Last updated: 6th June 2018
ATB Project Solutions Ltd is committed to protecting your privacy. This privacy notice tells you what to expect what we do with your personal information when you contact us or use our website our services.
- Who are we
- Data Protection contact
- What information do we collect about you?
- Why we process your information and its purpose
- Retention periods
- Sharing of your information
- International Transfers
- Your rights available
- Your right to lodge a complaint
- Data breaches
Who are we?
We are ATB Project Solutions Ltd and are the controller for the personal information we process, unless stated otherwise. ATB Project Solutions Ltd is a limited company providing management consultancy services.
ATB Project Solutions Ltd
Data Protection contact
The contact person responsible for data protection is Alinda Tyler at the above address or by email at firstname.lastname@example.org.
Why we are processing your information and its purpose
The personal information we process is directly provided to us directly by you for one of the following reasons:
- You have filled in a contact form on our website;
- You have subscribed to our website blog; and
- We process your personal information to provide and improve our consultancy services that we offer our customers;
The personal information we collect include and are limited to your contact details (name, address, contact phone number and email address) needed to perform our service, contact you as per the contact form or send you our new blog.
We collect personal information when this is necessary for performing a contract or to take steps at your request, before entering a contract.
We also collect personal information when you fill in the online contact form or subscribe to our website blog. We will collect personal data on this Website only if it is directly provided to us by you the user, and therefore has been provided by you with your consent. Normally you will only provide such details if you are making an enquiry about our services and wish to be contacted to discuss this in further detail or wish to sign up for our e-newsletter or other resources.
The website blog subscription requires a double opt-in consent, which is our lawful basis.
We use a standard WordPress service to collect anonymous information about users’ activity on the site, for example the number of users viewing pages on the site, to monitor and report on the effectiveness of the site and help us improve it. By default, WordPress does not collect any personal data about website visitors and only collects the data shown on the User profile screen from registered users.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit www.aboutcookies.org or www.allaboutcookies.org.
When you have signed up for our newsletter/ blog, you will receive notifications when new blogs have been released. You can unsubscribe at any time by clicking the link in the email you receive and by following the instructions.
We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
The retention periods
When providing contractual services, we will keep your basic personal data (names, addresses, contact details) for a minimum of 6 years after which time it will be destroyed.
The retention period for your personal information after filling out our contact form online is 1 month after which it will be destroyed.
The retention period for your name and email address after subscribing to our website blog will be for the duration you are subscribed. From the moment you unsubscribe your data will be deleted after 1 month.
If you leave a comment on our website, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Sharing of your information
We do not sell our customers personal information.
In any circumstance, we will ensure that we have a lawful basis on which to share the information and document our decision making and satisfy ourselves we have a legal basis on which to share the information.
While no online service is 100% secure, we work very hard to protect information about you against unauthorized access, use, alteration, or destruction, and take reasonable measures to do so, such as monitoring for potential vulnerabilities, attacks and storing your information securely.
We do not transfer any personal information to other countries in or outside the EU.
Under data protection law you have rights in relation to your personal data. The rights available are:
Your right of Access
You have the right to request a copy of your personal information as well as other supporting information. This is called a ‘subject access request’. You can make a subject access request to find out what data is held and how it is used.
You can make a subject access request verbally or in writing When a request is made verbally, we recommend this is followed up in writing.
We will respond to you without undue delay and within 1 month of the request being made. We will:
- give you a description of it;
- tell you why we are holding it;
- tell you who it could be disclosed to; and
- let you have a copy of the information in an intelligible form.
Your right to Rectification
You have the right to have inaccurate personal information to be rectified when you think this is inaccurate. This also includes the right to ask us to complete information that you think is incomplete.
When making this request, please state clearly what you think is incorrect or incomplete, how we should correct it and where this is available provide us with evidence of the inaccuracies.
You can make a subject for rectification verbally or in writing. When a request is made verbally, we recommend this is followed up in writing.
Your right to Erasure
You have the right ‘to be forgotten’ or the right to be deleted. These are the circumstances you have the right to request erasure:
- we no longer need your personal information for the purpose which it was collected for;
- when consent was the lawful basis and you have exercised the right to withdraw consent;
- you object to the use of your data;
- we have obtained your information unlawfully;
- we have a legal obligation to erase your data.
You can make a subject for erasure verbally or in writing. When a request is made verbally, we recommend this is followed up in writing.
When a request for erasure has been received and we are obliged to delete your data, we will do so in a secure manner, including any potential third parties your data has been shared with.
There are circumstances where we cannot delete your data. These include:
- when we are legally obliged to hold your data;
- When keeping your data is necessary for establishing, exercising or defending legal claims.
If these are the case, we will respond to your request in writing confirming the reasons why we cannot erase your data and your right to complain.
Your right to restriction of processing
This is a right which is closely associated with your rights to rectification and your right to object. This request can be made at the same time as raising another request or objection and is aimed at limiting the way we use your personal data if you are concerned about its accuracy or how it is being used.
When making this request, please confirm what data you want restricting and why. You can make a subject for restriction verbally or in writing. When a request is made verbally, we recommend this is followed up in writing.
When this request is received, we will store your restricted data securely and will not use the data unless we have your consent, the information is needed for a legal claim.
Your right to object
You have the right to object to the use of your personal data in certain situations. These include:
- When your data is used in public interest;
- For legitimate interests;
- For scientific or historical research, or statistical purposed; or
- For direct marketing.
At ATB Project Solutions Ltd we do not use your data for any of the above.
Your right to data portability
You have the right to request we transfer the information you have given us to another organisation, or to give it to you.
When making this request, please confirm what you want. You can make a subject for data portability verbally or in writing. When a request is made verbally, we recommend this is followed up in writing.
Upon receipt of this request we will provide a copy of the requested data either to you or the other organisation. We may need to confirm your identity before carrying out this request.
If you also want to exercise your right to erasure, please state this in your request.
The right to lodge a complaint
If you wish to raise a complaint on how we have handled your personal data, you can contact us to have the matter investigated at Alinda.email@example.com.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office https://ico.org.uk/concerns or write to them:
Information commissioner’s office
In the situation a data breach occurs, there is a reporting procedure in place.
Changes to this privacy notice
We ensure our privacy notice is accurate and up to date and will keep our privacy notice under regular review.