Ailgynnau Consulting Limited may from time to time employ the services of other third parties for dealing with certain processes necessary for the terms of the business, and may use in accordance with our Statement of Engagement for marketing purposes to advertise promotional offers with legitimate interests only. This will not defer from G.D.P.R Compliance and distribute personal information.
Controlling Use of Your Data
Here at Ailgynnau Consulting Limited, your privacy is important, and we are committed to doing everything we can to protect any personal data that you give to us. Please continue reading this Privacy Notice to understand how we work with your data. If you have any questions about what we do with your personal data after reading this notice, feel free to contact us using the contact details provided below. The data controller of the personal data referred to in this Privacy Notice is Ailgynnau Consulting Limited, a limited liability company registered in the United Kingdom. All references in this Privacy Notice: to our “Website” refer to the website, to “we”, “us” and “our” refer to Ailgynnau Consulting Limited; and to “you” and ““your” refer to you, the user. What kind of personal data do we collect? When you require a service agreement with us, you will be required to provide us with certain information, including your name, address, e- mail address, phone number and payment information.
Once we have collected the information about you, it will be used for the following purposes:
• We will use your personal data to provide to you the services that we sell, which may include special offers.
• We will communicate with you in relation to your service agreement. We will use the contact information you have previously shared with us to communicate with you in relation to your service and to provide you with information relevant to your service.
• Customer Services: You are free to contact us about our services at any time, whether this is a general query, a question about your personal data or to report a problem. This can be done via email@example.com who will manage your inquiry and take appropriate steps to ensure GDPR breach reporting compliance is fully achieved, by telephone or via email contact. We will use the information that you have provided to help us answer any questions and respond to your query (along with any future queries that you may have). If you contact us by telephone, your call may be recorded for quality control and training purposes, but we will always ask for your consent before recording communications for these purposes.
• Marketing: Where you place an order with us and you have opted in (or in any other case, if you have opted in to receive marketing by email or text message), we may contact you by e-mail or text message with information about other goods and services that we offer that are similar to those that you have already purchased or enquired about and we think may interest you based on the information we hold about you. We may also use your contact details to contact you by phone or post with details of products and services that we think may be of interest to you (unless you have told us you don’t want to receive these communications, or you are registered with the Telephone Preference Service). We will hold your data for a period of 18 months before redefining consent from yourself.
• Promotional Activities: If you participate in our promotions (such as surveys or competitions) we will use the information you provide to administer these activities. • Improving our services: Sometimes we will use your data to help us improve the quality and functionality of the services that we offer. This includes:
◦ analysing your recent visits to our website and how you move around different sections of our website for analytical purposes to understand how people use our website so that we can make it more intuitive.
◦ troubleshooting, data analysis, testing, research and for statistical and survey purposes by us, all of which helps us to provide the best service that we can. Again, this information is not shared.
• Legal basis for processing personal data. Our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the specific context in which we collect it. However, we will normally collect personal data from you under the following legal bases:
◦ Performance of a contract: If we have obligations under a contract with you, we will use your information to perform our obligations to you.
◦ Consent: You will be asked to consent to us providing you with marketing information and if you give us this consent, we will rely on this when contacting you with marketing information by e- mail and text message. You can opt-in to receive marketing communications from us at any time by contacting us.
◦ Legitimate interests: We will use your information for our own legitimate interests, for example, to provide you with the best suitable content or services to improve and promote our services and for our own administrative purposes including creating and maintaining business records of our relationship with you.
◦ Legal requirements/vital interests: In some cases, we will have a legal obligation to collect personal data from you (for example, for us to comply with specific industry regulations.
• How and where will your data be processed? Any information that we hold about you is stored on our secure servers and all payment transactions are encrypted. Only authorised personnel are permitted to access personal data during their work. Whilst we do our best to protect your personal data, no information transferred over the internet can be guaranteed to be completely secure and you provide your information at your own risk.
• The data that we collect from you will not be transferred to, and stored at, a destination outside the European Economic Area (“EEA”), including (in some instances) where we transfer your data to our suppliers so that they can assist us with providing our services to you. If you instruct us to do so we will do this by including and entering into data transfer agreements, using the EU Commission approved Standard Contractual Clauses, or by relying on certification schemes such as the EU-US Privacy Shield. You have the right to details of the mechanism under which your data is transferred outside of the EEA – for this information, please contact us using the details set out under “How can you contact us?” below.
• Third party service providers: We will include anyone who provides services or functions on our behalf, including credit card processing, business analytics, advertising, administration of competitions and promotions, collection of customer feedback and customer service. We use these service providers to process your data on our behalf, this may be to send our marketing material or to collate information that can be analysed to improve our service. They have access to and may collect information only as needed to perform their functions and are not permitted to share or use information for any other purpose. Where we provide data to third party service providers for them to provide data analysis or statistical services for us, we will only ever send them aggregated, anonymised data. The third-party providers will not share or pass on or even hold your data for longer than necessary to complete the data field transaction to ourselves.
• Payment Providers and other financial institutions: If you request a chargeback for your services, it may be necessary for us to share certain consultation details with the payment service provider and the relevant financial institution so they can handle the chargeback.
• Any competent law enforcement body, regulator, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights (including to investigate any suspected fraudulent or other criminal activity), or (iii) to protect your vital interests or those of any other person.
What rights do you have in relation to your personal data? You have the following rights in relation to the personal data that we hold about you:
• If you wish to access, correct, update or request deletion of your personal data, you can do so at any time.
• You can object to the processing of your personal data, ask us to restrict processing of your personal data or request portability of your personal data.
• You have the right to opt-in to marketing communications that we can send to you at any time. You can exercise this right by opting in to the marketing e-mails we send you.
• Similarly, if we have collected and processed your personal data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent.
• You have the right to complain to a data protection authority about our collection and use of your personal data. For more information, please contact your local data protection authority. The Information Commissioner’s Office is the data protection authority for the UK. If you would like to exercise any of your above rights, please contact us using the contact details provided under the “How can you contact us” heading below. We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. Changes to our Privacy Notice: We may update this Privacy Notice from time to time in response to changing legal, technical or business developments. When we update our Privacy Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Notice changes if and where this is required by applicable data protection laws. You can see when this Privacy Notice was last updated by checking the “last updated” date displayed at the top of this Privacy Notice.
How can you contact us? If you have any questions about this Privacy Notice or wish to exercise any of your data protection rights, please contact our Data Protection Officer at:
Email: firstname.lastname@example.org Post: Should be sent for the attention of the Data Protection Officer to:
Ailgynnau, Abercych, Boncath, Pembrokeshire SA37 0HD .