How we use your information...
This privacy statement tells you what to expect when ABa collects your personal information. It applies to information we collect about:
- Visitors to our website
- Complaints and feedback received
- Information required for commercial purposes for providing our services to our customers
- Information for marketing of ABa
Visitors to our website
When someone visits our website, we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
Submission of your information
Submission of your information, requested, from our website is held on our secure platform. This is protected by all methods necessary. Only required personnel have access to this information. Your information will only be used for the stated intended purpose and will not be shared outside of ABa without your express consent. Your consent to share your information will be sought at the time of you submitting your data.
Complaints and feedback
Should you wish to make a complaint our complaints process is available upon request. All information received during the course of a complaint is handled with the same level of security protection on need for privacy as any other information we collect.
Information required for commercial purposes for providing our services to our customers
ABa uses information provided by yourself to provide our services and products to our customers. This data is only used for its intended and stated purpose. This includes financial information for the production of invoices and receiving of payments for services provided.
Protecting your information
In order to protect your information, we have in place the following methods of protection: -
- Monitored Firewall protection
- Malware protection on all platforms
- Encryption on data at rest and at point of use
- Ongoing backups
- Auditing for data integrity on an ongoing basis
ABa have a backup policy in place. We retain backups indefinitely. Upon receiving a request to remove data of a personal nature, this request will be processed in line with current legislation and our Subject Access Request policy. When data can be removed this will be completed by removing all reference and data from the production environment. Where data backups are indefinitely retained, full deletion of this data will still be achieved because we have a methodology in place to remove data from the backup medium.
Requests for your information
We will respond to requests for the information we hold on you within the required 30-day period. Initial requests will not be charged. However, should more than 2 requests be made within a 3-month period of time, subsequent requests will be charged at £10 per request.
All information will be provided in the format of a PDF document.
ABa collect information from various sources for marketing purposes. This information can be from social media forums, industry forums to name but a few. We retain this information for a period of no more than 18 months, or the duration of the marketing campaign only.
ABa do not share any information of a personal nature outside our organisation. All information is utilised for internal operations and commercial purposes only. The exception to this criteria is the sharing of information with UK authorities for investigatory purposes as per current legislation on finance and personnel.
ABa share information with the following external organisations for commercial purposes: -
- Pension Company
- Company Accountant
Information is shared with organisations in the UK-EU. The only exception to this is the finance platform utilised which resides in the USA.
ABa are aware that sometimes information with regards to suppliers is personal in nature. This information is protected to the full extent as is any other information within our environment. This information is not shared unless express permission is granted by the individual.
Reporting of Data Breaches
ABa report all major data breaches, of data we have control and are responsible for, to the Information Commissioners Office, our customers and/or suppliers. All potential data breaches are fully investigated as per our Information Security Incident Policy.
When a data breach is detected, and the severity ascertained, this will be reported to the ICO within 72 hours.
Security and Protection
ABa take security of all information seriously, we hold certification to the following schemes: -
- ISO27001:2013 Information Security Standard
- ISO9001:2015 Quality Management Standard
- ISO22301:2012 Business Continuity Standard
As such, our management system is audited and verified on an annual basis.
Data Protection Officer
ABa have designated the Technical Director as their Data Protection Officer (DPO). To contact the DPO please email: firstname.lastname@example.org.