- This policy sets out how Fanatic Design Limited (“Fanatic”, “we”, “our”, “us”) will process personal information that we process about you.
- For the purpose of this policy, we are the data controller and are responsible for your personal information.
- If you have any questions or complaints about this policy or how we are processing your personal information, please contact:
[Ian Collis-Smith 0117 9532003 ]
- We always appreciate the opportunity to resolve any disputes with you but you have a right to complain or contact the Information Commissioner at any time. More information can be found at ico.org.uk or you can call them on 0303 1231113.
- WHAT INFORMATION DO WE COLLECT AND PROCESS?
- In dealing with us we will collect personal information on you. This information includes:
- Identifying and contact information such as your name, address, previous addresses, gender, date of birth, title, photographs (digital and non-digital), marital status, telephone numbers, email addresses, social media accounts, identity documents such as passports, driving licence and utility bills;
- Marketing information including marketing and communication preferences, hobbies and interests;
- Usage data including IP protocol data, cookies, login information, enquiry information, geographic data including time zones, browser information and operating system information;
- Financial data including payment cards, bank account details, credit score information;
- Query information including data supplied by you when submitting enquiries.
- We may also process information on you that we receive from third parties including Financial data and Identifying and contact information.
- WHO DO WE PROCESS INFORMATION ON?
- The information we process will depend on the individual and the basis upon which we are interacting with them. In particular:
- Clients: we will process Identifying and contact information, marketing information, usage data, financial data and query information (as described above) together with any information the client provides as part of any engagement and/or the provision of services. Further information is set out in our client terms;
- Prospective clients: we will process Identifying and contact information, marketing information, usage data, financial data and query information (as described above) together with any information a prospective client provides as part of any potential engagement and/or potential provision of services;
- Suppliers and other third parties: we will process Identifying and contact information, financial data, query data and usage data as part of any relationship or potential relationship with such supplier and/or third party;
- General contacts: we will process Identifying and contact information, marketing information, usage data and query information as part of our engagement with other third party contacts. This may be (for example) data collected as part of any networking or marketing events.
- HOW DO WE USE YOUR PERSONAL DATA?
- How we use personal data will depend on the individual and the reason we are interacting with them. However, in particular we will use your personal data:
- in performance of any contract or proposed contract between us;
- to provide information to you on things that we believe may of interest including any events or marketing initiatives;
- where it is necessary for our legitimate interests (or the legitimate interests of any third party) and your interest and fundamental rights do not override this;
- to comply with the law;
- to deal with any queries that we may receive.
- We will only process information where we have a legal basis to do so including where we are performing a contract or are about to enter into a contract with you, or we have a legal obligation or we have a legitimate interest. Legitimate interests will include a number of reasons including:
- protecting our intellectual property rights;
- enforcing a debt;
- defending or pursuing legal claims;
- promoting and enhancing our business including any sale, purchase or merger;
- obtaining and maintaining accreditations;
- complying with the law.
- We may share your personal data with our staff, consultants and/or advisors or any third party that is processing data on our behalf.
- YOUR RIGHTS
- You have various rights under the General Data Protection Regulations. These rights are subject to any legal constraints or rights we may have but include:
- Access: you can make a request for your personal data (this is known as a subject access request) (see below);
- Correction: if you believe any information we have is incorrect then you can ask us to rectify this. This will be subject to us verifying the inaccuracy;
- Erasure: you are entitled to ask us to erase or amend any personal data we may process;
- Transfer: you may request that we transfer your data to you or a third party;
- Withdrawing consent: you may withdraw any consent you have given to us to process your personal data.
- We will not usually charge you for exercising any of the above rights but, we:
- may have a legal basis on which we cannot carry out your request. Unless prohibited by law we will set out our reasons for refusing or seeking to amend any request;
- may charge a reasonable fee in limited circumstances – for example, if a subject access request is excessive or we consider it unfounded;
- will usually require identification to satisfy ourselves on the legitimacy of any request before we carry it out.
- We will carry out any request as soon as reasonably possible but usually within one month.
- DATA SECURITY
We have in place appropriate technical and organisations security measures to prevent your data from being accidently lost, amended, used or stolen. Data is limited to only those who need access and we have taken reasonable steps to ensure that all data is stored in a secure and controlled environment. Please note that we retain limited paper information with the majority of personal data being scanned and stored in electronic format.
- DATA RETENTION
We only hold on to your data for as long as is necessary. When determining how long this is, we will take into account the nature of the date, the reason we are holding it, whether we have completed the purpose for which it was obtained and our legal and statutory obligations.
- DATA STORAGE
All personal data is stored by us in the UK and/or the European Economic Area. In the event that we have to transfer data outside the UK and/or EEA we will only do so if it is to countries that have adequate data protection laws in place or we have entered into specific contracts (in a form approved by the European Commission and/or the UK regulator).
We may update this policy from time to time without notice to you. Where we do make changes, we will include a link to the immediate previous version highlighting the changes that have been made.