Please read this policy carefully as it explains how we use any personal information that you provide to us.
We may change this policy and, when we do, we will post any changes on this page, so please check back frequently.
1) Who we are
For the purposes of Data Protection Law, we are Highspring Group Ltd., a company registered in England and Wales with Company No. 10104213.
Our registered office is Office 1003, 321 – 323 High Road, Chadwell Heath, Essex RM6 6AX.
2) What this policy applies to
This Policy applies to the collection of and processing of data through our websites as described by the EU General Data Protection Regulation (GDPR) which replaces the existing 1995 EU Data Protection Directive (European Directive 95/46/EC).
Highspring Group Ltd. complies with the GDPR as both Processor and Controller of data and continues to develop a programme of works that will deliver what is required by the legislation.
The GDPR Principles are;
Data is processed fairly and lawfully
Data is processed only for specified and lawful purposes
Processed data is adequate, relevant and not excessive
Processed data is accurate and, where necessary, kept up to date
Data is not kept longer than necessary
Data is processed in accordance with an individual’s consent and rights
Data is kept secure
Data is not transferred to countries outside of the European Economic Area (‘EEA’) without adequate protection
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO); the UK supervisory authority for data protection issues https://ico.org.uk
3) What this policy does not apply to
This policy does not apply to the data received, processed or otherwise dealt with in accordance with any End User Licence Agreement (EULA) that may be in place for any third-party software or services such as mobile Apps or cloud hosting services.
4) Information we may collect from you
We do not collect any personal information through our websites unless provided by you through one of our contact forms; through a mobile app registration/login process; through a newsletter sign-up form or via a LiveChat window.
The personal information we collect might include your name, address, email address and information about your visit (including how you got to our websites and the pages you visited) and how you use our services. Your IP address may be collected by Google Analytics for the purpose of analysing anonymous website visitor activity.
5) How we use your personal information
Your personal data collected through our websites will only be used for the purposes for which it was provided by you.
If you make use of our contact form, we will use the data you provided to stay in touch with you and service your request. If you request to be kept informed by us, we will collect your details in order to periodically provide you with updates on product launches, updates, special offers and general news.
We may use personal information about you in connection with, but not limited to, the following purposes:
Providing you with information, products or services you have requested from us
Completing any transaction that you do with us
Allowing you to participate with interactive features when you choose to do so
Processing any orders that you have submitted
Send statements, invoices and payment reminders to you, and collect payments from you
Carrying out our obligations arising from any contracts entered into by you and us
Seeking your views or comments on the services we provide
Notifying you of any changes to our services
Sending you communications which you have requested and that may be of interest to you
Processing a request or job application
We may also use personal information to improve our services, such as:
Ensuring that our website content is presented in the most effective manner for you and your device
Troubleshooting, data analysis, testing, research, statistical and survey purposes of our websites and apps and for internal business administration
Protecting our interests and those of third parties and as part of our efforts to keep our services safe and secure
Managing and operating your account with us.
We will save your data for as long as is necessary for the purpose for which it was provided or as long as is set out in any relevant contract you hold with us. Under normal circumstances, your data will be kept for a maximum of two years for analytics purposes. Additionally, if we have a contract with you, your personal information will be deleted eighteen months after the contract has ended.
6) Legal basis for processing
Our legal bases for processing your personal information for the purposes described above will typically be one of the following:
It is necessary for us to process your personal information to perform a contract to which you are a party, or to take steps at your request prior to you entering into a contract.
You have consented to us using your personal information for this purpose (for example, when you agree to receive marketing emails from us). You can withdraw your consent at any time by updating your marketing preferences and/or by contacting us directly.
It is in our legitimate interests to use your personal information to operate, improve and promote our services (for example, when we customise your experience of our services or use your information for analytics purposes) and to protect our business.
It is necessary for us to use your personal information to comply with a legal obligation.
7) Who has access to your personal information?
We will not sell, rent or trade your personal information to third parties unless obligated by law and we will not share your information with third parties for marketing purposes.
However, we may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors and other associated organisations where they are engaged by us to help deliver a service that we have instructed them on (for example to send you mailings or process an application for a vacancy). In all cases, they will have been vetted to ensure they are GDPR compliant and meet the required standard.
We may also disclose your personal information to our subsidiaries, sister companies and/or parent company insofar as reasonably necessary for the purposes set out in this policy.
When we use third-party service providers, we disclose only the personal information that is necessary to deliver the service and we have an agreement in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.
We may provide anonymous information about your visit to analytics and search engine providers to help us improve and optimise our services. We will only share this information in a form that does not directly identify you.
8) You have the right to opt-out
You may unsubscribe from our mailing list at any point by simply clicking on the link included in the communication, or by visiting the website and sending a new contact request with the word ‘unsubscribe’ in the text field.
When you choose to unsubscribe, your data is automatically moved to a suppression list in order to prevent your email address from being accidentally added to our database again. If you wish your data to be fully deleted from our system we will do so at your request but, if your email address is at any point added back into our newsletter database, by you or on your behalf, there will be no automated process in place to prevent a newsletter being emailed to you again.
You have a choice about how you wish to receive information from us by ticking the relevant boxes situated on the form on which we collect your information.
We will not contact you for marketing purposes by email, telephone, text message or post unless you have given your prior consent or unless there is a legitimate legal basis for doing so. You may change your marketing preferences at any time by contacting us.
You have the right to access your personal information, to object to the use of your personal information for certain purposes, and the right to erase, restrict or receive a machine-readable copy of your personal information.
In order to comply with your request, we may require you to provide us with appropriate evidence of your identity. For this purpose, we will usually accept a photocopy of your passport, driving licence or other photo ID, certified by a solicitor, bank or other public notaries, plus an original utility bill showing your current address. A mobile telephone bill is not acceptable.
We will handle your request in accordance with the law. This means there may be legal reasons why we cannot fulfil all requests.
9) Storing and securing your personal information
As part of our services offered to you, we may need to transfer, store or process your personal information outside of the European Economic Area (EEA) but we will only use companies who are accredited to a scheme similar to the GDPR, such as the USA’s Privacy Shield Framework, that has been approved and ratified by the ICO.
If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
Our websites use industry standard 128 bit encryption SSL security certificates to ensure all data entered into any contact, registration or sign-up form is fully encrypted.
We strive to protect your personal information and we make our best effort to ensure its security on our systems but we cannot give a 100% guarantee of the security of any information you transmit to us, and you do so at your own risk.
Where we have given (or where you have chosen) a password that enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
‘Cookies’ are small pieces of information sent by an organisation to your computer or device and stored on your hard drive or device to allow that website to recognise you when you visit again. This helps us to provide you with a better experience when you use our services (for example, to remember your login details and improve our services).
Cookies may also be used by approved third-party companies, such as Google, to track website visitor activity so that we can measure the website’s effectiveness.
11) Links to third party websites
12) Any questions?
We hope this Privacy Notice has been helpful in setting out the way we handle your personal data and your rights to control it. If you have any questions that have not been covered, please contact our Data Protection Officer who will be pleased to help you.
You can email the Data Protection Officer at firstname.lastname@example.org or write to us at Data Protection Officer, Highspring Group Ltd, Office 1003, 321 – 323 High Road, Chadwell Heath, Essex RM6 6AX
We’d love to hear from you so let us know where you are in your business, maybe what challenges you're facing, and how you think we can help you.
Office 1003, 321-323 High Road