YOUR DATA. YOUR PRIVACY. YOUR CHOICE
Every time you go on-line you leave a digital footprint, and every business you deal with keeps a record of each interaction; and PtG Business are no different. We know it’s important you are fully informed about what data we collect and how we use it. We’re using the guidelines laid out by the Information Commissioners Office (ICO) and process data in accordance with the UK Data Protection Act 1998, the Privacy and Electronic Communications Regulations 2003 and the General Data Protection Regulations, which come into force within UK law on the 25th May 2018.
We’ve tried to keep things as simple as possible, but whenever there’s law involved there seems to be an awful lot of big words and unclear descriptions (even for us, and we work with data all the time!). Make sure you read the following, and if there is anything you don’t understand or if you want us to explain in more detail how we collect, store or use your information, then please don’t hesitate to contact us. Our intentions are pure and our processes are transparent, so we are happy to do anything we can to provide whatever information you need to make an informed decision.
There are links to all the relevant third parties throughout this document to help you find out more detail about how your information is processed.
- CRM (Customer Relationship Management) Tool
All data is kept electronically and stored on a CRM called Donorfy. Donorfy is pretty smart and helps us to manage your communication choices including any request, by you, to be removed from all future PtG Business communications. This is a cloud hosted system, details of which can be requested directly from Donorfy.
- Preferences and consent
There will be things you want and things you don’t want. Let us know the things you’re interested in hearing about and the things that are guaranteed to get your goat and we’ll work with you to ensure anything we send to you in the future is welcome and appropriate to your needs. If you’re not sure what options are available, we are happy to talk you through all communication preference and communication method choices.
- Electronic storage and devices
All documentation is backed up to the Microsoft Office 365 cloud, with only a minimum held locally on PC’s or laptops and our working data is stored on a Buffalo Linkstation which is fully secure. On a day-to-day basis we use a variety of PC’s, laptops, tablets and phones to access information. We use the recommended security features for each device, and where it is deemed insufficient, we add additional layers of security.For more information on the security protocols Microsoft have developed to protect their cloud, visit their trust centre.
- Data destruction
You’ve probably seen a film or two where the Resident Nerd has emptied out a bag of shredded paper and painstakingly sorted it out and stuck documents together. There’s also the one where a deleted file on a hard drive is brought back from the dead by the Cool IT Person.We have a policy of destroying – not deleting or throwing away – all information. To be on the safe side we use a secure destruction service, Shred on Site, who provide us with a certificate of destruction for all paper documentation and AVG or File Shredder for electronic files.
- Analysis and profiling
Like all businesses we want to shout about the services we offer and how we can help our clients achieve great things. We could send everything to everybody, but that’s guaranteed to annoy you quicker than a mouthful of cold tea! PtG Business may analyse or profile the data it holds. This is a fancy way of saying we’ll look at the data to find out what things are relevant and what is likely to be of most interest. We might split the data into groups, called segments, and talk about different things to different groups.We can’t promise we’ll get the data voodoo absolutely spot-on every time, but it will help to minimise the irritation caused from receiving stuff that just isn’t right.
Any analysis or profiling will be carried out by the resident PtG Business Data Monkey using tools such as Microsoft Excel or Microsoft Access. We may also enhance the data to make the results even better and all reports and data will be kept in line with our regular storage practices.
If you don’t want to be included in any analysis or profiling activities or if you would like to know more about what is involved, then please contact us.
- Data enhancement
It’s surprising how quickly data gets out of date and we want to make sure that we’ve got the right information. From time to time we may look for additional details about you or your business, taken from information that is freely available and within the public domain. This may include (but not be limited to), address, telephone number, email and web address, business type and size. We promise to always check where we get this data from, and will take all reasonable steps to ensure that the organisation supplying the data to us is reputable, can properly verify the source of their data and have the correct legal compliance in place.We can’t list all the suppliers, as they will change over time, but we will keep a record of what we’ve used and when, so if you would like more information on specific suppliers please contact us.
- Data purchase
We know lots of things but we don’t know everything, so we purchase sales data from Market Locations. Market Locations ensures strict compliance with GDPR legislation and only supplies data that can legally be used for the purpose intended. We also take the additional precaution of removing any person or business who are on the TPS or CTPS register.To be sure, we got the people in the Serious Things Office at Market Locations to supply us with a written statement of compliance that we are happy to let you have at any time. Further information can be found by going to the Market Location website.
If at any time we use another supplier, we will take the same steps to ensure legal use and compliance, will record the source of the data and will be happy to advise you of these details.
- Email marketing
We want to promote our business, and like a lot of companies we use email marketing to communicate with customers and prospects in a cost efficient and effective way. To send these emails out we use MailChimp – which a lot of you will already be familiar with. For details of MailChimp, its privacy, use and unsubscribe policies including the storage of internal suppression files, visit them directly.If you just want to opt-out of emails use the unsubscribe button at the bottom of any of our marketing emails. If you haven’t received an email from us so you can unsubscribe, or if you want to be removed from other communications see the preferences and consent section (above), or contact us directly.
Our website is built in WordPress and is looked after by Mike at digidoda. If you use the contact form your data is sent directly to the email address: firstname.lastname@example.org. This is sent to the inboxes of a few special people who are ready and waiting to respond to your questions. Some of these people work at Constanti Marketing who help us promote our business and manage our enquiries. If you want to know who can receive and respond to these emails, please ask and we’ll let you have a full list.
When you visit our website cookies are used to help make the experience more efficient and effective, both at the time of browsing and in the future. There are lots of different uses for cookies and often we don’t realise they exist. They are little internet gizmo’s that record information about you or what’ve you done on a website such as your choice of cookie preference or how you moved around it, and the bits you found most interesting.Information captured by a cookie cannot be linked back to any specific user and is for use, by us, to enhance the website and make it more relevant and easier to use.
- Search engine
Our website does not have a search facility.
- Incoming and outgoing emails
We use a variety of devices to access our @ptgbusiness.co.uk emails, including desktop PC’s, laptops, mobile phones and tablets. All devices have security protocols enabled and are backed up to the appropriate third-party system. In simple terms this means we work with the Technology Elves and the Internet Gods to keep your data as safe as we possibly can.
- Social media
We use 3 social media platforms: Facebook, LinkedIn and Twitter which are managed by our Social Media partner Lesley Whiteman Social Media. We will never post new content about any customer or prospect unless it is with their prior written permission. This does not include re-tweets, sharing or liking content, originally posted by others, which we will take all reasonable steps to ensure is accurate, not defamatory or contradictory to the ethos or beliefs of your organisation.We use Hootsuite to help us manage the posting of content – if we didn’t poor Lesley’s fingers would probably drop off. Any responses or comments on our social media pages will be dealt with by PtG Business or Lesley Whiteman Social Media.
- Phone calls
Here at PtG Business HQ we use VOIP phones which work using the internet. When you call us you can use 01462 713444 or a direct line number which will start 020 3. When we call you, you will see the 020 3 number on your display, if you have one. At no time will we record phonecalls to any of our main or direct phone numbers.Our friends at Constanti Marketing, who help promote PtG Business and help us answer questions from customers, don’t record phonecalls either.
- Job applications
When someone applies to work for PtG Business we’ll go through the usual process of asking for a job application and maybe a CV. We’ll only use this information during the application and interview process. If we need to get a reference or obtain a DBS (Disclosure and Barring Service) statement, we will always let you know before we make the request.Job applications for people who weren’t successful will be held by us for 12 months. After this we will destroy all paperwork and data relating to the recruitment process.
For everyone who works for us, or has worked for us in the past, we keep a file of all information relating to your employment. This information is kept secure and will only be used for things relating to your work with us. When it comes time for you to leave us, we’ll keep the file for 6 years, which is in line with statutory record-keeping requirements. Any information relating to pay, sickness, health and safety or parental leave will be kept for a lot longer. If we’ve read the legislation correctly this is up to 40 years from when you stopped working for us. Phew!
- Complaints or queries
We don’t get up in the morning with a plan to do things wrong or make you unhappy, but if this happens we will do the following:
- Acknowledge your complaint, in writing. At this time we will tell you what steps we are going to take to investigate the issue you have raised.
- We will agree a timeline with you, for our investigation, and agree when and how we will respond to you once it’s completed.
- At the time we respond to you we will agree the actions needed, by both parties, to fully resolve the issue and how we will continue and/or finish the project, in a way that you, our customer, are happy with.
- Once an issue has been resolved we will carry out an internal review so that we can understand what went wrong and how we can avoid the same thing happening again. We will, where appropriate, use this information to make changes to our processes and at times may ask for your help in checking we’ve got it right.
- If you do have a complaint contact Julie.Pitt@ptgbusiness.co.uk. Either one of us can help and will work with you to start the complaints process, as laid out above.
- Accessing your information
The information we hold about you and your organisation is yours and you have a legal right to access this at any time. You can submit a Subject Access Request, but we think it would be easier and quicker if you just, well….asked!We’ll guarantee to give you free access to any information we have that relates to you (once we’ve ascertained you are who you are). If you think the information we have is incorrect, then please tell us. We will take all reasonable steps to ensure it is corrected, both within our systems and within a third party’s if this is the source of the error.
- ICO registration
We have voluntary registration with the ICO as a Data Controller. A copy of our current certificate can be obtained from us at any time.