Data Privacy & Cookie Policy
Introduction and purpose
ProAct is committed to protecting the privacy and security of personal information. This policy describes how we collect and use personal information about you. ProAct is a ‘data controller’. This means that we are responsible for deciding how we hold and use personal information. We are required under data protection laws to notify you of the information contained in this policy. For the purposes of this policy:
- ‘Customers’ includes persons who have engaged us to provide software solutions, tailored made software solutions, customer support and call logging, sales activity
- ‘Subscribers’ includes persons that have signed up to one of our newsletters or bulletins or attended an event and registered an interest in receiving the newsletter or business updates.
This policy applies to the personal information of past and present customers and subscribers. Please note that you may fall in to more than one of these categories so we may hold your personal information in a number of capacities.
If you are a past or present employee or consultant of the firm, we will hold further personal information about you. For further details please contact enquiries@proact.net to your line manager or supervisor. This policy does not form part of any contract that you may have with ProAct. It is provided for information purposes only.
Changes to this policy
We reserve the right to update this policy at any time and we will provide you with a new policy when we make substantial updates. For information about the cookies that we use on our website and in our communications, please see our Cookie Policy by visiting www.proact.net
Data Protection Contact
We have appointed a Compliance Officer for Data Protection (CODP) to oversee compliance with this policy. If you have any questions about this policy or how we handle personal information, please contact the CODP in writing using the details below.
Email address: dataprotection@proact.net
Postal address:
Proact International Limited
Unit 28
Ffordd Richard Davies
St Asaph Business Park
St Asaph
LL17 0LJ
United Kingdom
General Contact via email: enquires@proact.net
Registrations:
Our Limited Company registration number is: 23128910 Our ICO registration number is: Z9181332
Table of content
- The Data Protection Principles
- The kind of information that we hold about customers and subscribers
- If you fail to provide personal information
- Change of purpose
- Data sharing
- Data security
- Data transfer
- Changes to your data
- Your rights
- Complaints
- The Data Protection Principles -We will comply with data protection law. The law says that the personal information that we hold must be: – Used in a lawful, fair and transparent way. – Collected only for valid purposes that we have clearly explained and not used in any way that is incompatible with those purposes. – Relevant to the purposes for which it was collected and limited only to those purposes. – Accurate and kept up to date. – Kept only as long as necessary for the purposes for which it was collected. – Kept securely.
- The kind of information that we hold about customers and subscribers
Personal data, or personal information, means any information about an individual from which that person can be identified.
We collect, store and use some or all of the following categories of personal information about customers:
(A) Customer information: name, title, job title, address, telephone number, email address (B) Marketing information: name, title, job title, address, telephone number, email address, company, engagement details, event attendance history (C) Monitoring: CCTV footage, vehicle details, swipe/fob records, PC login details, use of our IT and communications systems. (D)Employee details: name, Personal email, address, NI number, bank details, date of birth, marital status, personal mobile/telephone, next of kin; their name/work number/personal/home number, Doctor name/address/telephone number, allergies/health issues , training record, Identification, copies of academic certificates, CVs, Contract of employment, References from third parties, confidential agreement, data protection agreement We use your customer information to manage and strengthen our relationship with you, this includes linking the work that we do across different practice areas and offices to ensure that you receive a seamless, streamlined service at all times.
We use your marketing information for marketing purposes, this includes contacting you with relevant newsletters, bulletins and other information about our services and measuring engagement with our communications to ensure that the content that we create is relevant and useful. Our lawful basis for this is your consent. You have the right to withdraw this consent or amend your marketing preferences at any time by contacting dataprotection@proact.net
We collect personal information either from you directly on Google+, Linkedin. We collect personal information when you visit our premises or use our IT or communications systems including our ProAct application.
- If you fail to provide personal information If you fail to provide certain personal information when we request it, we may not be able to perform our contract with you properly which may cause a delay in our investigation and / or resolution.
- Change of purpose We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another purpose and that purpose is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the lawful basis which allows us to do so.
- Data sharing We may share your data with third parties. We require all third parties to respect the security of your data and to treat it in accordance with the law. Third-party service providers require access to your personal data in the course of providing their services to us. We engage third parties to provide the following services: (example; payroll/pension provider).
All third parties are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow third parties to use your personal data for their own purposes. We only permit them to access your personal data for specific purposes and in accordance with our instructions. We may share your personal information with other third parties, for example with a potential purchaser in the context of a potential sale or restructuring of the business. We may also need to share your personal information with a regulator to comply with the law. We may transfer your personal information outside the EU. If we do, you can expect a similar degree of protection in respect of your personal information. A third party service provider is based in the United States of America and host their services on servers based there. This means that your data may be transferred to the US as part of a technical process or for storage.
Transfers will always be subject to adequate safeguards. These safeguards may take the form of an adequacy decision. Adequacy decisions are made by the European Commission in respect of certain countries. An adequacy decision means that the countries to which we transfer your data are deemed to provide an adequate level of protection for your personal information. To ensure that your personal information does receive an adequate level of protection in the absence of an adequacy decision, we will put in place binding corporate rules or standard contractual clauses approved by the European Commission or the ICO to ensure that your personal information is treated by those third parties in a way that is consistent with and respects the EU and UK laws on data protection. If you require further information about these protective measures, please contact our CODP by emailing dataprotection@proact.net
- Data security We have put in place appropriate security measures to protect your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those people who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality. We have put procedures in place to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
- Data retention We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for.
We will retain financial documentation for a minimum 6 years. Personal information of ex-employees, including contact details, appraisals and reviews be kept for at least 5 years. Ex-Customers’ employee personal data will be retained for 5 years. After which, personal data will be removed from our database. Current customers’ employee personal data will be retained to fulfil the purpose we collected it for. Where you have chosen to unsubscribe from marketing communications, we will retain your contact details to ensure that you are not sent any further communications. This information will be held indefinitely.
- Changes to your data It is important that the personal information we hold about you is accurate and up to date. Please keep us informed if your personal information changes during your working relationship with us. If your personal information changes, please let us know by emailing dataprotection@proact.net
- Your rights
Under certain circumstances, by law you have the right to:
Request access to your personal information. This is commonly known as a subject access request. This enables you to receive a copy of the personal information we hold about you and to check that we are processing it lawfully.
Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
Request the transfer of your personal information to another party. If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, request that we transfer a copy of your personal information to another party or request the reconsideration of an automated decision, please contact our CODP by emailing dataprotection@proact.net You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances. We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it. Where you have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please . Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to.
- Complaints If you have any concerns over how we use your data, please contact our CODP in the first instance at dataprotection@proact.net If you are not satisfied that we have addressed your concerns adequately, you have the right to lodge a complaint with the ICO. Their contact details are below:
Information Commissioner’s Office
Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF
Tel: 0303 123 1113 Web: www.ico.org.uk
Cookie Policy
This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers.
ProAct International Ltd respects your privacy. Your personal data is protected in the UK by the Data Protection Act 1998. Under the Data Protection Act, we have a legal duty to protect any information we collect from you. Any information that you give us is held with the utmost care and security. It will not be used in ways to which you have not consented. We do not and will not pass on your details to any third party or government department unless you give us permission to do so.
User Anonymity and Use of Personal Information
Log files are maintained and analysed of all requests for files on this website’s web servers. Log files do not capture personal information but do capture the user’s IP address, which is automatically recognised by our web servers.
Aggregated analysis of these log files is used to monitor website usage. These analyses may be made to available to our staff and partner agencies to allow them to measure, for example, overall popularity of the site and typical user paths through the site.
Except as stated already, we will make no attempt to identify individual users. You should be aware, however, that access to web pages will generally create log entries in the systems of your ISP or network service provider. These entities may be in a position to identify the client computer equipment used to access a page. Such monitoring would be done by the provider of network services and is beyond our responsibility or control.
We will make no attempt to track or identify individual users, except where there is a reasonable suspicion that unauthorised access to systems is being attempted. In the case of all users, we reserve the right to attempt to identify and track any individual who is reasonably suspected of trying to gain unauthorised access to computer systems or resources operating as part of our web services.
As a condition of use of this site, all users must give permission for us to use its access logs to attempt to track users who are reasonably suspected of gaining, or attempting to gain, unauthorised access.
All log file information collected by us is kept secure and no access to raw log files is given to any third party.
This website does not store any information that would, on its own, allow us to identify individual users of this service without their permission. Any cookies that may be used by this website are used either solely on a per session basis or to maintain user preferences. Cookies are not shared with any third parties.
Use of Cookies
What are ‘cookies’:
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
This website does not store any information that would, on its own, allow us to identify individual users of this service without their permission. Any cookies that may be used by this website are used either solely on a per session basis or to maintain user preferences. Cookies are not shared with any third parties.
The table below explains the cookies we use and why.
COOKIE | TYPE | DURATION | DESCRIPTION |
---|---|---|---|
PHPSESSID | This cookie does not identify you personally and is not linked to any other information we store about you. | A session cookie, deleted when you close your web browser. | As you browse around the pages on this site, the session cookie tells the website that you are the same person requesting the webpages, and not a new visitor to each page. |
viewed_cookie_policy | This cookie lasts for 365 days to save you repeating the acceptance each time you visit. | Used by the CookieLaw plugin to remember whether you have already accepted our cookie policy. This keeps us in line with The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 otherwise known as the “cookie law”. | |
wordpress_logged_in_xxxxx | Your login details are stored in an encrypted form. | A session cookie, deleted when you close your web browser. | WordPress uses this cookie to indicate when you’re logged in, and who you are, for most interface use. |
wordpress_test_cookie | Stores the text ‘WP Cookie check’ | A session cookie, deleted when you close your web browser. | WordPress sets this cookie when you navigate to the login page. The cookie is used to check whether your web browser is set to allow, or reject cookies. |
wordpress_xxxxx | Your login authentication details in an encrypted form. | A session cookie, deleted when you close your web browser. | WordPress uses these cookies to store your authentication details, and their use is limited to the admin console area. |
wp-settings-xxxxx,wp-settings-time-xxxxx | Data is stored as text indicating your preferred settings. | Persistent cookie, expire a little under one year from the time they’re set. | WordPress uses this cookie to customise your view of admin interface, and possibly also the main site interface. |
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.
Data Protection & Confidentiality
Some services on this website require us to collect personal information from you. To comply with the Data Protection Act, we have a duty to tell you how we store the information we collect and how it is used.
Any information you do submit will be stored securely and will never be passed on or sold to any third party.
Links to Other Sites
We may on occasion provide links to external websites. Whilst we make every effort to provide you with links to high quality, reputable sites, the contents of these sites are not under our control. When you click through to these sites you leave the area controlled by us. We cannot therefore accept responsibility for any issues arising in connection with either their use of your data, the site content or the services offered to our users by these sites.
Policy Changes
We reserve the right to make changes to this privacy policy without notice. Any changes that are made to this privacy policy will be reflected on this page.
How to Contact Us
If you require any further information, please contact us.