Who we are and what we do
The Data Business is a data management business operating across the B2B sector. The Data Business helps its clients to better manage their data through a variety of services which, include:
- Data Cleansing
- Data Consultancy
- CRM Management & Migration
- Data Classification
- Data Auditing
- Market Research & Analysis
- Data Sales
The Data Business is the controller and If you have any requests concerning your personal data or any queries regarding how we handle your data, you can contact our Data Protection Officer via:
The Data Business info@the databusiness.net
The Data Business Post: Data Protection Officer, The Data Business Ltd, Mill Studio, 17A Stour Street, Canterbury, CT1 2NR.
The Data Business Telephone: +44(0)7986 094 841
Purpose of processing your personal data
We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
The Data Business to provide you with the services you have requested;
The Data Business to respond to any communications, you might send to us;
The Data Business to perform our duties under a service contract to which you are a connected party;
The Data Business to communicate with you about our activities or services;
The Data Business to perform our duties as an employer;
The Data Business to monitor the provision of services or business relationship between The Data Business and you
Compliance with our legal and regulatory obligations
For The Data Business to use your information lawfully, we may rely on one or more of the following legal bases:
to deal with any legal claims;
to manage and administer The Data Business’ business, to improve and manage relationships with employees and other stakeholders and for marketing and business development activities and analysis;
to communicate with you in respect of your relationship with The Data Business;
for risk assessment/risk management and statistical analysis, for system administration, operation, testing and support and to operate control systems and management information systems;
to help prevent and investigate criminal activity;
to manage and ensure the security of The Data Business’ information technology systems;
to disclose information to a regulatory body or another relevant intermediary;
to investigate and respond to any complaints about The Data Business.
To meet our legal and regulatory obligations, we may need to collect your personal data, verify it and keep it up to date by performing ongoing reviews. We may also gather information/ personal data about you from publicly available sources, and from third parties to help us meet our legal and regulatory obligations.
If ever we need to collect and use sensitive personal data about you, we will ask for your consent. Before you give your consent, we will tell you what data we need to collect and what we will use it for. You can withdraw your consent at any time by contacting us.
We would like to use your personal data to send you details of products or services that we offer that we have identified as likely to be of interest to you. We will only send you information in line with the preferences you indicated when you provided the personal data.
If at any point, you would like to opt-out of receiving communications from us, or would like to change the channels (such as email or post) that we use to contact you, please contact our Data Protection Officer (all details included above).
2. Recipients/categories of recipients
In carrying out our business including our obligations to you, we may use sub-contractors. These will be mailing houses, email broadcasters, marketing agencies. We will ensure that they respect your privacy and abide by all data protection laws.
3. Transfers to third countries
Your personal information may be transferred to, and processed by our trusted data management suppliers. We have therefore taken appropriate safeguards to ensure that your personal information will remain protected in accordance with this Privacy Notice. These include implementing the European Commission’s Standard Contractual Clauses for international transfers of personal information, which require all companies to protect personal information they process from the EEA in accordance with European Union data protection law.
4. Retention Periods
We will keep your personal data in connection with the services/products you have bought for 3 years after the last purchase. We need to retain this data for our own accounting purposes and for legal and tax purposes.
In terms of personal data that we use for marketing, we will keep this data for as long as we are able to market to you and if you withdraw your consent or opt-out of marketing communications, we will keep your contact details only to ensure that we do not contact you again for marketing purposes.
5. Data subject’s rights
You have rights in respect of your personal data. We will need to confirm your identity before we can consider your request so, if you wish to exercise any of these rights, we will need to receive your request via either a business email address or by post on company headed paper. In both cases confirming your name, job titles, company name, address, telephone and business email address.
Right of access – you have the right to know whether we are processing your personal data, and to a copy of that data. We would need as much information as possible to enable us to locate your data. We will respond to your request within 28 days of receipt of your request. If you want to exercise this right, please contact the DPO at the contact details above. If you want to know more about this right, the ICO has more guidance on their website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-of-access
Right to rectification – you have the right to have any incorrect personal data corrected or completed if it is incomplete. You can make this request verbally or in writing. We will need as much information as possible to enable us to locate your data. We will look at any request and inform you of our decision within 28 days of receiving the request. If you want to exercise this right, please contact the DPO at the contact details above. If you want to know more about this right, the ICO has more guidance on their website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-rectification
Right to erasure – this right, often referred to as the right to be forgotten allows you to ask us to erase personal data where there is no valid reason for us to keep it. We will look at any request and inform you of our decision within 28 days of receiving the request. If you want to exercise this right, please contact the DPO at the contact details above. If you want to know more about this right, the ICO has more guidance on their website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-erasure
Right to restrict processing – you have the right to ask us to restrict processing of your data. We will look at any request and inform you of our decision within 28 days of receiving the request. If you want to exercise this right, please contact the DP at the contact details above. If you want to know more about this right, the ICO has more guidance on their website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-restrict-processing
Right to data portability – you have the right to move, copy or transfer your personal data from one IT environment to another. This right applies to data that you have provided to us and that we are processing on the legal basis of consent or in the performance of a contract and that processing is by automated means. We will respond to your request within 28 days of receipt of your request. If you want to exercise this right, please contact the DPO at the contact details above. If you want to know more about this right, the ICO has more guidance on their website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-data-portability
Right to object – you have the right to object to our processing of your personal data based on (i) legitimate interests, or for the performance of a task in the public interests/exercise of official authority (including profiling); (ii) direct marketing (including profiling); and (iii) for purposes of scientific/historical research and statistics.
(i) Legitimate interests/legal task – your objection should be based on your situation. We can continue to process the data if we can demonstrate compelling legitimate grounds which override your interests. (ii) Direct marketing – you have an absolute right to ask us to stop processing for the purposes of direct marketing. We will action your request as soon as possible. (iii) Scientific/historical research and statistics – your objection should be based on your situation. If we are conducting research where the processing is necessary for the performance of a public task, we can refuse to comply with your objection. If you want to exercise this right, please contact the DPO at the contact details above. If you want to know more about this right, the ICO has more guidance on their website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-object
Rights relating to automated decision making including profiling – you have the right in respect of automated decision making, including profiling. Where we carry out solely automated decision making, including profiling, which has legal or similarly significant effects on you, we can only do this if it is in connection with a contract with you, we have a right under law or you have provided your explicit consent. We will tell you if this happens and tell you how you can request human intervention or challenge the decision. If you want to exercise this right, please contact the DPO at the contact details above. If you want to know more about this right, the ICO has more guidance on their website: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/rights-related-to-automated-decision-making-including-profiling
6. Processing based on consent
Where we process your personal data based on your consent you have the right to withdraw that consent at any time without reason. You can opt-out by using the unsubscribe/opt-out in any marketing we send you and you can contact the DPO at the contact details above.
7. The right to lodge a complaint to the supervisory authority
If you are unhappy with any aspect of our handling of your data you can make a complaint to the Information Commissioner’s Office – https://ico.org.uk/concerns
8. Statutory/contractual requirement to provide personal data
The personal data that you provide to us is necessary for us to carry out the contract you have entered into with us or for us to perform our obligations under Statute. [If this applies to your business you should explain what personal data this refers to and the consequences of the data subject not providing this.
10. Third party websites
*Last updated: 1st March 2019
© Copyright 2019 thedatabusiness.net All rights reserved.*