DATA PRIVACY NOTICE
Aukett Swanke Group (ASG) and its ‘affiliates’ (Aukett Swanke Ltd, Veretec Ltd “The Company”, “The Practice”, “we”, “us”, “our”, and any other Group entity) respects your privacy and is committed to protecting the personal information of visitors to our studio and website, clients, consultants, suppliers and contractors through its compliance with the General Data Protection Regulations.
This privacy statement provides information about the personal data that the Practice collects about all external and third parties such as visitors to our studio and website, clients, suppliers, consultants and contractors, and the ways in which our practice uses that personal information.
Should you need to make contact please do so at firstname.lastname@example.org
How do we collect information from you?
Your personal data may be collected by us in a number of ways, including:
- Through our provision of services to you, your employer or the organisation you represent;
- During the course of dealings with you for or on behalf of a client
- When you provide us with information in relation to your attendance at any hosted events
- When you provide information to us by filling in forms on this website
- When you contact us, eg. to enquire about our services
- When we collect your personal data from our clients, consultants, suppliers and other advisers
Our website may contain links to a number of websites that may offer useful information to our visitors. Please note, that if you follow the link to any of these websites this privacy statement does not apply and we do not accept responsibility or liability for their policies.
You may provide us with information by corresponding with us by phone, email, or otherwise as indicated on the website.
VISITING OUR STUDIO
When you visit our studio, you will be asked to sign into the Visitor Register and provide your full name, who you are visiting and the company you work for. This information is required on each visit for safety purposes i.e. so that we are aware of who is in the building at any one time should it be necessary to evacuate during an emergency situation. Visitor records, including passes are disposed of through the recycling system within 3 months of your visit.
If you are visiting for an event which is being held in our studio you will be asked for your name and the company you work for. You may also be provided with a name badge, if appropriate for the event.
There may be photographers at the event and in some cases, photography may be used on our social media sites and publications; if that is the case you will be informed beforehand and your consent sought for your photograph to be taken.
What type of information is collected from you?
The personal information you provide may include:
- Contact details (including your name, company addresses, email addresses, telephone and mobile numbers)
- Professional information such as job titles, previous roles, and professional experience and qualifications
- Details regarding your attendance at our events
- Images or footage for office or project promotion
- Where you provide personal data to us, e.g. sensitive personal data should you suffer and accident and are required to complete our accident report book, or information about allergies you provide when booking to attend an event.
This data is collected for the legitimate purpose of us providing you with our services.
How is your information used?
When we collect personal information from our clients and visitors to the building, it will be used for the following purposes:
- To maintain responsible commercial relations with you
- To understand your service and/or project needs
- To manage and develop our business and operations
- To meet legal and regulatory requirements
- To notify you of changes to our services
- To process a job application if appropriate
- To recommend your product or service to relevant contacts within the industry (ie. new client or supplier)
We are legally required to hold some types of information to fulfil our statutory obligations. We will hold your personal information on our systems for as long as is necessary for the relevant activity in accordance with our Data Retention Policy.
When you voluntarily provide your personal information to us we will use it only for the above purposes. If we intend to use your personal information for a purpose other than those above, we will seek your express consent.
Who will the information be shared with?
We will not share your information with third parties for any reason other than those specified above.
You have the right to ask us not to process your personal information. You can exercise your right by checking or unchecking certain boxes on the forms we use to collect your data. Or you can exercise the right by emailing us at email@example.com
You also have the right to see and correct data that we hold about you. If your details change or any other information we hold is inaccurate or out of date, please contact the Data Protection Coordinator at firstname.lastname@example.org
The Practice has in place reasonable technical and organisational precautions to ensure that your personal information is secure, with internal policies and controls to ensure that your data is not lost, accidently destroyed, misused or disclosed, and is not accessed except by authorised personnel within the Practice. We store all personal information you provide on our secure servers.
We use a least privilege access to data approach, restricting access to authorised personnel only who need to so they can discharge their duties. In addition, we have deployed a number of systems to ensure your data remains safe via our Cyber Security Strategy.
We provide password protected guest access to the internet while you are in the studio. It is securely configured to separate our corporate data from internet browsing. As a guest you will be asked to logon to a secure portal that will grant you access to browse the internet only. We do not store any information about your connection or the sites you visit.
Aged 16 or Under
We do not collect any personally identifiable information from children aged 16 or under without prior verifiable consent from a responsible parent or guardian related to the child.
Data Breaches and reporting
If it becomes apparent that a potential data breach has occurred, the Company will endeavour to report this to the ICO within 72 hours of becoming aware of the data breach. This will be the case if the data breach is likely to result in damage to a person’s reputation, financial loss, loss of confidentiality, or major financial or social disadvantage. If the breach is likely to result in a high risk to the rights and freedoms of the data subject the Company will also contact the data subject without undue delay.
Data breaches will be reported to the Information Commissioner Office (ICO) by calling the dedicated personal data breach helpline on 0303 123 1113.
End of document