Legislation”). Carol Hayes Management London Limited is a “data controller” for the purposes of the Data Protection Legislation.
INFORMATION WE COLLECT
The information we collect from you can come from information you directly give us whether by filling in forms on our website or by corresponding with us by phone, email or otherwise. The information you give us may include your name, email address, postal address and phone numbers.
When you interact with us through our social media accounts, such as Facebook, Twitter, Pinterest, Instagram, YouTube and so on, we may collect information about you which could include personal data. For example, when you "Like" a post on our Facebook page, or "Follow" us on Twitter. Those social media sites will also have their own privacy policies explaining how they use and share your personal data. You should carefully review those privacy policies before you use those social media sites, to make sure that you are happy with them.
HOW AND WHERE WE STORE YOUR DATA
All data is stored by us on a database in the EEA. This database can be accessed only by employees of Carol Hayes Management London Limited who have a legitimate interest and business requirement to do so.
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. However, please note that the transmission of personal data via the internet is not completely secure. Although we will do our best to protect your personal data we cannot guarantee the security of your personal data on transmission via the internet.
We ask you not to share your passwords with anyone.
HOW WE USE AND PROCESS YOUR DATA
Your personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes. We will use your personal data solely for our legitimate business interests.
From time to time, we may send you e-mails relating to Carol Hayes Management London Ltd services which we think you might like or which will be beneficial for your own business and work. We will only send you e-mails with information in relation to editorials and new additions to the Carol Hayes Management London Ltd business if you have agreed that we can (sometimes referred to as an "opt-in").
We will also only share your personal data with third parties (including franchisees in the Carol Hayes Management London Ltd group) for them to send you marketing e-mails, if you have agreed that we can.
In any case, you can ask us to stop contacting you at any time by contacting us on firstname.lastname@example.org or +44 (0) 207 482 1555 or by using the unsubscribe option in each e-mail.
If we decide to sell or buy any parts of our business, we may also need to share your personal data with the buyer of those parts of the business. In those circumstances, we will make sure that any new buyer will promptly give you details of how they will use your personal data, and your options for changing that.
The only cookies we use are Google Universal Analytics. These cookies are used to collect information about how visitors use the Website. We may use the information to compile reports and to help us improve the Website. The cookies collect information in an anonymous form, including the number of visitors to the Website, where visitors have come to the Website from and the pages they visited.
THIRD PARTY SITES
RETENTION OF YOUR DATA
We will only keep your personal data within the timeframes allowed by law and for so long as is necessary to comply with our legal obligations.
TRANSFER OF DATA
Your personal data will only be transferred out of the EEA where:
• We have obtained your informed consent;
• The transfer is necessary for the performance of a contract between you and us or for pre-contractual steps taken at your request; or
• The transfer is necessary for the performance of a contract made in your interests between us and another person.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
You may instruct us to provide you with any personal information we hold about you. Provision of such information will be subject to the supply of appropriate evidence of your identity. We may withhold such personal information to the extent permitted by law.
You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.
In some circumstances you have the right to the erasure of your personal data without undue delay. Those circumstances include: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; you object to the processing under certain rules of applicable data protection law. However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defence of legal claims.
In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are: you contest the accuracy of the personal data; processing is unlawful but you oppose erasure; we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defence of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defence of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
UPDATES AND CONTACT
Please let us know if the personal information which we hold about you needs to be corrected or updated
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.Download as PDF