Acoustic Consultants Limited is committed to protecting the privacy of its website users under the UK’s Data Protection Acts and GDPR.
We respect and value the privacy of everyone that visits this website and those who use our services. We want you to be familiar with how we collect, use and disclose information, which we will do so in a manner that is consistent with our obligations and your rights under the law, the UK Data Protection legislation and GDPR (the General Data Protection Regulation).
This policy sets out how Acoustic Consultants Limited stores and uses personal data in connection with the day to day business of the company.
Acoustic Consultants Limited holds data of individuals which fall into three main categories:
- Employees and directors of the company (including previous employees, directors and former business partners). We also hold details of potential employees who have enquired or applied for a position/have attended interviews and/or been offered employment.
- Clients of ongoing, completed or potential projects together with details of other individuals involved with those projects such as consultants, suppliers, sub-contractors or associates of our clients.
- Potential clients and other people who are individuals who we think might benefit from the consultancy services that the company provides or may be interested in other activities of the company.
Acoustic Consultants Limited is registered with the Information Commissioners Officer and the person in the organisation who is responsible for Data Protection is Daniel Oldaker.
Staff and Directors (Including Former Staff, Directors and Business Partners)
The Directors are responsible for the personal records of individuals in this category and only the Directors and the Office Manager have access to these records. The Employee handbook sets out the principles of data protection for this category including the rights of individuals to view their own records. The handbook also includes categories of information that may be held by the company.
The office database contains details of staff email addresses, telephone numbers and home addresses. It is company policy for this information not to be released to third parties without the individual’s express permission.
Some employee information (such as employee progress reports, pay scale) is only accessible by the Directors and our IT support (Moore Stephens IT).
GDPR, Privacy and Management of Personal Data
The company retains information on the office database of clients’ addresses, email addresses and telephone numbers together with details of organisation’s that they are associated with or work for.
Most information is acquired directly from our clients but in the course of providing our services we may acquire details from publically accessible sources such as Companies House or HM Land Registry.
In some circumstances you may also provide us with your bank details. This information is not held on our database but if the information has been emailed to us then it will form part of our email archive and/or recorded in our accounting system (Xero).
This information is used for the effective management of projects or a client’s potential project. The same details of other individuals, whether associated with an organisation or company or not, who are involved with those projects will also be held on the office database.
All members of staff have access to the office database and this information may be given to other individuals who have a direct involvement with the client’s project and release of that information is for the effective management of that project.
Where it is unclear whether that information should be released express permission to release the information will be sought from the client. We expect all parties who receive personal data from us to comply with the necessary regulations regarding data protection and we may ask to see evidence of registration and/or GDPR policies
In order to comply with the requirements of our Professional Indemnity insurers and for other legal purposes we will maintain details of clients and other individuals associated with our projects for a minimum of 12 years.
For some projects, in order to communicate efficiently with the team, we will share project data and documentation via email.
In our marketing material (e.g. blog posts) we will not release any personal details other than the name of the individual client and the name and general location of the project. The value of individual private client projects will not be released. If requested, we will not reveal client names in our marketing material.
We may use the information provided in statistical analysis to help us manage our practice and also to provide information to our insurers, brokers, government agencies and professional bodies. This information is anonymised.
We hold details of potential clients and other individuals who we think may be interested in the services that we offer and our other activities including charitable and other pro-bono activities. If requested, we will remove an individual’s name and other details from the database.
We will never pass on or trade personal information with any other person, organisation or company without their direct written consent.
The office database is used by all staff members and all information (other than confidential staff records) can be accessed by all members of staff who must comply with the specific restrictions noted above.
The office database is included with all other office data and is backed up daily to a cloud based backup service and we understand that the cloud servers may be located outside the EEA. We control the backup process from the company offices.
Collection of Data
We may collect personal contact information from you if, for example, you submit a form. You can later request to have this information modified or removed from our systems. We use this information to carry out the action requested. Your personal details are not disclosed to any third parties.
IP addresses and server logs
This website records IP addresses and produces server logs. This information is used solely for monitoring the volume of traffic the site receives and measuring the number of visitors. We do not use the information for tracking the activities of individual visitors to this site.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. Any cookies that may be used by this website are used either solely on a per session basis or to maintain user preferences. Cookies are not shared with any third parties.
This is an essential temporary cookie used to store data about your visit and any choices you make or data you enter. This cookie is deleted when you close your browser.
Google Analytics cookies ( _utma, _utmb, _utmv, _utmz)
This website and the use of it is governed by English law and English courts shall have exclusive jurisdiction over any related disputes.
Data Inspection and Removal
Please contact Daniel Oldaker, firstname.lastname@example.org to request access to your own personal data and/or to agree its removal from our database and to correct any errors.
Please also contact Daniel Oldaker if you have any questions or complaints about the way we handle your data. The General Data Protection Regulation also gives you the right to lodge a complaint with the Information Commissioner who may be contacted at http://www.ico.org/concerns or by telephone 0303 123 113.
This policy will be monitored and reviewed regularly to ensure that the company complies with the requirements of GDPR and Data Protection Act.