This Privacy Notice explains in detail about who we are, and the reasons we may collect, store, use and share personal information. You have rights in relation to your personal information. You are able to contact us and data protection authorities in the event you have a complaint.
Who we are:
Insider Marketing is a brand name of iCopywrite Ltd, registered in England, Co no 10147605. It collects and uses certain personal information about individuals with whom we come into contact during the course of our work. We act as a responsible controller of that information and seek to abide by the current data protection legislation. The data controller is Julie Kenyon. iCopywrite Ltd is registered with the ICO and appears on their register; you can view it at ico.org.uk/register.
The personal information we collect store and use:
- Your name
- Your contact information including address, email and phone number
This Privacy Notice may be updated from time to time and will be available to view via the Insider Marketing website at all times.
If you have any questions regarding this policy, please contact us on firstname.lastname@example.org
Why we collect personal information
We collect personal information to carry out marketing consultancy and support services for our clients. This information is used for the purpose of fulfilling our role as marketing consultants only.
Explaining the legal basis we rely on
The law on data protection sets out six ways which a company may collect and process your personal data. Having analysed our customer database and business model we have assessed that Legitimate Interest is the primary basis. This is because by your interactions with our company and website we believe you may be interested in our services.
When do we collect your personal data?
We collect personal data from a number of sources including
- our website contact form
- referrals from existing clients and individuals
- business contacts with whom we interact e.g. service suppliers that help us deliver our services
- via personal meetings, networking and referrals
What sort of personal data we collect
The personal data we collect is limited to the level we need to deliver our services and is made up of some or all of the following:
- Email address
- Phone number
- Job Role
- Contact address
How and why we use your personal data
Your personal data is used to ensure the services we deliver are suitable and appropriate and any data collected is only used to administer and deliver those services.
- To respond to your queries.
- To propose, quote, design, deliver, invoice and get feedback on our services.
- To comply with our contractual or legal obligations to share data with law enforcement.
How we keep your personal data secure
We have appropriate security measures in place to prevent personal information from being accidentally lost, used or accessed in an unauthorised way. The nature of the internet is such though that whilst we take appropriate security measures we cannot guarantee any personal information transmitted via the internet will be completely secure.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
We will hold your data for a maximum period of 36 months after the date at which we last had contact. At the end of that retention period, your data will be deleted completely.
Sharing of personal data
We only share personal data with team members and suppliers who provide relevant supportive services to our business. We do not sell or rent your information to third parties. Team members are required to comply with current data protection legislation. Their use is defined as data processors.
Rights over your personal data
The GDPR provides the following rights for individuals:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
Rights in relation to automated decision making and profiling
Where any subject access request is made there is a requirement to prove identity before any information is divulged. This may involve physical presence with accompanying ID. Where a request to “Be forgotten” is made, this can only be complied with if there are no other legal frameworks that overrule GDPR (e.g. HMRC, FCA, etc.).
Use of ‘cookies’
Regulation changes and remedial actions
GDPR went live on 25th May 2018 and the UK Data Privacy Bill has received Royal Assent. This Notice is based on the regulations as they exist with a review process set up to make any adjustments required to become and stay compliant.
Contacting the Regulator
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
You can contact them by calling 0303 123 1113.
Or go online to www.ico.org.uk/concerns/ (please note we can’t be responsible for the content of external websites)
If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.