Table of Contents

1. Preamble
1.1 Approval Status
1.2 Version Control
1.3 Definitions

2. Context and Purpose
2.1 Policy Owner
2.2 Context
2.3 Relevant Regulatory framework
2.4 Purpose of Policy
2.5 Applicability of Policy
2.6 Contractual Status
2.7 Policy Review & Reissue

3. Policy
3.1 Registration
3.2 Collection of Personal Information
3.3 Use of automated tools
3.4 Non-Personal Information
3.5 How we use your information
3.6 Gaining of consent
3.7 Opting in / out of Marketing
3.8 Request information we hold
3.9 Withdrawal of consent
3.10 Erase personal data
3.11 Sale of Personal Information
3.12 Sharing of Personal Information
3.13 Young person’s privacy
3.14 Links to non-Company websites or social media
3.15 Your choices and selecting your privacy preferences
3.16 Accuracy of your information
3.17 Keeping your Personal Information secure
3.18 Contacting us


1.1 Approval Status
This version is Approved for issue

1.2 Version Control
Date Version Author Changes / comments Published to / via
14/11/2017 Issue 1.3 Graham Smith UK Data Protection Bill (GDPR implications) added All staff via SMB. Public – website and links in applications.
20/11/2017 Issue 1.31 Graham Smith GDPR updates All staff via SMB. Public – website and links in applications.
08/03/2018 Issue 1.4 Graham Smith GDPR updates All staff via SMB. Public – website and links in applications.

1.3 Definitions
“Company” means Limited and its successors and assigns.
“Confidential Information” means information that is marked or identified orally as confidential; or is reasonably known to be confidential; or contains customer lists, customer and account information, information regarding business planning and business operations, and/or administrative, financial, or marketing activities.
“Director” means a shareholding executive director of the Company with voting rights, not being an Employee.
“Disclosure” means passing information gathered to others for action.
“Employee” means regardless of job title or role any person directly or indirectly employed by the Company including permanent full-time and part-time employees, contract workers, and temporary workers, but not a Director.
“Personal Information” means information about an individual that can be used to identify an individual.
“Policy” means a written document including this one which defines the Company’s position, policy and expectations on the subject matter.
“Sensitive” means in the context of Personal Information, information concerning a data subject's racial or ethnic origin, political opinions, religious beliefs, trade union activities, physical or mental health, sexual life, or details of criminal offences.
“Supplier” means an organisation providing services of any nature to the Company. “Third Party” means any non-Company entity or person.

Context and Purpose

2.1 Policy Owner
This Policy is owned by the Company CIO, to whom any questions and suggestions should be directed.

2.2 Context
The Company respects your privacy. This Privacy Statement describes our privacy practices, choices about the way information is collected and how we use that information. This statement is also available on our website.

If you have questions or complaints regarding our Privacy Policy, please get in touch using the contact information included at the end of this Policy.

2.3 Relevant Regulatory framework
In the development of the Company’s privacy policies and standards, we have taken into account some of the major principles and frameworks around the world, including the UK’s Data Protection Act, the OECD Guidelines on the Protection of Privacy and Transborder Flows, and the EU Directive 95/46/EC.

On 14 September 2017, the UK Government published the Data Protection Bill which will effectively implement the EU General Data Protection Regulations, which take effect on 25 May 2018, and this updated Policy includes its key provisions.

2.4 Purpose of Policy
This Policy has been written to ensure that our policy is clear to all stakeholders. Adherence to this Policy will ensure that the Company will:

  • Comply with the privacy expectations of our customers, staff and trading partners;
  • Comply with current and anticipated privacy legislation;
  • Minimise business risk to the company.

2.5 Applicability of Policy Limited is a UK organisation, albeit with business processes and customers that cross borders. This Policy applies worldwide.

This Policy applies to all Company-owned websites, domains, services, applications, and products, except that a privacy policy or statement that is specific to a particular Company programme, product, or service may supersede or supplement this Policy.

This Policy applies to our staff, suppliers and service providers, and to our customers and potential customers.

2.6 Contractual Status
For Suppliers operating under the terms of a contract to the Company, it is intended that the contractual terms obligate the Supplier to align with the provisions of this Policy and to all applicable regulatory obligations.

2.7 Policy Review & Reissue
This Policy shall be reviewed approximately annually. Any changes required to be made shall be approved by a Director before reissue.


3.1 Registration
The Company is registered as a data controller under the Data Protection Act with the UK Information Commissioner’s Office with registration reference Z1171603. The public record may be inspected at at any time.

3.2 Why do we collect and process Personal Information?
The Company processes certain Personal Information to manage your relationship with us and to serve you better by personalising your experience and interaction with us.

We may collect information from you in connection with any of the following, although this is not an exhaustive list:

  • profile creation and user verification for online services
  • access to and use of websites or web-based applications
  • marketing, newsletter or support subscriptions
  • service orders, activations, and user registrations
  • information requests or complaints
  • job applications
  • event registration or attendance
3.3 What Personal Information do we collect and process?
The types of Personal Information we may collect from you include:

  • business contact information, such as name, address, telephone number, and email address
  • financial information, such as billing or payment information
  • unique information such as user IDs and passwords, contact preferences, educational and employment background
  • geo-location data such as your IP address or physical location when you request location based services
  • details of products and services you have purchased from us or which you have enquired about, together with any additional information necessary to deliver those products and services and to respond to your enquiries
  • any additional information relating to you that you provide to us directly through our websites or indirectly through use of our websites or social media, including information stored in cookies
  • information you provide to us through our support services, customer surveys or visits by our representatives from time to time

3.4 Use of automated tools
In addition to the information you provide, we may also use automated data collection tools to collect and process information during a visit to a Company website or web-based application.

This includes information that your browser sends to a website, such as your browser type, version and language; your access times; the address of the website from which you arrived; your IP address, unique device identifier; the pages you view, the links you click, and other actions you take in connection with Company services and websites. This information may be stored in ‘cookies’.

We may also use these tools in connection with certain emails and communications we send you, to collect information when you open the email or click on a link contained in the email.

3.5 Non-Personal Information
We may also collect some information that is not Personal Information because it does not identify you or anyone else. For example, we may collect anonymous answers to surveys or aggregated information about how people use our websites, products or services.

3.6 How might we use your Personal Information
We may use your information to:

  • manage our relationship with you
  • keep your contact details up to date
  • allow our service providers and Suppliers to deliver their contracted services
  • provide information, support or advice about existing and new products or services
  • communicate with you about our products, services or support
  • send marketing communications about products, services and support to you, or to update you on new services and benefits
  • measure the performance of marketing initiatives
  • assist you in completing a transaction or order
  • prevent and detect security threats, fraud or other malicious activity
  • personalise some the Company websites or online services
  • provide you with access to protected areas of our website
  • assess and improve the products, services and support, performance and operation of our websites and online services
  • process and respond to any complaint made by you
  • conduct checks on business contacts as part of the Company’s sales due diligence, supplier due diligence, customer onboarding or staff recruitment processes
  • internal HR, recruitment or payroll processing purposes
  • receiving and processing payments from customers, and paying our suppliers
  • payment processing and fraud prevention
3.7 How long do we retain your Personal Information for?
We retain your information for as long as is necessary to enable us to deliver the services that require that information, as follows:

  • Information provided to manage your employment with us will be retained for a minimum of 7 years after the end of your employment.
  • Information needed to enable and manage your use of our services will be retained whilst you (or your employer, where relevant) are a subscriber to or licensee of our services.
  • Information needed to provide marketing to you will be retained until you tell us you want to unsubscribe.
  • Information needed to respond to general enquiries, incoming emails or web form contact requests etc will be retained as long as is necessary to respond to that request.
3.8 Gaining of consent
Where we store or process Sensitive Personal Information, we will gain your consent to this.

3.9 Opting in / out of Marketing
We will give you the opportunity to opt in or opt out of marketing communications we send.

3.10 Request information we hold
You may ask us to tell you what Personal Information we hold on you. Contact us at

3.11 Withdrawal of consent
You may withdraw your consent for us to use your Personal Information at any time – please contact us at although you should know that this may mean that the services we provide to you will no longer function at all, or may not work properly.

3.12 Erase personal data
You may ask us to erase your Personal Information at any time – contact us at although you should know that this may mean that the services we provide to you will no longer function.

3.13 Sale of Personal Information
We will not sell, rent or lease your Personal Information under any circumstances.

3.14 Sharing of Personal Information

Except as described in this Policy, we will not share your Personal Information with Third Parties without your permission, unless to: (i) respond to duly authorised information requests of the police or government authorities; (ii) comply with any law, regulation, subpoena, or court order; (iii) investigate and help prevent security threats, fraud or other malicious activity; (iv) enforce/protect our rights and properties; or (v) protect the rights or personal safety of the Company, our employees, and Third Parties.

Where our service is made available to you as part of your employment or engagement by a licensee of a channelcentral service, we may disclose information to that licensee about your use of that service. Such information will contain details of how you have used our service and the transactions that you have generated using it. We may share limited personal information of how you have used our service, and the transactions that you have generated using it, with the companies whose products are featured in our services. In this case, each company’s own privacy policy applies, and this can be accessed from the bottom menu bar on the home screen of the application.

We may share limited personal information with our service providers. We retain service providers located in the UK, the US, or overseas locations to augment, manage or support our business operations. These providers include providers of credit card services, customer support services, marketing, communications, hosting and IT services. Our providers are contractually obliged to keep confidential and secure the information they receive on behalf of us, and may not use it for any purpose other than to carry out the services they are performing for us.

By submitting your Personal Information, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy.

Unfortunately, the transmission of information via the internet is not completely secure. We cannot guarantee the security of your data transmitted; any transmission is at your own risk.

3.15 Young person’s privacy
We do not knowingly collect information from people under the age of 18, and do not target our services or websites to anyone under 18.

3.16 Links to non-Company websites or social media Our websites or services may provide links to third-party applications, products, services, or websites, or to social media features, for your convenience and information. If you access those links, you will leave our site and our policy no longer applies.

3.17 Your choices and selecting your privacy preferences
We give you the choice of receiving a variety of information that complements our products and services. You can choose to unsubscribe from marketing communications or general communications such as newsletters.

This option does not apply to communications primarily for the purpose of administering order completion, contracts, support, product safety warnings, or other administrative and transactional notices where the primary purpose of these communications is not promotional in nature.

For email preferences, select the email "opt out" or "unsubscribe" link, or follow the opt-out instructions included in each email subscription communication. For other means of communication please refer to the ‘contact us’ section of this Policy.

3.18 Accuracy of your information
We strive to keep your Personal Information accurately recorded, so we provide individuals with reasonable access to their own Personal Information and to review, correct or delete it, as applicable. To protect your privacy and security, we will take reasonable steps to verify your identity, such as requiring a password and user ID, before granting access to your data.

3.19 Keeping your Personal Information secure
To prevent unauthorised access or disclosure, to maintain data accuracy, and to ensure the appropriate use of the information, we utilise reasonable and appropriate physical, technical, and administrative procedures to safeguard the information we collect and process.

The Personal Information you provide us is stored on computer systems located in highly secure controlled facilities located in the European Economic Area (specifically, the United Kingdom and the Netherlands), and in the United States of America under the terms of a signed and executed EU-US Privacy Shield certification.

3.20 Contacting us
If you have comments or questions or a complaint about our Privacy Policy, please email us at the address below. We will treat your requests or complaints confidentially.

Our representative will contact you within a reasonable time after receipt of your complaint to address your concerns and outline options regarding how they may be resolved. We aim to ensure that your complaint is resolved in a timely and appropriate manner.

Please email:
© Ltd