HOW TO CONTACT US
- Data Protection Manager: Paul Hurst (COO)
- Address: Dynamis House, Sycamore Street, London, EC1Y 0SW, UK
- Telephone Number: 020 7324 1930
- Email: [email protected]
Current version: July 2019
WHAT PERSONAL DATA DO WE COLLECT?
Authorised Users ‐ In order to provide Authorised Users with access to our Platform and IT support where requested we process the following information: [name, email address, phone number, your employer's name and address, user ID and password and Platform last log in time]
WHY DO WE PROCESS YOUR PERSONAL DATA, HOW IS IT LAWFUL AND HOW LONG DO WE KEEP IT FOR?
The legal basis we rely for this processing of your personal data is either:
- In order to carry out our contractual obligations to you where you have signed our service agreement for use of the Platform; or
- for our legitimate interests i.e. we have good, sensible, practical reasons for processing your personal data which is in the interest of CCL. In this case, we use your personal data to provide you with access to our Platform as agreed in our service agreement with your employer.
We have considered the impact on your interests and rights, and have placed appropriate safeguards to ensure that the intrusion on your privacy is reduced as much as possible. You can object to any of the processing that we carry out on the grounds of legitimate interests (see the section "Your Rights" to find out how).
We keep your personal data until your account is deleted.
WHO WILL HAVE ACCESS TO YOUR PERSONAL DATA?
We use external providers that process your personal data as part of the services (such as hosting and messaging) which they offer to us. We take steps to ensure that our service providers process your data in accordance with the Data Protection Laws, only use it in accordance with our contract with them and keep it secure. If you would like more information about our processors, please contact us using the details at the "How to contact us" section.
We do not transfer your personal data outside the UK and the European Economic Area.
We strive to implement appropriate technical and organisational measures in order to protect your personal data against accidental or unlawful destruction, accidental loss or alteration, unauthorised disclosure or access and any other unlawful forms of processing. We aim to ensure that the level of security and the measures adopted to protect your personal data are appropriate for the risks presented by the nature and use of your personal data. We follow recognised industry practices for protecting our IT environment and physical facilities.
As a data subject, you have the following rights under the Data Protection Laws:
- Right to object to processing of your personal data;
- Right of access to personal data relating to you;
- Right to correct any mistakes in your information;
- Right to prevent your personal data being processed;
- Right to have your personal data ported to another controller; and
- Right to erasure.
Rights in relation to automated decision making do not apply as we do not carry out any automated decision making. Some of these rights are qualified and do not apply in certain circumstances. To exercise your rights, contact us using the details given in the 'How to Contact Us' section.
If you do not think that we have processed their data in accordance with this notice, you should let us know as soon as possible. You can also complain to the ICO, the UK data protection regulator. Information about how to do this is available on its website at www.ico.org.uk.