At Sagaciti Consulting Ltd, we’re committed to protecting and respecting your privacy.
This Policy explains when and why we collect personal information about people who visit our website or who are involved with us and the services we provide, how we use it, the conditions under which we may disclose it to others and how we keep it secure.
We may change this Policy from time to time so please check this page to ensure that you’re happy with any changes. By using our website and services, you’re agreeing to be bound by the terms within this Policy.
Any questions regarding this Policy and our privacy practices should be sent by email to firstname.lastname@example.org.
Who are we?
We are Sagaciti Consulting Ltd, a small, intimate, client-focused consultancy built on our personal integrity, experience and evidence-based knowledge of what works. Sagaciti Consulting Ltd. is registered with Companies House in England and Wales (Company no. 10180235). The registered address is Sagaciti Consulting Ltd, Unit 4b, Winford Business Park, Winford, Bristol, BS40 8HJ, UK.
How do we collect information from you?
We obtain information about you when you use our website, for example, when you contact us about our products and services, or if you register to receive one of our Sagaciti Update newsletters. We also obtain information about you when you contact us or communicate with us about our goods and services.
What type of information is collected from you?
The personal information we collect might include your name, address, email address, IP address, and information regarding what website pages are accessed and when.
Why we have your information
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing information are:
(a) Your consent. You are able to remove your consent at any time. You can do this by contacting email@example.com (please be aware that removing your consent may prevent us from providing you with goods and services you have requested from us).
(b) We have a contractual obligation to you, or you have asked us to do something prior to entering into a contract.
(c) We have a legal obligation on us e.g. disclosure to HMRC.
(d) We have a legitimate interest because processing is necessary for the purposes of the legitimate interests pursued by Sagaciti or by a third party. In this case, information may be required e.g. to account for Sagaciti’s actions should there be a claim or future proceedings; for Sagaciti’s commercial interests; prevention of fraud etc. We will assess legitimate interests using the three-part test:
- Purpose test – Are we pursuing a legitimate interest?
- Necessity test – Is the processing necessary for that purpose?
- Balancing test – Do the individual’s interests override the legitimate interests?
How is your information used?
- We may use your information to
- process orders that you have submitted;
- provide goods and services;
- carry out our obligations arising from any contracts entered into by you and us;
- seek your views or comments on the services we provide;
- notify you of changes to our services;
- send you communications which you have requested and that may be of interest to you. These may include information about promotions of our goods and services;
- legal obligations (e.g. prevention of fraud).
Data retention period
We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations (for example UK tax law).
We will hold your personal information on our systems for no longer than is necessary to fulfil our legal and professional obligations or pursuant to any contract you hold with us. As a rule, customer-related information is retained and processed for the entire duration of the customer relationship and for six (6) years after the relationship has ended.
Where appropriate, personal information that is not required as subject of a legitimate interest e.g. to account for Sagaciti’s actions in the event of a claim or future proceedings, will be deleted.
We will regularly review personal information we hold and delete any that this policy does not require us to retain.
However, information collected for marketing purposes will be retained for an indefinite period of time.
Who has access to your information?
Only those at Sagaciti or those contracted to work for Sagaciti may have access to your information. We will never:
· Sell or rent your information to third parties.
· Share your information with third parties for marketing purposes.
Third-Party Service Providers working on our behalf: We may pass your information to our third-party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (for example to process invoices, or provide Sagaciti Insight Software™ access via the online hosting platform). However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service. We will have a contract in place with such third-party that requires them to keep your information secure and to only use it for the contracted purpose. Please be reassured that we will not release your information to third parties beyond the ‘Sagaciti Consulting Ltd Network’ unless you have requested us to do so, or we are required to do so by law, rule or regulation for example, by a court order.
You have a choice about whether or not you wish to receive information from us. If you do not want to receive direct communications from us about the work we do for other clients or how we are able to assist you then you can select your choices by ticking the relevant boxes situated on the form on which we collect your information.
We will not contact you for marketing purposes by email, phone or text message unless you have given your prior consent. You can change your marketing preferences at any time by contacting us by email: firstname.lastname@example.org
How you can access and update your information
The accuracy of your information is important to us. We are working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change email address, or any of the other information we hold is inaccurate or out of date, please email us at: email@example.com, or write to us at Sagaciti Consulting Ltd, Unit 4b, Winford Business Park, Winford, Bristol, BS40 8HJ, UK.
You have the right to ask for a copy of the information Sagaciti Consulting Ltd hold about you. We may charge for information requests, but only in line with the ICO guidance.
Your right to rectification - You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your information in certain circumstances.
Your right to object to processing - You have the right to object to the processing of your personal data in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Security precautions in place to protect the loss, misuse or alteration of your information.
When you give us personal information, we take steps to ensure that it’s treated securely. We do not hold sensitive information (such as credit or debit card details). Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we use our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
In the unlikely event of a data breach, we will notify all those potentially affected and consider notification to the ICO if appropriate.
We may analyse your personal information to create a profile of your interests and preferences so that we can contact you with information relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively. We may also use your personal information to detect and reduce fraud and credit risk.
Use of 'Cookies'
It is possible to switch off cookies by setting your browser preferences. Turning cookies off may result in a loss of functionality when using our website.
Links to other websites
Our website may contain links to other websites run by external organisations. This Policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We are not responsible for the privacy policies and practices of other sites even if you access them using links from our website.
In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third-party site and recommend that you check the policy of that site.
16 or Under
We are concerned to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian's permission beforehand whenever you provide us with personal information.
Transferring your information outside of Europe
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Union (“EU”). These countries may not have similar data protection laws to the UK. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.
How to complain about this policy
In the first instance, we would ask that any complaint is sent to firstname.lastname@example.org to give us the opportunity to resolve it to your satisfaction. However, you have a right to complain to the Information Commissioners Office (ICO) if you think there is a problem with the way we are handling your data. The ICO website is at https://ico.org.uk.
Review of this Policy
We keep this Policy under regular review.
Updated Jul 2019.