The following sections explain how and why we process your personal data, as well as the legal basis on which this processing is carried out when we conduct our business and deliver our services to clients.
We may process personal data in order to provide you with, or inform you about, our various strategic marketing and consultancy services.
Where you are someone who is interested in our services, or where you work for and on behalf of a client or a third party with whom we might, or choose to, collaborate with in providing our services, you may contact us with a question in connection with our services and/or request information from us, or simply be providing us with information which requires a polite response and in these circumstances we may process your personal data in order to communicate with you.
We may also need to notify you of improvements or changes that may affect our services and where you work for a client or third party partner we may also use your personal information to send you invoices, statements, or (where applicable) payment reminders.
The legal basis on which we process an individual’s personal data in these circumstances is our respective legitimate interests in providing and receiving business related information in order to manage and operate our respective businesses in a responsible manner.
Where we provide our clients with strategic insight and research work (for example related to their stakeholders and/or customers and which may involve us conducting interviews and/or being involved in focus groups with research participants), we do so directly and/or by working with selected third party partners. When we carry out such work it may be necessary to process personal data in order for us to deliver our services to our client.
The legal basis on which we process any personal data related to an individual in these circumstances is on the written instructions of our clients who have the necessary consents from the individuals involved (which are collected by our client or a third party acting on instructions from our client).
Where we generate strategic insight and research work ourselves or in partnership with other third parties, we do so working with selected third party providers. Such research is conducted on an anonymised basis using the third party services of Survey Monkey. An individual’s personal data is only shared with us if the individual has explicitly consented to that personal data being shared with us solely for the purposes of the research (such as providing us with express permission to follow-up with additional questions, or to receive the findings of the research to which they have contributed).
In a business-to-business context, we may engage with individuals in connection with our services and we may use contact details for such purposes.
The legal basis we rely on for making contact and processing such personal data is our shared legitimate interests in doing business.
We may also process personal data for the purposes of making our website more secure, and to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
The legal basis on which we process personal data in these circumstances is our legitimate interest to provide individuals with the best customer experience we can, and to ensure that our website is kept secure.
When we are in contact with you in relation to our services (which is usually by email or telephone) we may collect the information you provide to us, which in addition to any relevant work-related content that you share with us, may include personal information such as your name, email address, mobile or direct dial telephone number, your title within and the name of the company for which you work.
When you visit our website we make use of log files and may automatically collect technical information (including Internet Protocol (IP) addresses, browser specifications, date/time stamps and operating system and/or platform details) and other information about your visit (such as full Uniform Resource Locators (URL), clickstream activity to, through and from our website, length of visits to certain pages, page interaction information and methods used to browse away from a page).
If you do business with us, we also collect and keep your business details, and records of the contracts we sign with you, the invoices we send you and the payments you make.
For operating our business and in order to provide our clients with our services, we use third party service providers who may process personal data on our behalf. These relate to the following areas:
A Bird’s Eye View uses third party services from GoDaddy and Orcadia Design Ltd to host and help maintain the security and performance of the website.
The computer(s), mobile device(s) and office management software we operate use encryption technology to protect email traffic, communication and content in line with government guidelines. We also monitor emails sent to us, including file attachments, for viruses or malicious software.
Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
We operate our business with suitable technical and organisational measures to ensure appropriate levels of security in relation to the personal data we process. The following sections provide an overview of the measures we have taken.
The information that we collect about individuals will be stored in (and will not be transferred outside the European Union (EU).
Whenever we transfer personal data out of the EU, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
If further information on the specific mechanism used by us when transferring an individual’s personal data out of the EU is required please contact us directly (please see below for our contact details).
When we store information in our own systems, only the people who need it have access. Our management team have access to everything you have provided, but individual employees have access to only what is necessary for them to be able to do their job.
Where we store your personal information via third-party services, we restrict access only to people who need it through the use of encrypted passwords for access and content. The computers we use are all encrypted and protected by a passcode or fingerprint access. These computers ask for authentication whenever they are started or after 5 minutes of inactivity. Our mobile devices are also protected by a fingerprint, code and two-factor security.
Where a client purchases services from us, we may retain data relating to that contract (which could include personal data) for a period of seven (7) years after the services were provided to the client, to ensure that we are able to assist with any questions or feedback in relation to our services or to enforce, or protect, or defend our legal rights.
Where we have processed an individual’s personal data for any other reason (such as where the individual has contacted us with a question in connection with our services) we will retain the individual’s data for 12 (twelve) months from such contact.
Under certain circumstances, you have rights under data protection laws in relation to the personal data we hold about you. These include the:
Should you wish to exercise any of these rights, please contact us by email (please see below for our contact details).
You can find out more about your rights (including your rights in relation to automated decision making and profiling) under the GDPR here.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please do get in contact with us first (please see below for our contact details).
For the purposes of data protection laws, A Bird’s Eye View is a controller and is registered with the Information Commissioner’s Office (ICO) under number ZA462832.
A Bird’s Eye View Limited is a company incorporated in England and Wales, with company number 09053223. Our registered office is: 1 Golden Court, Golden Court, Richmond, England, TW9 1EU.
Helena Wayth, Managing Director is responsible for our data protection compliance. You can contact her by email at: [email protected].