EU General Data Protection Regulation (GDPR) + Data Protection Act 1998 (DPA)
In compliance with the GDPR and the DPA all information will be treated confidentially and will not be shared with any other organisation without your explicit and informed consent.
Uimpact Ltd (“Uimpact,” “we,” “us,” “our,” or the “Company”) is committed to protecting the privacy of individuals who visit the Company’s Web site (“Visitors”), individuals who register to use our Services as defined below (“Customers”). This Privacy Statement describes Uimpact’s privacy practices in relation to the use of the Company’s Web site and the related services offered by Uimpact, as well as individuals’ choices regarding use, access and correction of personal data.
If you have questions or complaints regarding our Privacy Statement or associated practices, please contact us at firstname.lastname@example.org
When someone visits our website www.uimpact.co.uk we may track visitor behaviour using Google Analytics to collect standard internet log information and details of visitor behaviour patterns. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. We do this to find out things such as the number of visitors to the various parts of the site. We will make it clear when we collect personal information and will explain what we intend to do with it.
Uimpact use a third party service, 1and1, to power our web search engine and publish our blog. These sites are hosted at www.1and1.co.uk . We use a standard 1and1 service to collect anonymous information about users’ activity on the site, for example the number of users viewing pages on the site, to monitor and report on the effectiveness of the site and help us improve it.
Uimpact uses a third-party service, 1and1, to help maintain the security and performance of the Uimpact website. To deliver this service it processes the IP addresses of visitors to the website.
Uimpact offers various services to the public. Individuals can request information about or can engage in one of our services. Upon engagement, the information we collect from individuals is their ’Contact Information’ – Their name, a name of employer (if relevant), phone number, email address, job title, along with other ‘relevant information’ related to the service they are engaging in. The information is deemed appropriate, so we can determine their current situation and suitability for the service.
We have to hold the details of the people who have requested the service in order to provide it. However, we only use these details to provide the service the person has requested and for other closely related purposes. For example, we might use information about people who have requested a service to carry out a survey to find out if they are happy with the level of service they received.
When people do sign up to our services, they can manage their marketing preferences at any time and are given an easy way of doing this via preference links within e-marketing emails. Online data collection tools are used when collecting information from customers. The data from these third-party tools is then transferred to TTI Success Insights where it is stored and used for its primary purpose. This third-party company is a data processor for Uimpact and only processes personal information in line with our instructions. Their software applications comply with the EU-U.S. and Swiss Privacy Shield Frameworks.
We collect information in the following ways:
Contact Us Page on the website is powered by 1and1
Information Request Form – Data is collected via 1and1
Social Media – Messages are stored in the Social Media Applications themselves. See Facebook/Twitter/LinkedIn Privacy Policies
We will collect information about customer contacts and add them into Uimpact’s database to engage them communication and correspondence related to both marketing and transactional emails for the period of the contract.
Use of Information
We require information to understand your needs and provide you with a better service, and in particular for the following reasons:
Internal record keeping
To deliver our services
To improve our services
To market services where appropriate
To gather feedback
The Company uses Data about its Customers to perform the services requested. For example, if you fill out a “Contact Us” online web form, the Company will use the information provided to contact you about your interest in the Services.
The Company may also use Data about Customers for marketing purposes. For example, the Company may use information you provide to contact you to further discuss your interest in the Services and to send you information regarding the Company, its affiliates, and its partners, such as information about promotions or events.
We may use a third-party provider to deliver marketing e-communications. Individuals can opt-in as subscribers. We will also send out ad-hoc bulletins around time-framed offers, or with other information which we think may be of relevance to our subscribers. Visitors can opt-in to our news-bulletin via the website or via online data collection forms related to our services as detailed below.
Our customers are added to our e-marketing communications automatically as part of their contractual terms so we can inform them about relevant knowledge sharing activities and supplementary services to help them get the most of their relationship with us. We gather statistics around email opening and clicks using industry standard technologies You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of the Company’s marketing emails.
A customer will receive transactional emails from us in relation to the services they are engaged in. Our Service Delivery Activities include paid for services for assessment, consultancy, training or recruitment services. We will send a series of transactional emails for the lifetime of the contractual period to support, provide information or seek feedback to deliver the services requested.
Any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with office policy. Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.
We are an official VAA partner with TTI Success Insights and we do exchange information about potential and existing Uimpact customers directly with them in order to deliver a coordinated service. Information is shared via secure data systems, which includes the IDS system or via email.
We use the following systems for centralised data management of any contact data.
We strive to adopt Data Security Standards as set out by Cyber Essentials.
Uimpact Customers may electronically provide copies of their customer data or information to Uimpact for processing purposes (“Customer Data”) via secure data sharing methods where only relevant team members are provided with necessary access for the contracted period of work. Uimpact team members will not review, share, distribute, or reference any such Customer Data except as set out in our Services Contract Agreement, or as may be required by law. In accordance with our Services Contract Agreement, Uimpact may access this Customer Data only for the purpose of providing the Services or preventing or addressing service or technical problems or as may be required by law.
Uimpact may retain your information for a period of time consistent with the original purpose of collection. For instance, we may retain your information during the time in which you use our Services and for a reasonable period of time afterward. We also may retain your information during the period of time needed for the Company to pursue our legitimate business interests, conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements. You may request to review, correct, delete or otherwise modify any of the personal information that you have previously provided to us through the Company’s Web site and Services. Requests to access, change, or delete your information will be addressed without undue delay.
B2B customers – Data related to individuals who represent companies who have requested information about services, will be retained on the database indefinitely to retain a record of their services.
B2C customers – Individuals in personal capacity who have requested information about our services will be retained on our database for up to 2 years. If they have not opted-in to e-marketing communications or Services within a two year time frame, then their data will be deleted from the system.
B2B customers – Data related to individuals who represent companies who have provided information in exchange for services, will be retained on the database indefinitely to retain a record of their services.
B2C customers – Individuals who engage on a personal capacity with our services will be retained on the database for up to seven years from their last engagement date.
Data processors are third parties who provide elements of our service for us. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.
Queries related to Data Management
Under the Data Protection Act 1998, you have rights as an individual which you can exercise in relation to the information we hold about you.
You can read more about these rights here.
Uimpact tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.
This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of Uimpact’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below. If you want to make a complaint about the way we have processed your personal information, you can contact us at email@example.com
Uimpact tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’ under the Data Protection Act 1998. If we do hold information about you we will:
give you a description of it
tell you why we are holding it
tell you who it could be disclosed to
let you have a copy of the information in an intelligible form
To make a request to Uimpact for any personal information we may hold you need to put the request in writing addressing it to our registered office address provided below. If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone. If we do hold information about you, you can ask us to correct any mistakes by, once again, contacting us at our registered office.
Uimpact uses robust security measures to protect Data about its Customers. We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
We actively adopt best practice standards and guidance provided by Cyber Essentials.
We keep our privacy notice under regular review. This privacy notice was last updated on 25.05.2018. Uimpact reserves the right to change this Privacy Statement. Uimpact will provide notification of the material changes to this Privacy Statement through the Company’s websites at least thirty (30) business days prior to the change taking effect.
Uimpact Ltd, Black Barn, Poplar Road, Wittersham Kent TN30 7NR
Last updated on 25/05/18