This privacy notice covers DBD Digital Limited and the data we collect from you when you use our site, together with the personal data we process when you contact us using our online form, or contact details, and the personal data we process when we deliver our services to you.
These are our reasons for collecting it, what we do with it and what your rights are.
Who Are We?
We are DBD Digital Limited, and our registered office is 5 Temple Square, Temple Street, Liverpool, Merseyside, L2 5RH, UK. Our company registration number is 926056916.
Our operational office address is 12 George Street, Alderley Edge, SK9 7EJ, UK.
We are the data controller for this processing and are registered with the Information Commissioner’s Office (ICO).
Purpose of Processing
We process your personal data:
- to respond to enquiries about our services
- to take the necessary steps to enter into a contract with you or your organisation
- to deliver our services to you or your organisation once you become a client
- to market our services to you or your organisation
Basis of Processing
Where we are responding to enquiries about our services we process your personal data because it is in our legitimate interest to do so in order to deal with your enquiry.
Where we are negotiating with you to provide our services to your organisation then we process your personal data because it is in our legitimate interest to do so in order to take the necessary steps to provide our services. Where we are negotiating with you personally then we process your personal data because we are taking the steps necessary to create a contract with you.
Where we have a contract to deliver services to your organisation we process your personal data because it is in our legitimate interest to do so in order to provide our services under that contract. Where our contract is with you personally then we process your personal data because we are performing the contract between us.
Where we are directly marketing our services to you or your organisation we process your personal data because it is in our legitimate interest to do so and you have not opted out of receiving direct marketing or because we have your consent to do so (if you have opted in to receive our direct marketing).
Where we are relying on your consent to process your personal data you are free to withdraw that consent at any time. Where we are relying on our legitimate interests to process your personal data you may object to that processing at any time and we will let you know if we agree or disagree with your objection.
What personal data do we collect?
We will collect and process the following data from our website’s contact form or when you get in touch with us to make an enquiry. We will also retain these personal data when we are providing our services to you.
- Your name
- Your email address
- Your telephone number
- Your organisation name & address
When we are processing your personal data for our marketing activities we may process the additional personal data, depending upon the nature of the activity,
- Your social media details when you interact with us on social media
Special Category Data
There are additional rules we must follow if we collect certain types of more sensitive data, known as Special Category Data. These include details of your ethnicity, beliefs, health and sexuality.
We do not process any special category data about you.
Do we ever share personal data?
We will share your data if required to do so by a legitimate law enforcement agency.
When you submit your personal data online your data is held by our partner who hosts our website. We also share your personal data with our cloud storage provider, and our cloud based business software providers.
If you consent to the use of analytics and tracking cookies from our website we will share data with those third party cookie providers.
If we are communicating with you via email or social media channels we will be sharing your personal data with those email and social media providers.
Where we are using a data processor to process personal data on our behalf, for example our website hosting supplier, then we ensure that a valid data processing agreement is in place between us and that any international transfers of data have a lawful mechanism.
We will never share or sell your data to any other third parties without your permission.
How do we keep your data secure?
We take sensible steps to keep your data secure:
- All data sent between your browser and our website are encrypted in transit,
- All data we hold in our computers are encrypted at rest,
- Paper records are held in locked cabinets within secure premises,
- Our employees are bound by confidentiality terms in their contracts of employment,
- We delete personal data when we no longer need to retain it,
- We restrict access to personal data to those employees who require access as part of their role.
- We always enable multi-factor authentication for our online accounts
- We use an encrypted password management system
You have a number of rights relating to the processing of your data, if you would like to use them or have any questions then please contact us.
We won’t charge you for doing any of the following, however we may make a charge in the case of frequent repeat requests:
- Awareness: You have the right to be fully informed about why and how we process your information. This privacy notice is intended to meet that requirement, but please do contact us if you have any questions
- Access: You have the right to a copy of the data we hold about you
- Rectification: If you think some of the data we hold is wrong then you have the right to ask us to correct it
- Erasure: You have the right to ask us to delete the data we hold about you. Where we are holding the data to fulfil a contract with you or for a lawful basis other than consent then we will need to retain the data in accordance with the data retention requirements shown below
- Restriction: You have the right to ask us to restrict the processing of personal data whilst we check its accuracy, if you think the processing is unlawful, if you believe we no longer need to process the data but you need us to store it due to pending legal claims, or when you object to our processing based upon our legitimate interests and we are assessing the validity of that.
- Object: Where we are processing your personal data based upon our legitimate interests you have the right to object to that. If your objection is valid (for instance in the case of any direct marketing activity) then we will stop processing your personal data for that purpose.
- Data portability: You can request a copy of your data in a digital format which you can then supply to another provider.
- Automated decisions and profiling: You have the right, in certain circumstances, not to be subject to decisions based on automated processing (including profiling) if it has a significant or legal impact on you. This doesn’t apply if the processing is necessary to fulfil a contract with you, or if you have given us your consent to do so. We do not use your personal data for any kind of automated decision making.
How long do we keep your data for?
Where we are relying on your consent or our legitimate interests to process your data then we will keep your personal data until you withdraw your consent for us to use it, or object to the processing in our legitimate interests and we agree with your objection.
Where we are processing your data for the purposes of performing a contract with you or your organisation, or taking the necessary steps to do so, then we will keep the personal data for 7 years after the end of the contract.
We utilise cookies on our website. Some are required for our site to work, these are known as essential cookies, and we also use others for analytics and marketing purposes.
We will ask for your consent to use any cookies which aren’t essential, and we won’t deploy any non-essential cookies without your consent.
Cookies used: Google and Facebook.
What happens when I follow links to other sites?
If you follow a link from our site to another site then you should read the privacy notice on the other site prior to providing your data to them.
Where do we process data?
We process data at the address shown above.
Our data processors also process data on our behalf, they are detailed below together with where they process data and the protections in place for international transfers:
- Google – USA (Standard Contractual Clauses in place)
- Microsoft – USA (Standard Contractual Clauses in place)
Our contracts with our data processors include the necessary provisions required by GDPR to further protect your rights.
Making a complaint
Please contact us at the above address.
You can also contact the Information Commissioner’s Office (ICO) on their helpline 0303 123 1113 or online at www.ico.org.uk. If you should contact the ICO they will normally ask you to contact us first.