Privacy Policy

Who we are

Digital Redesign is a Digital Agency based in Marlborough (Wiltshire-UK) that offers digital transformation for small businesses, professionals and startups. We are committed to protecting the privacy and security of personal data. This policy tells you how we will collect and use your personal data, and what you should expect in respect of the personal information about you that we have collected. The person with responsibility for our data protection compliance can be contacted via the contact form. We are the data controller of the personal data that we keep and use, and we are therefore responsible for making sure that our systems, processes and people comply with the relevant data protection laws in respect of that personal data. We will act in respect of personal data to comply with the six principles of the General Data Protection Regulation (“GDPR”), which are: • Lawfulness, fairness and transparency; • Purpose limitation; • Data minimisation; • Accuracy; • Storage limitation; • Integrity and confidentiality. You have rights in respect of how your personal data can be processed; these include the right to request: • a copy of your personal data; • that inaccurate data is rectified; and • that your personal data is, in certain circumstances, erased or restricted. You have the right to complain to the Information Commissioner, which you can do by contacting the Information Commissioner’s Office (ICO) directly. Full contact details, including a helpline number, can be found on the ICO website ico.org.uk. This website also has useful information on your rights and our obligations. However, please raise any concerns or issues with us first so that we may deal with this as quickly as possible for you.  

Collection, use and disclosure of personal data

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.  

Contact forms

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website. In general we collect and process data for the following reasons: • 1. personal data collected and created in relation to selling our technology, expertise consultancy; and • 2. personal data relating to people who have subscribed to our newsletter, asked to receive our marketing materials; and • 3. personal data relating to our people (which means those people working for our company, or providing services to us, or potentially working or providing services to us, including employees, consultants, freelancers, temporary or casual workers and contractors). All of our people are required to abide by our Privacy Policy when handling personal data, and are provided with appropriate data protection training.

Analytics

We might use Google Analytics to collect some information from our visitors and also SalesIQ to help us understand and connect with our customers.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue. For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated and manual spam detection service.  

1. Selling our technology and/or expertise consultancy

Collection of the data:

We will collect personal information which may include names, addresses, phone numbers and other information relevant for our customers. This will be done for the management of the commercial relationship with our customers. We may collect this personal data from you directly, and also from third parties, including publicly available third party sources. Additional personal data will be collected as it is created by or supplied to us in the course of anything we do for you.

Disclosure of the data:

We may share personal data with third parties as is necessary in the sale of technology, consultancy services, including to third party providers who deliver services to support the operation of our company. In respect of all disclosures of personal data, we will only share the personal information which is necessary for the particular purpose for which it is provided, or where we have another legitimate interest in doing so, and we will ensure that the personal data is appropriately protected.

Retention period of the data:

We will keep personal data only for as long as is necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting or reporting requirements. Normally, our retention period for personal data collected for this purpose is a minimum of 5 years after the end of the period we might pseudonymise the data.  

2. Newsletter subscription and marketing materials

Collection of the data:

We will collect information such as name, email address, IP address (or similar unique identifiers) job title and the business that you work for together with the additional information that you provide to us, for example when you let us know those areas of our business that you are interested in receiving information about. We may collect this information from you (whether directly or via automated means such as our website, forms, surveys) or from third parties (such as our customer). We will collect personal data in our contact relationship management system when you tell us that you wish to receive all or part of our Information, or otherwise give us your personal details. You may at any time tell us that you wish to stop receiving our Information. In some occasions data collection will be done via research (internet, yellow pages, magazines) so the publicly collected information will be used to contact you to offer our services as a legitimate interest.

Use of the data:

Personal data will be used to provide you with our newsletter that you subscribed for or marketing materials that you might have requested, or that we think are relevant to the preferences that you may have given to us. We may analyse what areas of information are of interest to you so that we can better target the Information that we provide. We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances: • with your consent; and/or • in performance of a contract (the agreement to provide services); and/or • where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

Disclosure of the data:

We may share personal data with third parties in respect of the provision of our Information, including to third parties who provide services to us, including IT, website hosting, email delivery and other services. In respect of all disclosures of personal data, we will only share the personal information which is necessary for the particular purpose for which it is provided, or where we have another legitimate interest in doing so, and we will ensure that the personal data is appropriately protected.

Retention period of the data:

We will keep personal data only for as long as is necessary to fulfil the purposes for which we collected it. Any personal data that we have from you solely for the purposes of your receiving our Information will not be used once you have asked us to stop providing these to you (except to the extent that it is necessary to stop you receiving the Information).  

3. Our people

Collection of the data:

We may collect names, addresses, contact details, education and employment history, identity and other background checks (which may include appropriate criminal and financial checks and confirmation of the right to work in the UK), marital status and information on next of kin and dependents, financial information (such as bank details and NI numbers), date of birth, gender, a copy of your passport and driving licence, performance information and compensation history, recruitment information (including references), salary, benefits, pension and annual leave information, disciplinary and grievance information, photographs, information about your use of our information and communications systems or other information obtained through electronic means. Personal data may be collected from you during the selection process (for example via your application form and CV) and during your employment (including holiday forms, expense claims, performance reviews, any disciplinary or grievance processes), or from third parties, including referees, health service providers, background check providers.

Use of the data:

Personal data of our people will be used for HR administration and management, both in respect of the selection of people to work for us (including suitability, eligibility and/or fitness to work), and those who do work for us, to include learning and development, disciplinary and security (of people, offices and data) requirements, providing and liaising with benefits providers, business management and planning (including accounting and auditing), paying you and dealing with tax and NI deductions, assessing and deciding on salary reviews and compensation, conducting performance reviews and managing performance, dealing with legal disputes involving you or others, preventing fraud, monitoring your use of our information and communications systems, ensuring compliance with our policies, and equal opportunities monitoring. We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances: • In performance of a contract with you; and/or • compliance with a legal obligation; and/or • vital interests of the data subject; and/or • where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. We may also use your personal data in the following situations, which are likely to be less common: • where we need to protect your interests (or someone else’s interests); • where it is needed in the public interest or for official purposes. In respect of all disclosures of personal data, we will only share the personal information which is necessary for the particular purpose for which it is provided, or where we have another legitimate interest in doing so, and we will ensure that the personal data is appropriately protected. In respect of special categories of personal data, we may process this in the following circumstances: • in limited circumstances with your explicit written consent; and/or • where we need to carry out our legal obligations and in line with our policies; and/or • where it is needed in the public interest (such as for equal opportunities monitoring or in relation to our occupational pension scheme), and in line with our policies; and/or • where it is needed to assess your working capacity on health grounds, subject to appropriate confidentiality safeguards. Less commonly, we may process this type of information where it is needed in relation to legal claims or where it is needed to protect your (or someone else’s) interests and you are not capable of giving your consent, or where you have already made the information public. We may also process such information about our people (or former people) in the course of our legitimate business activities with the appropriate safeguards. The special categories of personal data may be used in the following ways: • in relation to leaves of absence, to comply with employment and other laws; • in relation to your physical or mental health, or disability status, to ensure your health and safety in the workplace and to assess your fitness to work, to monitor, manage and administer benefits and absences; • in relation to your race, national or ethnic origin, religious, philosophical or moral beliefs, or your sexual life or sexual orientation, to ensure meaningful equal opportunity monitoring and reporting.

Disclosure of the data:

Personal data may be transferred to service providers who support the operation of our business (such as payroll service providers), to other third parties reasonably necessary in the conduct of our business (including insurers, professional advisors, regulators). These third parties may be acting as processor, or controller of personal data in their own right. In respect of all disclosures of personal data, we will only share the personal information which is necessary for the particular purpose for which it is provided, or where we have another legitimate interest in doing so, and we will ensure that the personal data is appropriately protected.

Retention period of the data:

We will keep personal data only for as long as is necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting or reporting requirements. We will normally keep personal data of applicants who we do not employ for six months after we receive it. We will keep personal data of employees throughout your employment and normally for a minimum of six years after your employment ends.  

4. Changes to your personal data

It is very important that the personal information that we hold about you is accurate and current. Please tell us if your personal information changes during your relationship with us.  

5. Data security

We have put in place measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those of our people and other third parties who have a business need to know. They will only process your personal data on our instructions and where they have agreed to treat the information confidentially and to keep it secure. We have put in place procedures to deal with any suspected data security breach and will notify you and the ICO of a suspected breach where we are legally required to do so.  

6. Where we store your personal data

We principally store data, both electronically and on file, at our office. Personal data may be transferred outside of the EEA by processors acting on our behalf. For transfers to countries not considered adequate by the EC, we will ensure that personal data is adequately protected, as required by the GDPR. This would include by use of the Standard Contractual Clauses adopted by the EC to protect personal data.  

7. Your rights

Under certain circumstances, you have the right by law to request: • access to your personal data. This enables you to ask to receive a copy of the personal data that we hold about you and to check that we are lawfully processing it. • correction of the personal data that we hold about you. • erasure of your personal data. • object to processing of your personal data where we are relying on our legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes. • restriction of processing of your personal data. • transfer of your personal data to another party.  

8. Links from our website

Our website may, from time to time, contain links to and from the websites of third parties that we permit to make such links. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. We recommend that you check these policies before you submit any personal data to these websites.  

9. Changes to this privacy policy

Any changes we may make to our privacy policy in the future will be posted on our website, so please ensure that you are viewing the correct version. Please contact us if you have any questions, comments or requests regarding this Privacy Policy. Last amended 01/05/2020