This information is our privacy notice. It explains what we do with your personal information, why we want to use it, how we protect it, and what rights you have to control our use of your personal data.
The most important fact is that it’s your personal data. We have complete respect for your rights and we will only use your data where necessary to deliver our services to you or your employer, or to keep you up to date about developments in our products.
Information about the data controller
The data controller is Doc & Tee Ltd. We are registered with the Information Commissioners Office under registration number ZA306932.
If you want to contact us about any of the points on this notice, or just generally about how we protect your privacy, please email Damien Doherty at email@example.com. We use this email address for all data protection and data access matters.
The purpose and lawful basis for processing your personal data
We use information for a few different purposes and these each have a different lawful basis. This section describes these in detail and, although it’s technical, we’re required by law to explain this to you.
- Existing client
If you are an existing client, we hold your name and contact details because we have a contractual obligation to deliver services to you. We need your contact details to deliver our services (such as send you update emails when you need to take actions, send you invoices and so on.) We will hold your information for no longer than 6 years from the termination of our working relationship.
- Previous client
If you are a previous client, in the following five year period since the end of our working relationship, we may continue to contact you with information about services because we think you will find it useful. We believe we have a legitimate interest in this direct marketing activity (and this is also permitted under the Privacy and Electronic Communications Regulations or “PECR”). If we do contact you in this way, you are always able to unsubscribe by clicking the link at the bottom of the emails we send, or by emailing us at firstname.lastname@example.org.
- Employee of client
If you are an employee of (or temporary or associate worker at) an existing client, you should note that we have most likely been given your personal data by your employer, we may not have collected it from you directly. We hold your name, job title and contact details so that we can help your employer raise awareness of and grow their business. We have a legitimate interest in being able to use this information in this way. We may also hold images of you that have been passed to us by your employer if you have consented to their use. We will hold your personal information for no longer than 6 years from the last time we were in email contact with you or your employer.
- Business customer or supplier of client
If you are a business customer, supplier or other contact of our client, we may have been given your personal information by that client. In which case, we may hold your name, job title and business contact details so that we can provide our marketing services to that client. We have a legitimate interest in being able to use your information in this way. We may also hold images of you that have been passed to us by your employer and/or our client if you have consented to their use by our client. We will hold your personal information for no longer than 6 years from the last time we were in email contact with you or our client.
- Associate with our line of business
If you are a supplier or other organisation associated with our line of business, we will hold your contact details because we have a legitimate interest in doing business with your company. We will aim to hold this information for no longer than five years since we were last in contact with you. It’s possible we picked this information up from public directories (such as LinkedIn and internet searches) or that you passed your details to us with a business card.
- Visitor to our website
If you visit our website, we use Google Analytics on our website to track user activity on our site, so we can improve our service. We record your computer’s IP address so we can tell how each user and repeat visitor is using our site (your IP address is also a piece of your personal data). We have a legitimate interest in tracking user journeys on the site so that we can improve our service. We will hold IP information for a maximum of 26 months from the time of your last visit to our site.
If you contact us through our web contact form, we will use your information to respond to your enquiry, and where we believe it will be useful to you and/or Doc & tee Ltd, maintain a future relationship with you. We believe we have a legitimate interest in doing so.
Who receives your personal data?
- Anyone who visits www.docandtee.com
We use Google Analytics to store your IP address and user journey on our website. Google is a data processor for us.
- Client or employee/supplier of client
If you are a client, one of their employees or temporary/associate workers, clients or suppliers, we may hold your information in Gmail and/or Microsoft Office. Google and Microsoft Office are data processors for us.
International transfers of personal data, and the measures in place to safeguard it
Google and Microsoft, etc. are all “cloud-based systems”, which means the information is held in huge information data centres in different locations.
All the cloud-based systems we use reserve the right to hold copies of your personal information outside the European Economic Area (EEA). This section explains the impact of these international transfers and how your information is protected. Please note that the reason companies may choose to do this is to hold back-up copies, so they can guarantee recovery.
Google and Microsoft may transfer your personal information to cloud data centres in the USA. The personal privacy laws and safeguards in the USA aren’t as good, so the European Commission has approved a system called “EU-US Privacy Shield” to make sure the personal information of European citizens is properly protected if held by companies in the USA. NCA uses Privacy Shield for all the companies listed in this section through standard contractual clauses approved by the EU.
Your personal data rights
The personal data we hold about you is your data, so you have certain rights over them. This section summarises your rights. You can exercise any or all these rights when you choose, and the easiest way is by dropping us an email at email@example.com.
Where we process your data based on a ‘legitimate interest’ you have the right to object to our processing of that data. From that point, we must stop processing your data until we have determined whether your rights override our, or our clients’ interests.
Your rights to lodge a complaint with the Regulator
At all times, you have the right to report a concern or lodge a complaint with the Information Commissioner’s Office. Please refer to the ICO at https://ico.org.uk/concerns/ or by calling them on 0303 123 1113.
Of course, we hope that we can resolve your issue quickly and fairly – you can contact us at firstname.lastname@example.org.
Other purposes for processing personal data
We don’t process your personal data for any other purpose than we’ve described here. We won’t sell your personal data to other companies.
As we develop our products and services, we might add or change our data processing. Should we do so and believe that it will affect your personal data, we will contact you to let you know what we intend to do, the lawful basis we will use, and your rights over our intended new processing. We will also publish information about it here.
If you have any questions, concerns or want some more information about our privacy management, email us at email@example.com.