This privacy policy is for Darcey Quigley & Co Ltd and this website [www.darceyquigley.co.uk] and governs the privacy of its users who choose to use it.
The policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the users, the website and website owners. Furthermore the way this website processes, stores and protects user data and information will also be detailed within this policy.
This website and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies to all UK national laws and GDPR requirements for user privacy.
This website uses cookies to better the users experience while visiting the website. Where applicable this website uses a cookie control system allowing the user on their first visit to the website to allow or disallow the use of cookies on their computer/device. This complies with recent legislation requirements for websites to obtain explicit consent from users before leaving behind or reading files such as cookies on a user’s computer/device.
Cookies are small files saved to the user’s computers hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
Cookies also allow us to help speed up searches on the website and the delivery of pages more quickly and to allow you to find pages you viewed previously when you return. This data is will not allow any third party to target you specifically.
You can refuse to accept all or some cookies by modifying settings within your browser. (for guidance on how to do this visit http://www.aboutcookies.org/). However, if you block the session cookies you may be unable to access certain parts of our sites.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors.
This website uses tracking software to monitor its visitors to better understand how they use it. This software is provided by Google Analytics which uses cookies to track visitor usage. The software will save a cookie to your computers hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information. You can read Google’s privacy policy here for further information [ http://www.google.com/privacy.html ].
N.B. – Other cookies may be stored to your computers hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.
Users contacting this website and/or its owners do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely for a period of up to 6 months or less if deemed necessary. Every effort has been made to ensure a safe and secure form to email submission process but advise users using such form to email processes that they do so at their own risk.
This website and its owners use any information submitted to provide you with further information about the products/services they offer or to assist you in answering any questions or queries you may have submitted. This includes using your details to subscribe you to any email newsletter program the website operates but only if this was made clear to you and your express permission was granted when submitting any form to email process. Or whereby you the consumer have previously purchased from or enquired about purchasing from the company a product or service that the email newsletter relates to. This is by no means an entire list of your user rights in regard to receiving email marketing material. Your details are not passed on to any third parties.
This website operates an email newsletter program, used to inform subscribers about products and services supplied by this website. Users can subscribe through an online automated process should they wish to do so but do so at their own discretion. Some subscriptions may be manually processed through prior written agreement with the user.
Subscriptions are taken in compliance with UK Spam Laws detailed in the Privacy and Electronic Communications Regulations 2003. All personal details relating to subscriptions are held securely and in accordance with the EU General Data Protection Regulation 2018. No personal details are passed on to third parties nor shared with companies/people outside of the company that operates this website. Under GDPR you may request a copy of personal information held about you by this website’s email newsletter program. A small fee will be payable. If you would like a copy of the information held on you please write to the business address at the bottom of this policy.
Email marketing campaigns published by this website or its owners may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database for future analysis and evaluation. Such tracked activity may include; the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity [this is by no far a comprehensive list]. This information is used to refine future email campaigns and supply the user with more relevant content based around their activity.
In compliance with UK Spam Laws and the Privacy and Electronic Communications Regulations 2003 subscribers are given the opportunity to un-subscribe at any time through an automated system. This process is detailed at the footer of each email campaign. If an automated un-subscription system is unavailable clear instructions on how to un-subscribe will by detailed instead. In accordance with the GDPR you will also be given the opportunity for your information to be removed completely from all our systems.
Although this website only looks to include quality, safe and relevant external links, users are advised adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text/banner/image links to other websites.)
The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should therefore note they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
This website may contain sponsored links and adverts. These will typically be served through our advertising partners, to whom may have detailed privacy policies relating directly to the adverts they serve.
Clicking on any such adverts will send you to the advertisers website through a referral program which may use cookies and will track the number of referrals sent from this website. This may include the use of cookies which may in turn be saved on your computers hard drive. Users should therefore note they click on sponsored external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
This website and its owners through their social media platform accounts may share web links to relevant web pages. By default some social media platforms shorten lengthy urls [web addresses] (this is an example: http://bit.ly/zyVUBo).
Users are advised to take caution and good judgement before clicking any shortened urls published on social media platforms by this website and its owners. Despite the best efforts to ensure only genuine urls are published many social media platforms are prone to spam and hacking and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.
All telephone calls incoming and outgoing will be recorded by Darcey Quigley and Co for reference, validating information in relation to cases and internal training purposes. All recording will be backed-up and stored securely for a period of 6 months. Once a call is recorded, it is stored using 256-bit encryption and each recording has a unique key and modification hash (checksum) to ensure authenticity at the network generation level which makes the recording admissible in a court of law.
No archiving of call-recordings is allowed at a network level and once the defined call-recording storage period has elapsed, the recording is permanently deleted.
Call recordings are compressed using MPEG layer 3 encoding @ 24Kbps. 1GB of storage should accommodate 92.59 hours of audio recorded or approximately 10.8 MB per hour of audio recorded.
All storage is within the United Kingdom and encrypted at rest within ISO27001, ISO9001, PCI-DSS and GDPR compliant Data centres.
Darcey Quigley & Co take your privacy seriously and will only use your personal information to provide information or Services you have requested from us. We will only use this information subject to your instructions, data protection law and our duty of confidentiality.
The data that we collect from you will not be transferred to, and stored at, a destination inside the United Kingdom and within the European Economic Area (“EEA”). We will take all steps reasonably necessary to ensure that no personal data will be transferred outside the UK or the EU. We will take all reasonable steps to ensure all data we collect is treated securely and in accordance with the applicable data protection laws.
Under the applicable data protection laws we need a lawful basis to collect and use your personal data. The law allows for six lawful bases to process people’s personal data, and one of them allows personal data to be legally collected and used if it is necessary for a legitimate interest of the organisation – as long as it is fair and balanced and does not unduly impact the rights of individuals.
For Business to Business Clients and Contacts our lawful reason for processing your personal information will be “legitimate interests”. Under “legitimate interests” we can process your personal information if: we have a genuine and legitimate reason and we are not harming any of your rights and interests. Individuals may be contacted about our services through social media, telephone or email but only in their business capacity as an employee of an organisation or on behalf of the business itself, except where such interests are overridden by the interests, rights or freedoms of the individual. All communication will be measured and unobtrusive.
For Business to Consumer Clients and Contacts our lawful reason for processing your personal information will be “A contract with the individual” eg to supply goods and services you have requested, or to fulfill obligations under an employment contract. This also includes steps taken at your request before entering into a contract. There are also instances where we will may contact non-limited businesses who under the FCA rules should be referred to and dealt with as consumers through social media, telephone or email. Your information will be processed except where such interests are overridden by the interests, rights or freedoms of the individual. All communication will be measured and unobtrusive.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
WE WILL NEVER SELL YOUR PERSONAL INFORMATION TO ANY THIRD PARTY.
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information and to run analytic software only uses this information to track how many visitors we have and their behaviour. This is statistical data in aggregated form about our users’ browsing actions and patterns and will not allow any third party to target you specifically.
Analytics – eg how visitors use our website
We use Google Analytics to store information about how visitors use our website so that we may make improvements and give visitors a better user experience.
Google Analytics is a third-party information storage system that records information about the pages you visit, the length of time you were on specific pages and the website in general, how you arrived at the site and what you clicked on when you were there. These cookies do not store any personal information about you eg name, address etc and we do not share the data. You can view their privacy policy below: http://www.google.com/intl/en/policies/privacy/
All storage is within the European Union and encrypted at rest within ISO27001, ISO9001, PCI-DSS and GDPR compliant Data centres.
We are fully compliant with GDPR and will honour the rights for data subjects to obtain from the data controller confirmation as to whether or not personal data concerning them is being processed, where and for what purpose. Further, the controller shall provide a copy of the personal data, free of charge, in an electronic format. If you would like a copy of some or all your personal information, please email privacy@darceyquigley.co.uk or write to us at the following address: Lynne Darcey Quigley, Managing Director, International House, Stanley Boulevard, Hamilton Technology Park, Glasgow, G72 0BN. We will respond to your request within 30 days of receipt of the request. We may also ask you for proof of your identity and address (eg. a copy of your driving licence or passport, and a recent utility or credit card bill). This is so that we can check that any information we disclose is only provided to the authorised party.
If you have any concerns or complaints about our privacy activities, you can contact us on privacy@darceyquigley.co.uk. You can also contact the Information Commissioner’s Office on 0303 123 1113 (www.ico.org.uk)
It is your right to lodge an objection to the processing of your personal data if you feel the “ground relating to your particular situation” apply. The only reasons we will be able to deny your request is if we can show compelling legitimate grounds for the processing, which override your interest, rights and freedoms, or the processing is for the establishment, exercise or defence of a legal claim.
Also known as Data Erasure, the right to be forgotten entitles the data subject to have the data controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data. The conditions for erasure, as outlined in article 17, include the data no longer being relevant to original purposes for processing, or a data subjects withdrawing consent. It should also be noted that this right requires controllers to compare the subjects’ rights to “the public interest in the availability of the data” when considering such requests.
Under the GDPR, breach notification will become mandatory in all member states where a data breach is likely to “result in a risk for the rights and freedoms of individuals”. Darcey Quigley & Co are required to keep a record of all security incidents involving personal data. Reportable incidents must be reported to the Information within 72 hours of detection, and without undue delay to individuals affected by the incident. It is vital that all staff report a personal data breach, however minor, as soon as possible after discovery so that we can use the 72 hours to establish what has happened, the size of the breach and whether it needs to be reported further.
We keep our privacy policy under regular review and we will place any updates on this web page. This privacy policy was last updated on 21 May 2018 and the Version number is 1.1 in line with the new GDPR guidelines.
