We are committed to protecting your privacy, and we take our responsibilities regarding the security of user information very seriously. This Privacy Policy sets out how we comply with General Data Protection Regulation (EU 2016/679) requirements.
We have structured our website so that you can visit without identifying yourself or revealing any personal information, other than an IP address. Once you choose to provide us with any information by which you can be personally identified, it will be used only to process enquiries or requests. Any information that we hold will not be disclosed to anyone, except for the purposes stated below. For your protection, we are registered with the Information Commissioners Office (ICO), and you may make a complaint to the ICO should you find that we are not complying with our obligations.
We are compliant with the General Data Protection Regulation (GDPR) [Regulation (EU) 2016/679] which is intended to strengthen and unify data protection for all individuals within the European Union when it becomes Law from 25th May 2018. This Regulation will remain in UK Law after the UK leaves the European Union in March 2019.
We will not sell, distribute or lease your personal information to third parties unless we have your permission, or are required to do so by legal requirement or request from HMRC, the Police or any Law Enforcement Agency.
Data Protection
Under the GDPR Regulations, you may request a copy of any personal information which we hold about you. You may also ask us to update your information if anything is inaccurate, as well as request that we restrict the processing of, or delete your data. If you would like to exercise your rights as a data subject, please email us at info@gwclark.co.uk. Any request will be acknowledged immediately and notification will be forwarded to you to confirm such alteration has been made (normally within 30 days). Please note; personal data cannot be deleted if it is subject to a claim, or any legal proceedings.
Data collection and sharing
The following table details who we share data with by category, what data we collect and/or share, how long the data is kept for and why, and the legal basis that allows us to process that data.
- Customer data includes name, address, office and mobile telephone number, email address.
- Employee data includes name, address, home telephone number, email address, taxation/payroll information, Next of Kin and employment records.
| Category of Data Processor | What data we collect/share | How long the data is kept for, and why | Legal basis | Notes |
| Business support services (such as our accountants, insurance providers and legal advisers) | Customer data
Employee data |
Minimum 7 years, to comply with HMRC. In the case of our staff pension provider, for the lifetime of the employee. | Legal requirement | |
| Trusted Partners |
Occasionally, Customer data (we seek permission from the customer first) |
In most cases, only for as long as is required to provide the quotation/service requested from a partner. | Contract | We sometimes use trusted partners and suppliers to deliver specialist assistance or services. |
| Google Analytics | IP Address of visitors to our website | 26 months, to allow statistical reporting | Legitimate interests | IP address data is collected to monitor visitor numbers to our website, and is pseudonimised to prevent identifying an individual. |
Automated decision making/profiling
We do not use or employ any systems which perform automated decision making or profiling of personal data.
Transfers to third countries or international organisations
We do use two ‘Software-as-a-Service’ providers, but the data we control and they process on our behalf is held in data centres within the EU, and complies fully with the GDPR. All data on these systems is encrypted to military standards, and is only readable by us unless we explicitly allow access for support purposes, and in that circumstance access is restricted and monitored to ensure only the minimum data necessary is exposed. It is further protected by being encrypted in transit using SSL technology. We do not pass any data to international organisations.
Security
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the personal information we collect.
Other Websites
This website may contain links to enable you to visit other websites of interest. However, once you have used these links to leave our site you should note that we do not have any control over any other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting other sites and such sites are not governed by this Privacy Policy. You should exercise caution and read the Privacy Policy applicable to the website in question.
Your Consent
By using this website you consent to the collection and use of this information by us for the purposes described above. If we decide to change our Privacy Policy, we will post the changes on this page so that you are always aware of what information we collect, how we use it and in what circumstances we disclose it.