This contract is between you, the data subject, and Bradfield Consulting Limited.
The contract is at the request of the data subject.
Your privacy is important to us and we take it very seriously. We want to help everyone who uses Bradfield Consulting Limited (BC) services to get the most out of them. This policy covers all our brands – Bradfield Human Resources and Bradfield Learning and Development and their associated products and services.
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a new regulation which replaces the Data Protection Regulation (Directive 95/46/EC). The Regulation aims to harmonise data protection legislation across EU member states, enhancing privacy rights for individuals and providing a strict framework within which commercial organisations can legally operate. Even though the UK has expressed its intention to leave the EU in March 2019, the GDPR will be applicable in the UK from 25th May 2018. Furthermore the Information Commissioner’s Office (ICO) has recently laid out its intention to continue with a similar level of regulation post March 2019.
The policy below lays out in simple English how the GDPR and the current ePrivacy Directive applies to the way BC handles your personal data. Our aim is to be responsible, relevant and secure when using your data. Bradfield Consulting specialises in delivering qualifications and consultancy around the globe to both public and private sector organisations covering a range of industries. Our expectation is that individuals giving consent share these aims and objectives. If this is not your expectation, please do not subscribe. Entering your email into the subscription box indicates that you have read and understood the terms and conditions of the policy.
Please take a moment to read through what information we collect about you, who we share it with and how they might use it.
Who controls my personal data?
- The Data Controller is Bradfield Consulting Limited. It is registered in the UK Company Number 3835955.
- 4, The Loom, 14 Gowers Walk, London, E1 8PY
- You can contact them at email@example.com
- You can call them on +44 (0)207 977 9213
What is the purpose and legal basis of the processing?
- At BC we will rely on your ‘consent’ to process personal data. This is defined by the new General Data Protection Regulation (GDPR) standard of ‘consent’ as it’s legal basis for processing personal data
- GDPR defines consent as ‘any freely given, specific, informed and unambiguous indication of the data subjects’ wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her’
- By agreeing to the consent box you have accepted that you understand and accept this as a valid legal basis for processing your personal data
- Your data will not be shared with any third parties without your prior knowledge, but may be used by us to help a selected, GDPR compliant and professionally relevant group of industry suppliers to share their knowledge and insights with you through our branded channels
- Your personal data will not be shared with any third parties unconnected with BC
What data will the Controller collect and process?
- The categories of personal data are your name, your job title, your company name, your company address and your business email. If you have an entry in our professional directories it may also include information you have provided on your areas of sector expertise or specialism.
- Personal Data may also include a link to a professional profile photograph if one is available in the public domain e.g. LinkedIn
Who will have access to the data?
- The recipients of personal data are limited to Bradfield Consulting Limited
- We use data processors like Twitter, Linkedin, Facebook, Google Analytics, Campaign Monitor, Infusion Soft and Dotmailer to help us run our communities. We only work with GDPR compliant suppliers
Will the data leave the UK? If so, what safeguarding measures are in place?
- Bradfield Consulting Limited has advised all parties that data may not be transferred outside of the UK without submitting satisfactory proof of their safeguarding methods and proof of a certified privacy shield
How long will the data be kept for?
- The Retention period for personal data is 5 years. We have chosen five years because it is the average length of time a UK Managers remains in post.
- EG will be required to deactivate personal data after the relevant retention period, or when they are in receipt of a data subjects request to do so, whichever is the earlier. The data subject has the right to change their mind and withdraw consent at any point during the retention period
- What are my rights?
Bradfield Consulting confirms the following rights to each Data Subject:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling.