Privacy Policy

Personal Data Privacy Statement 

This data privacy statement applies to AD Compliance Limited. The purpose of this statement is to explain how AD Compliance Limited (hereinafter referred to as “AD”, “we” or “us”), collect, process, store and keep secure your personal data in connection with our business.

AD is committed to protecting your personal data and your privacy. We endeavour to ensure that any personal data we collect about you will be held and processed strictly in accordance with applicable data protection legislation, including the European General Data Protection Regulation ("GDPR") and any applicable local laws including the UK Data Protection Act 2018. The terms Personal Data, Data Controller and processing have the meanings given to them in the GDPR unless otherwise indicated.

To whom does this privacy statement apply?

This policy applies to all Personal Data processed by AD, regardless of the media on which the Personal Data is stored (paper-based, electronic, CCTV or otherwise).

This Privacy Policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

How We Collect Your Personal Data

Information Supplied to Us

Personal data is normally supplied either by you, the data subject, or by a third-party partner. It is normally collected from visits to our website, by post, by phone, by fax, directly from data subjects or by email correspondence. We obtain personal information when you register for, or request certain services. By registering and/or submitting personal information to us, you are also agreeing to the use of this information in accordance with our Privacy Statement.

Information Automatically Collected By Us

Examples of the information we automatically collect and analyse include Internet Protocol ("IP") addresses (used to connect devices to the Internet), user login details, e-mail address, cookies, and details of products/services that visitors viewed or searched for on our website.

Information We Collect

Non-Personal Data

We may gather statistical and other analytical information collected on an aggregate basis of all visitors to our website. This Non-Personal Data comprises information that cannot be used to identify or contact data subjects, such as demographic information regarding, for example, user IP addresses (where they have been clipped or anonymised), browser types and other anonymous statistical data involving the use of our website.

Personal Data

This is data that identifies individuals or can be used to identify or contact individuals and may include, but is not limited to your name, address, e-mail address and phone number, business affiliation and other relevant personal details. Personal Information may be collected when you access our website or any other site we use, enquire about our business, speak, meet or correspond with our employees or representatives, subscribe to a service, search for a publication, or otherwise interact with us. While some information such as name and email address is required by us to provide customers with our services, other personal data is only collected from data subjects if it is voluntarily submitted to us.

Data Type and How it is Collected

Contact and Identity Data

The contact us section allows you to provide us with contact data for the purpose of contacting you with a quote, offer or other legitimate business related activity. This may include first name, last   name, title, email address and telephone numbers.

Marketing and Communications Data

This includes your preferences in receiving marketing from us and our third parties and your communication preferences, occupation, vehicle details and transaction history.

Usage Data

Analytical data is gathered for digital marketing purposes and can include information about how you use our website.

Technical Data

Cookie information is gathered upon visiting our website. This includes IP address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.

Interactions Data

Information about your interactions with us, including correspondence and phone calls between us and you.

Special Category data

Article 9 of the GDPR defines as “special categories” of personal data. Examples of the special categories are personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data processed for the purpose of uniquely identifying a natural person, data concerning health including medical and employment history and data concerning a natural person’s sex life and/or sexual orientation.

In certain limited circumstances, it may be necessary to process special category personal data in connection with the provision of any product that may need to be tailored or customised to suit your individual needs. If you fail to provide us with this information, or you object to us processing such information, we may be prevented from continuing to provide all or some of our services to you.

How We Process Your Data

Non-Personal Data

We may use Non-Personal Data gathered from visitors to our website in an aggregate form to get a better understanding of where our visitors come from and to help us better design and organise our website.

Personal Data

Personal information which you supply to us may be used for the following purposes:

Purpose of Processing and Lawful Basis for processing

• Manage and respond to any requests you have made to us - Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party;
• To help us identify you when you contact us - Processing is necessary for the   purposes of the legitimate interests pursued by the controller or by a third party;
• For general administration, reporting, audit and analysis purposes and to manage our relationship with you - Processing is necessary in our legitimate interests and to ensure the effective management of our business; and
• To comply with legal obligations. If required by any law enforcement agency, court, regulator, government authority or other third party - Processing is necessary for compliance with a legal obligation to which the controller is subject.

How We Protect Your Personal Data

Data Storage

Personal Data is stored securely in electronic form on our IT systems. We have invested in both technical and organisational security measures and training of employees to safeguard all personal data.

Retention Period

The length of time we will retain your personal data will depend on the purpose for which we are processing it. The following criteria will be applied:

• We will retain personal data for the minimum period required for the purpose(s) of processing.
• Personal data will be retained for a period of time subject to our data retention policy and/ or legal requirements.
• When personal data is no longer required to be retained, it will be anonymised, to remove all personal identifiable information, or deleted in a secure manner in      accordance with our technical and organisational procedures.
• As required by law, any applicable regulation to protect the rights, property, or safety of ourselves or others.
• When we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a  government request.
• If AD is involved in a merger, acquisition, or sale of all or a portion of its assets, to any prospective seller or buyer of all (or part of) our business or assets. You will be notified via email and/or a prominent notice on our website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
• Where you have given your consent to pass your personal data to a third-party marketing companies who might contact you on our behalf with information about products and services which may be of interest to you.

Your Rights as a Data Subject

• Right to access any personal information we hold about you, the purpose for processing your information and any recipient or categories of recipient to whom your information has been disclosed.
• Right to request a copy of  any information which we hold about you.
• Right to rectification of personal information that you consider to be inaccurate.
• Right to update personal information that you consider to be incomplete.
• Right to request that we delete personal information we hold about you.
• Right to request us to restrict the processing of your personal information
• Right to data portability.
• Right to object to the processing of your personal information, subject to certain criteria.
• Right to object to direct marketing.
• Right to have your information transferred where technically feasible.
• Right to withdraw your consent, where processing is based upon consent.
• Right to lodge a complaint with a supervisory authority specifically in the member state where you habitually reside or place of the alleged infringement if you consider we have infringed your data protection rights.

If we feel that we may need to retain your personal data for longer than the lawful purposes for which it was obtained, we will contact you to obtain your consent.

Security

The security of your personal data is important to us. We restrict access to your personal data to those employees, agents, contractors, consultants and other third parties who have a business need to access your data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place appropriate technical and organisational security measures to prevent your personal data from being accidentally lost, altered, disclosed, used or accessed without authorisation.

Sharing Your Personal Data

We will only use your Personal Data where we have a lawful purpose to do so. We will never sell Personal Data to a third party. We will only pass Personal Data to a third party where there is an explicit business need to do so.

We will not share your information with any third parties unless one of the following conditions applies:

Third Parties We May Share Your Personal Data With

Revenue (HM Revenue & Customs)

We may share your personal information with HM Revenue & Customs in the UK, or other   government bodies or agencies where we are required to do so by law.

Third Party Service Providers

It is sometimes necessary to share your personal information with third party service   providers that perform services and functions at our direction and on our behalf such as our accountants, IT service providers, lawyers, or other professional services ancillary to the services we are providing.

The Police, Government Bodies (or officials)

We may share your  personal information with the Police or other government bodies or agencies   where we are required to do so by law.

Marketing

If you have consented to marketing from us, we may contact you with information about our products and services through email. All such communications will come from us, or from our selected marketing partners.

You have the right at any time to stop us from contacting you for marketing purposes or giving your information to third party marketing companies. You will also be given the opportunity on every email communication that we or our trusted partners send you to indicate that you no longer wish to receive our or their direct marketing material.

Cookies

When you visit our website, we (or our service providers) may use cookies (small text files stored in a user’s browser) which may collect personal data.

Managing cookies

Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. 

Blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, you may not be able to use all the features on our website and service.

Links to other Websites

Our website may provide links to third-party websites plug-ins and applications such as supplier brand websites, for your convenience and information. AD is not responsible for the privacy practices or the content of such websites or for the privacy policies and practices of other third parties. If you decide to click on a third-party link thus enabling a connection, those connections may allow third parties to collect or share data about you. We encourage you to read the individual privacy and cookie policy of every website that you visit.

Social Networking Site Links

Our website may contain links to external social network sites such as Facebook, LinkedIn, YouTube and Twitter. These external social networks are exclusively operated by their respective owners. All links to social networking sites are made clearly visible on our website through the use of representative logos. If you decide to follow these links, you will be directed to a third party website which is not under our control. Cookies and plug-ins may be activated and your browser will establish a link with relative social network site directly.

If you follow social network links on our website whilst you are signed into these social network sites, personal information such as user account details and information concerning your visit to our website may be passed to these third party websites. This information may be transferred to and stored to a third party entity.

Your personal information will not be transferred to these third party social networking sites by visiting our website, but may result in personal data being transferred to a social network entity if you decide to click the relevant link.

For further information on third party privacy and cookie policies, please refer to the relevant third party social network’s privacy and cookie policies on their websites.

Your Rights as a Data Subject

Where AD are the controller of your personal data, you have the right to the following:

We will respond within one month of the receipt of any data access request. Depending on the nature of your request, we may need to extend this period by a further two months, in order to complete your request. You will be notified within the first month if this is necessary. If you wish to exercise any of these rights, or if you have any queries about how we use your personal information, please contact AD at the details set out below in the contact information section.

Updating Your Personal Data

In order to help us ensure the personal data we hold about you is accurate and current, and to help us to provide you with our services, we encourage you to keep us informed if your personal data or circumstances change. To update your personal data please contact us at the details set out in the contact information section of this privacy statement.

Contact Information

If you have any questions or comments about this privacy statement, or if you wish to request information, you can contact us at: Thanos.delizisis@ad-compliance.co.uk

Changes to this Statement

We keep our data privacy statement under constant review and reserve the right to change it from time to time, to reflect our practices or to remain compliant with relevant legislation. Any changes we may make to the Privacy Statement (which will, unless otherwise indicated, apply to Personal Information already obtained before the changes were made) will be effective from the date on which those changes have been posted on this page. Where we decide it is appropriate to do so, we may also notify you of any changes we have made by e-mail.

Additional Information

This Privacy Statement sets out our current policy as regards the maintenance and processing of personal data. It does not form, and should in no way be construed as, a contract and no contractual rights or causes of action shall arise in relation to or consequence of the content of this Notice.