DQM GRC values the personal information you provide to us and we wouldn’t want to use it in a way that you won’t expect. This Privacy Notice explains how we protect your privacy and how you can control how we use your personal information. If you want to change the way in which we use your data or if you have a question about how your personal information is used please contact us using the methods below:
When you provide your information to us directly via our website, over the phone or face to face we only ask you to supply information that we need in order to provide the service you have requested. We will normally ask you to provide us with:
However, if you do business with us we may also ask for further information about you or your company including finance details.
You may also provide your information to us via another website for example a Facebook Group when you enquire to become one of our ‘seed location' part time employees.
Occasionally we may contact you using personal data provided to us by other companies. We take careful steps to ensure that they have permission from you to allow us to do this. If you feel this is incorrect please let us know.
We occasionally supply data processing services to our clients who provide us with personal data of their customers. Any personal data provided to us in this manner has been collected under our clients’ privacy notices and we encourage you to read these to understand how they handle your personal data.
We use your personal information in a number of ways to:
For the avoidance of doubt, we do not store credit card details and only share payment details with our financial partner IGF Business Credit Ltd.
We do not share or sell your data to any other company without your prior consent other than those processors we use for our business operations who process your data under our control:
In all cases the servers where your personal data is stored and processed are located in the European Economic Area.
We may share your information with subsidiaries, parent and associated companies.
Under some circumstances we may be required to disclose or share your information without your consent, for example if we are required to by the police, the courts or for other legal reasons.
We take our obligations to keep your personal data safe and secure very seriously. We hold ISO 27001 certification - the international best practice standard for information security.
Within DQM GRC, access to your personal information is strictly controlled on a ‘need to know’ basis. Staff members are only allowed access to your personal data if they have been sufficiently trained in data handling. We have specific technical controls in place to restrict access and these are monitored regularly.
We keep your personal information in line with our data retention policy. This means that we will remove data which have collected directly from you from our systems if we haven’t had any marketing response or direct contact with you for more than 36 months (this period typifies the maximum length of time that a contract could be in negotiation with us).
For data provided to us by our clients, we are governed by their data retention rules as specified in their privacy notices.
In certain circumstances we have a statutory obligation to keep your personal information for a set period of time for example financial information (normally 6 years) for financial auditing purposes.
It’s important for both you and us that your personal information is correct. If you believe this not to be the case then please contact us at firstname.lastname@example.org and we will help you resolve the issue.
You have the right to request a copy of the information that we hold about you.
If you would like a copy of some or all of your personal information, please email or write to us using the contact details in this policy.
We will get in contact to verify your identity and If we do hold information about you we will:
Much of our processing will be under the basis of “contractual obligation” in other words we need and use your personal information for providing the services you have contracted with us to provide.
However when we are communicating with you regarding products and services you may be interested in receiving from us in the future our basis for processing is our "legitimate interest" as we are communicating with you in the context of your corporate activity and identity and not in relation to your private life. You will always be able to instantly unsubscribe from such messages using the link provided within the e-mail.
Should you wish to not receive information from us in future then you can quickly action this by clicking the unsubscribe link you will find on our marketing e-mails or by sending your details to email@example.com and we will quickly suppress your data.
Should you further wish for us to remove your information entirely (and assuming we have no other obligation to keep it) then please let us know and we will do this – but we would encourage you to let us use it for suppression purposes only.
If you have a complaint please contact us at firstname.lastname@example.org who will deal with your request promptly.
If you are still not satisfied with the way your complaint was handled, you can refer your complaint to UK Information Commissioner’s Office. https://ico.org.uk/concerns/
We link our website directly to other sites. This privacy notice does not cover the links within our site linking to other websites and organisations. We encourage you to read the privacy statements on the other websites you visit.
Should DQM GRC be sold or integrated with another business your details may be disclosed to our advisers and any prospective purchasers' advisers and will be passed on to the new owners of the business. We will notify you should this occur and you will have the opportunity to request suppression or deletion at that time.
We keep our privacy notice under regular review. This privacy notice was last updated on 21/1/2019
We are Data Quality Management Group Limited.