We, Data Ocean Limited trading as Data Compliance Europe, have developed this Data Privacy Notice in order to demonstrate our firm commitment to the privacy of your data. We are committed to safeguarding your data whilst ensuring you get the best out of our website. If you have any special requests concerning your personal information or any queries with regard to our privacy practices, please contact us by e-mail at [email protected] .
This Privacy Notice applies to all “personal data” as defined in Article 4 of the GDPR. In this Data Policy, we also refer to personal data as ‘data’, ‘personal data’ ‘information’ or ‘personal information’.
What Personal Data Do We Collect?
We process personal information from you at different stages of your interactions with us, in particular when you contact our offices. We process this information in order that our services can be offered as effectively as possible and so that we can fulfill our agreement with you.
Data we receive: contact details when you contact us, to allow us to return your queries. Contact details of relevant staff of clients to allow us to give effect to our contracts of engagement. Google Analytics, acting as our Data Processor, collects the IP address of visitors to our website, and provides us with aggregated information on the location of our visitors together with limited data on the search terms used by Google users which bring them to our website.
We may use information that you provide:
- To enter your details into our database and to enable us to administer our services on the basis of either consent or for the purposes of being able to meet our contractual obligations;
- For assessment and analysis (e.g. market, client and service analysis) to enable us to review, develop and improve the services we offer and to enable us to provide you and other clients with relevant information about our services. We use Google Analytics to measure visitors to our website. You can see details of all the cookies set by Google Analytics by following this link.
- To keep you informed of such products and services that we think you may be interested in, using the following methods:
- Text messaging
- Other ways as communicated through the website
Our legal basis for processing the personal data supplied to us will depend on the relationship we have with you at the time you give it to us. If you have engaged us to work for you, we’ll be processing it under that contract. If you have contacted us and supplied us with your personal data in order to allow us to respond to your queries, or otherwise deal with your communication, we’ll be processing it on the basis of your active and informed consent. There may be classes of personal data we are required by law to keep for an extended time period- such as billing data of clients for tax purposes. And there will be occasions where we will process your data without consent, but where there’s a legitimate interest to do so that isn’t outweighed by your own rights and freedoms- for example, an analysis to prevent fraud.
So, the releveant legal bases are;
- Article 6.1(a), GDPR, Consent
- Article 6.1(b), GDPR, Contract
- Article 6.1(c), GDPR, Legal obligation
- Article 6.1(f), GDPR, Legitimate Interest
Whilst we use all reasonable measures to ensure security of data we cannot guarantee against the misuse of computer equipment by hackers or any other disruptive third parties.
Sharing data with third parties
We may pass your personal data on to third-party service providers contracted to Data Compliance Europe in the course of dealing with you. We do this because there are some services, such as our email, which will not work unless we are able to make these transfers. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to deliver the service they provide on our- and of course, your- behalf. When they no longer need your data to fulfil this service, they will dispose of the details in line with agreed procedures. In the unlikely event that we are required to pass sensitive personal data onto a third party we will only do so once we have obtained your consent, or if it is necessary to comply with a contract, unless we are legally required to do otherwise. If you would like an up-to-date register of all our third-party service providers, or accounts of any legitimate interest processes, please contact h[email protected] and we will be happy to provide it.
Cookies do not contain information such as your home address, telephone number or credit card details.
Access to Information
If at any stage you would like to check, access or amend the information held by us about you please contact us at [email protected] . We reserve the right to take reasonable steps to confirm your identity before making any disclosure of information held by us.
Data Compliance Europe at your request, can confirm what information we hold about you and how it is processed. If Data Compliance Europe does hold personal data about you, you can request the following information:
- Identity and the contact details of the person or organisation that has determined how and why to process your data.
- The purpose of the processing as well as the legal basis for processing.
- If the processing is based on the legitimate interests of Data Compliance Europe or a third party, information about those interests.
- The categories of personal data collected, stored and processed.
- Recipient(s) or categories of recipients that the data is/will be disclosed to.
- If we intend to transfer the personal data to a third country or international organisation, information about how we ensure this is done securely. The EU has approved sending personal data to some countries because they meet a minimum standard of data protection. In other cases, we will ensure there are specific measures in place to secure your information. These will rely on measures approved by the EU Commission.
- How long the data will be stored.
- Details of your rights to correct, erase, restrict or object to such processing.
- Information about your right to withdraw consent at any time.
- How to lodge a complaint with the supervisory authority.
- Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
- The source of personal data if it wasn’t collected directly from you.
- Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.