AND Digital Website Privacy Notice

This Privacy Notice applies between you and ANDigital Limited, a limited company registered in England and Wales under registration number 08761455, with our registered office at 3 Concorde Park, Concorde Road, Maidenhead, Berkshire, SL6 4BY (AND Digital, we, us or our). AND Digital and its related entities take data privacy very seriously and are committed to protecting the privacy and security of the Personal Data we process about you.

 

1. Definitions and Interpretation

In this Privacy Notice, the following definitions are used:


Personal Data;

Any information from which someone can be identified, either directly or indirectly. This definition incorporates, where applicable, the definitions provided in the Data Protection Laws.


Data Protection Laws;
The UK GDPR and/or the EU General Data Protection Regulation (EU GDPR - EU Regulation 2016/679) (whichever is applicable) and the Data Protection Act 2018 (DPA 2018).

UK GDPR;
Has the meaning given to it in section 3(10) DPA 2018. 

 

Website;
The website that you are currently using, https://www.and.digital, and any sub-domains of this site unless expressly excluded by their own terms and conditions.

 

2. Purpose of this privacy notice

The purpose of this privacy notice is to explain what Personal Data we collect about you and how we process it. This privacy notice also explains your rights, so please read it carefully. If you have any questions, you can contact us using the details provided in the section entitled ‘Contact us’ below.

 

3. Who this privacy notice applies to

This privacy notice applies to you if:

 

  • You visit the Website, download content or contact us using our contact us form.
  • You purchase goods and/or services from us.
  • You enquire about our products and/or services via email or post.
  • You sign up to receive any promotional communications from us.
  • You register for one of our events.

4. Controller

Unless we notify you otherwise, we are the controller of the Personal Data we process about you. This means that we decide what Personal Data to collect and how to process it. We are registered with the UK supervisory authority, the Information Commissioner’s Office (ICO) in relation to our processing of Personal Data.

 

5. Collection of your Personal Data

The type of Personal Data we collect will depend on our relationship with you. For the type of Personal Data we collect see the table below in the section entitled ‘Purposes and lawful bases for processing.’ We collect most of the Personal Data directly from you in person, by telephone, text or email and/or via the Website. We may also collect your Personal Data from third parties such as:

 

  • reputable companies who provide lead generation contact lists; 
  • others to whom you have provided consent; and
  • publicly available sources such as social media platforms and Companies House to verify company director/shareholder details. 

6. Purposes and lawful bases for processing

Most commonly, we will use your Personal Data in the following circumstances:

 

Categories of individuals

Categories of Personal Data

Purpose of processing

Lawful basis

Client

Business contact information including (but not limited to) name and email address.

To fulfil the contractual relationship, provide customer service, management and development of our business relationship.

Performance of a Contract


Legitimate Interest

Client staff

Business contact information including (but not limited to) name and email address.

References and testimonials as provided by our client’s employees, seeking feedback and monitoring client satisfaction.

Consent


Legitimate Interest

Client/prospective client/business associate

Name, email address

To send you newsletters and other promotional materials, enable download of material from the Website.

Consent


Legitimate Interest

Client/prospective client/business associate

Name, email address, contact information, dietary preferences, disabilities or special requirements.

For event registration and event management.


To ensure preferred dietary requirements and to make any reasonable adjustments.

Consent


Explicit consent

Prospective client

Business contact information including (but not limited to) name and email address.

Developing a business relationship with a view to entering into a contractual relationship.

Performance of a contract


Legitimate Interest

Suppliers

Business contact information including name, email address, other contact information.

To manage our business relationship with you as a supplier, including paying invoices.

Performance of a contract

 

Visitor to the Website

Technical data - IP address and location data based on your IP address, browser type and version, time zone setting, browser plug in types, operating system and platform, location data.

Usage data - we may generate information about how you navigate and engage with our website and download materials and online activity data such as clickstream data, page interaction information, your preferences (including country and language) and methods used to browse away from our content or Website.

Data analytics to improve our services, website and customer experiences

To identify problems, defects or issues with our website and to optimise website performance.

To monitor operations, user activity and networks for fraud prevention and crime detection.

 

 

Consent


Legitimate Interest

 

Where Personal Data is processed because it is necessary for the performance of a contract to which you are a party, we will be unable to provide our services without the required information.

 

7. Sharing your personal data

We may need to disclose your Personal Data to third parties so that we can provide our services to you, operate our Website and comply with our legal duties. 

  • Service providers: your Personal Data may be held and processed securely by us on the dedicated systems supplied, monitored and maintained by our third-party infrastructure providers, and by any other third-party service providers we may use, such as our Website hosting provider, customer relationship management provider, email marketing provider, analytics, security operations and other third-party service providers.
  • In corporate transactions: we may transfer your Personal Data if we are involved, whether in whole or in part, in a merger, sale, acquisition, divestiture, restructuring, reorganisation, dissolution, bankruptcy or other change of ownership or control.
  • Regulators or law enforcement agencies: we may disclose your Personal Data if reasonably necessary with regulators or law enforcement agencies or where mandatory under a court order: (i) to comply with a legal process, such as a court order, government / law enforcement investigation or other legal requirements; (ii) to assist in the prevention or detection of crime (subject in each case to applicable law); or (iii) to protect the safety of any person. 
  • To enforce our legal rights: we may also share your Personal Data: (i) if disclosure would mitigate our liability in an actual or threatened lawsuit; (ii) as necessary to protect our legal rights and legal rights of our users, business partners or other interested parties; (iii) to enforce our agreements with you; and (iv) to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing.
 
We may also need to share your Personal Data to comply with the law, to protect the rights, property or safety of us, other individuals/organisations, or where you have given us your consent to do so. You can ask us for more information about these organisations by contacting us using the details in the ‘Contact us’ section below.

8. How long we keep your data

We will retain your Personal Data for the period necessary to fulfil the purposes outlined in this Privacy Notice. In general, we will keep your Personal Data for as long as you are a client of our services and for a reasonable period thereafter to enable us to meet our contractual and legal obligations and to deal with complaints and claims.  If you are a prospective client, we will keep your personal data for as long as you continue interacting with us. 


At the end of the retention period, your personal data will be securely deleted or anonymised, for example, by aggregation with other data, so that it can be used in a non-identifiable way for statistical analysis and business planning.

 

9. Marketing

If you have previously purchased products and/or services from us we will assume you are happy to receive relevant marketing communications, unless you have previously opted out of marketing communications. This is based on our legitimate interests in promoting our business and to provide you with offers for relevant products/services.

If you change your mind about this, you can withdraw your consent at any time by clicking on the “unsubscribe” link at the bottom of each email or by emailing dataprotection@and.digital.


If you choose to withdraw your consent to receive these marketing emails, we will still send you service emails that are necessary for our relationship with you.

 

10. Use of cookies and similar technologies

We use cookies and similar technologies to capture certain data when you interact with our website. You can find out more by viewing our cookie notice.

 

11. International transfers

Your Personal Data may be processed outside the United Kingdom (UK) or the European Economic Area (EEA) as some of the organisations we use to provide our services to you are located outside of the EEA. We have taken appropriate steps to ensure that the Personal Data processed outside the UK or EEA has an essentially equivalent level of protection to that guaranteed in the UK or EEA. We do this by ensuring that:
  • Your Personal Data is only processed in a country with an adequate level of protection;
  • We enter into an International Data Transfer Agreement (IDTA) (a copy which can be found here: international-data-transfer-agreement.pdf) with the receiving organisation and adopt supplementary measures where necessary; or
  • We enter into Standard Contractual Clauses (SCCs) (a copy which, can be found here: https://commission.europa.eu/publications/standard-contractual-clauses-international-transfers_en) with the receiving organisations and adopt supplementary measures where necessary.

 

12. Your rights and making a complaint

You have certain rights in relation to the processing of your Personal Data:

 

  • Right to be informed You have the right to know what personal data we collect about you, how we use it, for what purpose and in accordance with which lawful basis, who we share it with and how long we keep it. We use our privacy notice to explain this.
  • Right of access (commonly known as a “Subject Access Request”) You have the right to receive a copy of the Personal Data we hold about you.
  • Right to rectification You have the right to have any incomplete or inaccurate information we hold about you corrected.
  • Right to erasure (commonly known as the right to be forgotten) You have the right to ask us to delete your Personal Data.
  • Right to object to processing You have the right to object to us processing your Personal Data. If you object to us using your Personal Data for marketing purposes, we will stop sending you marketing material. 
  • Right to restrict processing You have the right to restrict our use of your Personal Data. 
  • Right to portability You have the right to ask us to transfer your Personal Data to another party.
  • Automated decision-making You have the right not to be subject to a decision based solely on automated processing which will significantly affect you. We do not use automated decision-making. 
  • Right to withdraw consent If you have provided your consent for us to process your Personal Data for a specific purpose, you have the right to withdraw your consent at any time. If you do withdraw your consent, we will no longer process your information for the purpose(s) you originally agreed to, unless we are permitted by law to do so.
  • Right to lodge a complaint You have the right to lodge a complaint with the relevant supervisory authority if you are concerned about the way in which we are handling your Personal Data. The supervisory authority in the UK is the Information Commissioner’s Office (ICO) who can be contacted online at: https://ico.org.uk/global/contact-us/ or by telephone on 0303 123 1113.

 

Exercising your rights
You will not usually need to pay a fee to exercise any of the above rights, however, we may charge a reasonable fee if your request is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances. 

 

If you wish to exercise your rights, you may contact us using the details set out in the section entitled ‘Contact us’. We may need to request specific information from you to confirm your identity before we can process your request. Once in receipt of this, we will process your request without undue delay and within one month. In some cases, such as with complex requests, it may take us longer than this and, if so, we will keep you updated.

 

13. Children

We do not offer our products and services to children and we do not knowingly collect Personal Data of children without parental consent, unless permitted by law. If you are a child, you must have your parent’s permission to use our services. If you learn that a child has provided us with their Personal Data without parental consent, you may contact us and if appropriate, we will securely and permanently delete it, in accordance with applicable law.

 

14. Contact us

If you wish to contact us in relation to this privacy notice or if you wish to exercise any of your rights as outlined above, please email us at dataprotection@and.digital, or write to us at:

 

Data Protection Representative, ANDigital Limited, Concorde Park, Concorde Road, Maidenhead, Berkshire, SL6 4BY.

 

15. Changes to this privacy notice

We may need to change this Privacy Notice as our services or Website is developed or if the law changes. We will let you know if any important changes are made, otherwise, we will always display the latest version on our Website.