Please read the following information carefully. This privacy notice contains information about what data we collect and store about you and why. It also tells you who we share this information with, the security mechanisms we have put in place to protect your data and how to contact us if you have a complaint.
Who are we?
We will refer to this website, www.littens.co.uk, as “our website” in this policy.
”Littens is a ”a. We are committed to ensuring that your privacy is protected, and your data kept secure at all times. As an important part of our business, we collect, use and are responsible for personal information about you. When we do this, we are the 'data controller' of this information for the purposes of the General Data Protection Regulation and other applicable data protection laws.
Please contact our Data Protection Officer at ”email@example.com” if you have any questions about this privacy notice or the information we hold about you. You can also write to our Data Protection Officer at ”Asia.
What do we do with your information?
Information collected by us
To enable us to provide services for you, we collect some personal information that you provide to us, which is as follows (but not limited to):
- Personal Data: name, address, date of birth, emails, phone numbers etc.
- Sensitive Personal Data: medical records, photos, racial or ethnic origin etc.
How we use your personal information
We only collect personal information that will be relevant to your enquiry. We use your personal information for the following purposes:
- To deal with your enquiry and decide how to progress
- To deal with services we provide to you
- To provide you with information that you have requested
- To process employment applications
- To allow us to comply with our legal, insurance and regulatory obligations
- To deal with any complaints
- To audit how our websites are being used
Whether information has to be provided by you, and why?
This personal information must be provided by you to us, to enable us to meet our contractual requirements. Failing to provide us with the information we require will stop us from being able to deal with your enquiry. When we collect information from you, we will inform you whether you are required to provide this information to us.
Who will we share your personal information with?
Depending on your enquiry we may need to share your information with third parties who process information on our behalf; we will always ask for your permission before we share your data, unless we are legally prevented from doing so, or you have already confirmed we are authorised to do so.
We will share personal information with law enforcement agencies if required by applicable law.
We will not share your personal information with any other third parties without your consent.
Transfer of your information outside the European Economic Area (EEA)
We will not transfer your personal information outside the European Economic Area.
How long will we store your personal data?
We have to keep your personal information for seven years in line with our legal, insurance and statutory obligations, if you become our client. Otherwise, the information will be kept for as long as it is necessary and reasonable to enable us to process it.
We are relying on your explicit consent to process and share your data as required. You provide this consent when you give your written consent, supply your information, or continue to use our websites.
You have the right to withdraw this consent at any time, but this will not affect the lawfulness of any processing activity we have carried out prior to you withdrawing your consent.
You can opt-out by emailing our Data Protection Officer at ”firstname.lastname@example.org” or writing to our Data Protection Officer at ”Asia.
Under the General Data Protection Regulation, you have several important rights that you can exercise free of charge. In summary, these rights are:
- Access to your personal information and other supplementary information – known as a “Subject Access Request”. In exceptional circumstances there may be a charge for this;
- Require us to correct any mistakes or complete missing information we hold on you;
- Require us to erase your personal information in certain circumstances;
- Receive a copy of the personal information you have provided to us or have this information be sent to a third party, this will be provided to you or the third party in a structured, commonly used and machine-readable format;
- Object at any time to processing of your personal information for direct marketing;
- Object in certain other situations to the continued processing of your personal information;
- Restrict our processing of your personal information in certain circumstances;
- Request not to be subject to automated decision making which produce legal effects that concern you or affect you in a significantly similar way;
If you want more information about your rights under the GDPR please see the Guidance from the Information Commissioner's Office on Individual's rights under the GDPR.
If you want to exercise any of these rights, please:
- Email our Data Protection Officer at ”email@example.com” or write to our Data Protection Officer at ”Asia
- Let us have proof of your identity and address;
- State the right or rights that you wish to exercise;
We will respond to you within one month from when we receive your request.
How to make a complaint
We hope that you are happy with our service and that we can resolve any issues or complaints that arise. Please get in touch if you have any concerns (see 'Get in touch' below).
The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where the alleged infringement of data protection laws occurred. The UK supervisory authority is the Information Commissioner's Office who can be contacted at https://ico.org.uk/concerns/.
Automated Decision Making
We do not use automated decision making.
The security of your information matters to us, so we have a number of security measures in place to protect your information, such as, but not limited to:
▪ 128-bit encryption;
▪ Firewalls, anti-virus, anti-malware, data loss prevention;
▪ Secure and limited employee access;
▪ Ongoing training for employees on information security;
▪ Secure and regular backups, with a tested disaster recovery plan;
▪ Secure password protection;
At ”Littens, we regularly review and update our security measures and training to keep your information safe and secure.
We do not intend to process your personal information for any reason other than stated within this privacy notice. If this changes, we will inform you in writing.
Changes to this privacy notice
This privacy was last updated on May 26th, 2019.
We constantly review our internal privacy practices and may change this policy from time to time, so please check this notice regularly.
Get in touch
If you have any questions about this privacy notice or the information we hold about you, please contact our Data Protection Officer.
The best way to reach us is to email ”firstname.lastname@example.org” or write to our Data Protection Officer at ”Asia.