Privacy Policy, Data Protection Policy and GDPR Compliance
GDPR Compliance Statement
Storm-7 Consulting (S7C) respects and complies with the European Union (EU) General Data Protection Regulations (GDPR). Robust updates have been implemented to update our privacy policy, terms and conditions and processes, in order for effective continuing compliance with all the new data protection regulations in the EU and all the GDPR privacy policies.
Regulation Compliance:
Consent
We ask consent and explain what you’re consenting to in clear and understandable terms, and ask that you explicitly consent to contact from us. We provide easy and clear means to withdraw consent, and users may request that we stop processing their data and personal information.
Breach Notification
In the event of a breach we will notify affected users within 72 hours of first having become aware of the breach.
Right to Access
Users can request confirmation as to whether or not personal data concerning them is being processed, where and for what purpose. Furthermore, we shall provide a copy of the personal data, free of charge, in an electronic format to the user or a third party at the user’s request. Users can request access to their personal information at any time, and may update us or inform about updates, for accuracy purposes. Additionally, users may request deletion of their personal data at any time.
Data Rights and Deletion
Once we have compared your (the subjects') rights to "the public interest in the availability of the data", we may delete your personal data where you have requested this. We automatically delete data that the business no longer uses or has any use for. Customers may object to profiling or automated decision making processes that could impact them.
Privacy by Design
We implement appropriate technical and organisational measures, in an effective way, in order to meet the requirements of this Regulation and protect the rights of data subjects'. We hold and process only the data absolutely necessary for the completion of our duties (data minimisation), as well as limiting the access to personal data to those needing to act out the processing.
Minors
If we process an personal data relating to children, we ensure proper verification of age and consent from a corresponding and appropriate legal guardian.
Review
We regularly review our policies for changes and effectiveness both for handling of data and also regarding changes to the state for affairs of other countries and any related data flows.
Privacy Policy:
Data - what information is collected and why?
The types of personal data and information we collect may include:
- Name
- Job title
- Job designation
- Correspondence address
- Billing address
- Telephone contact
- Company name
- Company email and telephone
- Postcode
- Device type (e.g. mobile, computer, laptop, tablet)
- Cookies
- Operating system
- IP address
- Browser type
- Browser information (e.g., type, language, and history)
- Domain names
- Access times
- Settings
- Referring website addresses
- Other data about your device to provide the services as otherwise described in this policy.
This data is provided by all users who choose and accept the terms and conditions for membership to the S7C website and all contents therein. These users specifically and clearly opt-in to the GDPR regulatory guidelines of personal data, and submit their details for appropriate use accordingly. This data is kept with the purpose of regular contact with the user, via email or telephone contact, and is kept for as long as the user is a member of the website, or until they request to withdraw their data or membership. It is necessary to process this data to fulfill user requests and deliver services and/or respond to queries, or to progress communications based on the requirements of the user.
Who is collecting the data and how?
The company (S7C) collects the information and control is under is the assigned company Data Protection Officer (DPO). The data is collected through a clear and straightforward system via the website and available membership options. The user may choose to provide their personal data and opt-in to the website private policy, and choose to receive communications, emails or telephone calls regarding our products and services available via our website.
What do we do with your information, how is it used?
If you choose to fill in a contact form on our website, we will store that information for 6 months and only use it for the purpose of contacting you in relation to that enquiry. When you browse our site, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Data storage and who is your data shared with?
All data is kept on an onsite company secure database storage location behind a firewall and is shared only with the company chosen CRM database (Hubspot). Information is securely synchronized between these two locations.
Consent
How do you get my consent?
When you provide us with personal information we clearly ask you to explicitly consent to our collecting it and accepting the GDPR compliance regulation criteria in effect.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at client.services@storm-7.com or by mail at: Level 24/25 the Shard, 32 London Bridge Street, London, SE1 9SG, United Kingdom.
Disclosure
We may disclose your personal information if we are required by law to do so.
Third-party services & links
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
When you click on links on our site, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
Security
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your personal information, the information is encrypted using secure socket layer technology (SSL) and stored with industry-standard encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we implement generally accepted industry standards.
Changes to this privacy policy
We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it. All existing members, clients, and customers will be notified of updates to our privacy policy.
Questions and contact information
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Data Protection Officer at client.services@storm-7.com or by mail:
FAO: Data Protection Officer
Level 24/25 The Shard, 32 London Bridge Street, London, SE1 9SG, United Kingdom
Company Data Protection Obligations
Further to the requirements of the Data Protection Act 1998, Storm-7 Consulting Limited (the Company) is registered on the public register of data controllers held at the Information Commissioner's Office, with registration reference ZA116529. The Registration Certificate may be viewed here.
Right to Privacy
Your right to privacy is important to us. The Company is committed to ensuring that your right to privacy is protected. Should the Company ask you to provide certain information by which you can be identified when using this Website, then you can be assured that it will only be used in accordance with this Privacy and Data Protection Policy. The following is provided to explain how the Company collects and uses information about you online.
Collection and Use of Personal Data
Personal data is not stored nor captured through this Website without the prior knowledge and consent of online users. Where personal information is captured (e.g., through web-based forms for feedback, registration, requests, etc.), the online user will be informed as to what personal information is being collected, who will use it, and for what purpose(s) it will be used.
Any personal data that you provide the Company will be treated with the utmost care and security. The Company will hold your personal information on our systems for as long as it is still used for the purpose stated when originally requested.
The Company may collect the following information from online users: name; job title; contact information including electronic mail (email) address; demographic information such as postcode, preferences and interests; other information relevant to customer surveys and/or offers.
The Company require this information to understand the needs of online users and in order to provide online users with a better service, and in particular for the following reasons: internal record keeping; to improve the Company's products and services; market research purposes; website customisation.
The Company may periodically send promotional emails about new products, special offers or other information which the Company thinks you may find interesting using the email address which you have provided. The Company may also periodically use your information to contact you for market research purposes, and the Company may contact you by email, phone, fax or mail.
Data Protection
The Company is committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, the Company has put in place suitable physical, electronic and managerial procedures to safeguard and secure the information the Company collects online.
The Company will ensure that it complies with all the protection that the Data Protection Act 1998 affords to you, and the Company will hold your personal data held on computer or in manual records securely in accordance with the Act.
In line with the Data Protection Act 1998 principles, the Company will ensure that personal data will:
Be obtained fairly and lawfully and shall not be processed unless certain conditions are met.
Be obtained for a specific and lawful purpose.
Be adequate, relevant but not excessive.
Be accurate and kept up to date.
Not be held longer than necessary.
Be processed in accordance with the rights of data subjects.
Be subject to appropriate security measures.
Not be transferred outside the European Economic Area (EEA).
Controlling your Personal Data
You may choose to restrict the collection or use of your personal information in the ways listed below.
Whenever you are asked to fill in a form on the website, look for the box that you can click to indicate that you do not want the information to be used by anybody for direct marketing purposes.
If you have previously agreed to the Company using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing the Company at the contact details given below.
The Company will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. The Company may use your personal information to send you promotional information about third parties which the Company thinks you may find interesting if you tell the Company that you wish this to happen.
Access to Personal Data
You have the right to ask the Company to provide you with all the information it stores on you. Certain national laws may require you to pay a small charge for this activity. If you wish to raise an objection to the processing of your personal data, to direct marketing, or to have your personal data corrected, you may do so by writing to or emailing the Company at the contact details given below.
Contact Details
The Company can be contacted by email (client.services@storm-7.com) or by letter (Storm-7 Consulting Limited, Level 24/25 The Shard, 32 London Bridge Street, London, SE1 9SG, United Kingdom).
Changes to the Terms of this Privacy and Data Protection Policy
The Company will occasionally make changes and corrections to this Privacy and Data Protection Policy. Please check this Privacy Policy regularly to see the changes and how these may affect you.