The purpose of this policy is to explain to you how we control, process, handle and protect your personal information while browsing or using this website, and registering to attend one of our events, including your rights under current laws and regulations.
Policy key definitions:
- “I”, “our”, “us”, or “we” refer to the business, [Business name & other trading names].
- “you”, “the user” refer to the person(s) using this website.
- GDPR means General Data Protection Act.
- PECR means Privacy & Electronic Communications Regulation.
- ICO means Information Commissioner’s Office.
- Cookies mean small files stored on a users computer or device
The Data Protection Policy employed by Jenny Inc Limited has been developed as an extension of our commitment to combine the best quality services with the highest level of integrity in dealing with our clients, suppliers, associates and staff. This policy has been updated to be in line with GDPR standards in our on-going commitment to protecting the privacy and security of your personal information. This policy guides you through how we collect store and use information about individuals and organisations. It will be continuously assessed against new technologies, business practices and the changing needs of everyone we deal with.
Jenny Inc Limited is a “controller” of your personal information. Our address is 22 St Cross Court, Upper Marsh Lane, Hoddesdon, Hertfordshire, EN11 8LG
Our Data Protection Policy recognises two kinds of personal data that deserve different levels of protection:
Personally-Identifiable Information includes, for example, e-mail addresses, billing information, and ‘click stream’ data that tracks visitor activity on a Web site or online service.
A subset of that category, Special Data, deserves additional safeguards. Special Data includes, by way of example, Clients’ confidential data, Sexual Orientation, Bank Account, Income Tax and National Insurance numbers, Biometrics, Race, Religion etc. If your relationship with us includes providing Jenny Inc Limited with Special Data, we will protect that information with extra care. We will not distribute Special Data outside of Jenny Inc Limited if you so request, and will give you the chance to opt out of sharing this information within our own organisation.
Jenny Inc Limited collects Personally-Identifiable Information and Special Data only when there is a legitimate business need to do so.
Notice: We will inform you about why we are collecting Personally-Identifiable Information and how we intend to use it. We need to collect and store your name, address, and other basic Personally-Identifiable Information, for example, to provide you with the service you requested, as well as for billing purposes.
Our legal basis to use your personal information
We need your information primarily to allow us to perform our contract with you and to enable us to comply with legal obligations such as to pay VAT over to HMRC. In some cases we may use your personal information to pursue legitimate interests of our own (the efficient and effective operation of the business) or those of third parties, provided your interests and fundamental rights do not override those interests.
Purposes we use your information for:
To correspond with you with a view to providing a service; to take monies for payment from you; to arrange invoices; to pay VAT over to HMRC; for the purposes of an after sales service etc.
If you fail to provide personal information
The provision of information by you is a contractual requirement. If you fail to provide certain information when requested, we may not be able to perform the contract for services for you.
We may share your information with HMRC for VAT purposes, third party suppliers where required to fulfil a contract with you.
We will typically retain your personal information for 7 years following conclusion of the works inline with HMRC guidelines.
Your rights in connection with personal information
Under certain circumstances, by law you have the right to:
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
Right to withdraw consent (Opt Out)
In any circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact us at firstname.lastname@example.org or at the above address. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
International Data Transfers
Any personal data will only be transferred to other countries that are part of the EEA and therefore have adequate levels of security in place to protect your data. Any country outside of the EEA / EU we share data with will be compliant with the level of security required for companies within https://ico.org.uk/registration/new it; this includes ensuring companies in the US are members of the Privacy Shield scheme and other companies outside the US have contractual obligations in place to provide the same security.
Some cookies are required to enjoy and use the full functionality of this website.
Email marketing messages & subscription
Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed in the “Processing of your personal date” above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketingmessages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences.
Jenny Inc limited will not sell personal data in any form, including mailing lists. All its data are for internal use only:
Jenny Inc Limited will continue to oversee implementation of and compliance with our Policy and will adapt the Policy to reflect changes in technology and the expectations of everyone we deal with.
Jenny Inc Limited Data Protection Policy has been developed out of respect for the privacy preferences and choices of our candidates, suppliers customers, associates and staff. We have established procedures to ensure that every reasonable effort is made to address your concerns.