Privacy Policy

What this Privacy Policy covers

AddVantage Marketing Limited (Company Number 08818553 registered in England and Wales)  known as AddVantage Strategy, is registered at The Tall House, 29a West Street, Marlow, Buckinghamshire, SL7 2LS and we are providing this Privacy Policy to explain our data collection, use and storage of any personal data which we process.  Our VAT registration number is 177934950.

AddVantage Strategy is committed to protecting your privacy and uses the most powerful and safe online experience. This statement of privacy applies to the AddVantage Strategy and to our data processing activities in general. The conditions of processing of personal data and the purposes for which personal data may be collected, stored and used are described in this Privacy Policy. By using the AddVantage Strategy website (www.addvantagestrategy.com), you signify that you are happy with the data protection practices described in this statement.

Legislation

The General Data Protection Regulation (GDPR) provides new rights to individuals regarding the collection, storage and use of their personal data. Also covered in this Privacy Policy are the requirements of the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations 2003 updated 2004 and 2011 (PECR).

Who is the Data Controller?

AddVantage Strategy

Data Controller contact details

Telephone: 07970 188057

Responsible person

Nathan King

[email protected]

What is personal data?

Personal data means any information which relates to a living individual who can be identified either directly or indirectly by reference to an identifier such as their name, email address and other personal details.

What type of data do we collect?

We may collect from you:

  • your full name
  • your job title (if applicable)
  • your company name (if applicable)
  • your email address
  • your postal address
  • your landline telephone number`
  • your mobile number

What about children’s data?

We do not knowingly process personal data of children under 16.

What are our grounds for processing personal data?

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • Where we need to comply with a legal or regulatory obligation.
  • Where we have your consent

Legitimate Interest means the interest of our company in conducting and managing our organisation to enable us to give the best help possible. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests and those of our charitable cause. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us at [email protected].

New rights under the General Data Protection Regulation

  • You have some additional rights under the GDPR.
  • Access: Data Subject Access Request. You have the right to access the personal information we may hold about you. On receipt of such a request we will endeavour to respond to you as soon as possible, but at least within one calendar month. You must provide us with 2 forms of personal identity to ensure that we only disclose to you information which is relevant to you personally.
  • Rectification: You have the right to request that we amend any personal information that may be incorrect or require updating.
  • Erasure: You have the right to request that we delete any personal information pertaining to you. Any questions about these rights may be sent to [email protected].
  • Data Portability: Under GDPR there is a new right to data portability, primarily designed to make it easier for individuals to switch between service providers. This is unlikely to be relevant to your relationship with AddVantage Strategy.
  • The right to restrict or suspend processing: Individuals have a right to ‘block’ or suppress processing of personal data. If you decide to do this, we will continue to store the data, but not further process it until we have agreed a solution to the issue you have raised.
  • Data breach reporting. You have the right to be informed of a data breach if there is material damage which might affect you. We have a process in place just in case this unlikely event happens.

Do we collect any special categories of personal data?

We do not collect any special categories of personal data, as defined by the GDPR, except if you are a staff member. If you apply for a vacancy within AddVantage Strategy but are not successful, we will delete your personal information including any special categories in line with our retention policy.

Special categories of data under Article 9 of the GDPR are:

“racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation”

Is data collected from third party or public domain sources?

We may collect your personal data from you, a member of staff, face to face, or from a public source where we believe that you will be interested in what we do. Where we collect personal data from third party or public domain source we provide a means to opt-out or unsubscribe on every message we send you.

How do we use your personal data?

We will only use your data for the purposes we have specified, primarily we use your personal data to send you what you have signed up for or where we have your consent to send you other information that we think you might be interested in.

Processing data on behalf of third party companies.

We sometimes process personal data on behalf of our clients where the client is the data controller of such data. Where this occurs we have the relevant contract in place which is compliant with GDPR and only act under client’s instruction.

How to stop receiving communications

AddVantage Strategy will not send marketing communications to individuals who have unsubscribed, opted-out or otherwise asked us to stop direct marketing. Where we collect contact information from you which may be used for marketing purposes, we will let you know how to stop receiving such information if that’s what you prefer.

Surveys or marketing research

We may contact you from time to time to seek your views via a short survey to inform our strategic direction, your thoughts about our work, and other matters. You always have the choice about whether to take part in our research.

Is data processed outside of the UK? – If so how is it protected?

We do not process personal data outside of the UK.

Is data shared with 3rd parties and if so, who?

We do not share personal data with 3rd parties for marketing purposes or unless required to by law where we may be called upon to disclose data on legal and tax issues.

Disclosure to other organisations’ data processors

We sometimes disclose personal data to our suppliers in order for them to process personal data on our behalf. When we do so we have a contract in place compliant with the GDPR to ensure the security of any personal data that each processor or sub-processor processes.

Data security – how we protect your data

We follow appropriate security procedures in the collection, storage and use of your Information so as to prevent unauthorised access by third parties.

We process data using password protected PCs that are held at secured, alarmed premises. There are access restrictions in place and at the sites of our data processors within the UK. Our IT specialist retains our data at a different location equally protected behind the appropriate firewalls and other security devices.

However, unfortunately, the transmission of Information via the Internet is not completely secure. We cannot ensure the security of your Information transmitted by you to us via the internet. Any such transmission is at your own risk and you acknowledge and agree that we shall not be responsible for any unauthorised use, distribution, damage or destruction of your Information, except to the extent we are required to accept such responsibility by the GDPR, The Privacy and Electronic Communications Regulations or other privacy regulations. Once we have received your Information we will use security procedures and features to prevent unauthorised access to it.

External links not covered by this policy

Please remember that when you use a link to go from our website to another website or you request a service from a third party, our Policy no longer applies. Your browsing and interaction on any other website or your dealings with any other third party service provider, is subject to that website’s or third party service provider’s own rules and policies. We do not monitor, control, or endorse the Information collection or privacy practices of any third parties. We encourage you to become familiar with the privacy practices of every website you visit or third party service provider that you deal with and to contact them if you have any questions about their respective privacy policies and practices. This Policy applies solely to Information collected by us through our website or services and does not apply to these third party websites and third party service providers.

Data Retention Policy

Our policy is to retain data only as long as this is necessary. If you unsubscribe or opt-out we may keep your personal data on a suppression list so that we don’t contact you again.

CCTV

We do not have any CCTV in operation at our premises.

What to do if you have a concern

Please contact us at [email protected] and we’ll be happy to help you.

The Regulator of GDPR, the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations 2003, updated 2004 and 2011 is the Information Commissioner’s Office. If you feel you wish to draw the Regulator’s attention to the way and the purposes for which we are processing personal data, you may contact the ICO by clicking here https://ico.org.uk/concerns/ .

Changes to our Company.

In the event we go through a business transition, such as a merger, an acquisition by another company, or sale of all or a portion of our assets, your information may be among the assets transferred. You acknowledge that such transfers may occur and are permitted by this Policy.

Changes to this Privacy Policy

Amendments to this Privacy Policy are made every time something changes in the way or the purposes under which we process personal data.

When last updated?

11th October 2018.