Shade
Contacts Header

Privacy Notice

Full Privacy Notice

1 Introduction

Whitgift Security(WS) is committed to respecting and protecting your privacy. We believe in making things easy for our clients. We know there’s nothing more off-putting than the sight of a lot of small print, so we’ve made our Privacy Policy clear, simple and easy to read. This Privacy Notice describes how we manage personal data for all of our interactions with you. Our privacy notice is structured by providing you with information about how we manage data relevant to all our interactions with you – for example your data protection rights, who to contact, who we share your data with We have then have sections detailing each of our interactions with you. These sections have been structured as answers to the common questions that people ask about how we protect data.

2 What’s changed?

There have been no material changes to the policy since it was last updated in May 2018. We have changed the way it is presented.

3 Our promise to you

Whitgift Security is committed to protecting your privacy. Any processing of personal data, such as the name, address, e-mail address, or telephone number will always be carried out in accordance with the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018.

4 Who is in control of your information?

We never lose sight of the fact that it is your personal information and you own it and can choose who has access to it and how it is processed. Whitgift Security are registered as the ‘Data Controllers’ with the Information Commissioner’s Office (ICO). Details are published on a register on the ICO website where you can also find lots of useful information about Data Protection, what it means to you as an individual and how it applies to companies like Whitgift Security. The law within the European Economic Area gives those whose personal data is held by Whitgift Security specific rights to control the personal data held about them. When you make a request

  1. We will respond within a month of you making the request
  2. We will not charge you for making a request unless the request is unreasonable.
  3. Where we refuse to respond to a request, we will explain why we are not responding and remind you that you can complain to the ICO.
Â

These include the right to:

  1. right of access – to obtain from Whitgift Security, confirmation that personal data is held, as well as a written description of such personal data, the purpose(s) for which it is being used, the source(s) of the personal data and details of any recipients
  2. Right to rectification – request corrections of personal data which is inaccurate ie incorrect or misleading as to any matter of fact
Â

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN. If any individual wishes to complain about how Whitgift Security is handling data or responding to requests they should contact the Information Commissioners Office – Website

5 What we do with your data?

5.1 How does WS obtain personal data?

Most of the personal information we process is provided to us directly by you for one of the following reasons:

5.2 What types of personal data does WS collect and use?

Whitgift Security, and third parties we use to provide services, need certain personal data to enable it to provide its products and services to our clients. The information collected will vary depending if the nature of our relationship with you and the services we are delivering to you. See individual services for details.

5.3 How does WS use the personal data it holds?

Most of Whitgift Security’s use of personal data is necessary to enable it to provide a service or product. How we use

5.4 What processing of personal data is done?

The processing will vary depending if the individual is a client, employee or has a business relationship with us, and the services requested. See individual services for details.

5.5 Who does WS share personal data with?

As a general rule, Whitgift Security does not disclose personal data to unaffiliated third parties except where consent has been obtained.

5.6 How long does WS keep the personal data it holds?

A broad summary of our retention policy in respect to personal data is: • Where personal data is mentioned in relation to company financial records, data is kept for 7 years

5.7 Does WS transfer personal data overseas?

In general, Whitgift Security and its third Parties do not transfer personal data outside the EU. Whitgift Security Data is located on devices and servers within the UK or EU. There are some services that we use eg survey system(SurveyMonkey) that are based in the US. We rely on the Privacy Shield Framework to transfer this information to these organisations which are located in the US.

6 Children’s data

Whitgift Security does not provide services directly to children or proactively collect their personal information. However, we are sometimes given information about children in relation to the services we offer. The information in the relevant parts of this notice applies to children as well as adults.

7 Links and other services

Where Whitgift Security provide links to websites of other organisations or refer to other services this privacy notice does not cover how those organisations processes personal information. We would encourage you to read the privacy notices for the other organisations and websites you visit.

8 How is data protected?

Whitgift Security takes clients confidentiality and security very seriously. Whitgift Security has implemented appropriate internal security procedures that restrict access to and disclosure of personal data within Whitgift Security. These procedures will be reviewed from time to time to determine whether they are being complied with and are effective. Where data is shared by 3rd parties they are bound by contract to do the same. Whitgift Security has implemented security measures such that it has achieved and maintains Cyber Essentials and IASME audited certifications.

9 Policy updates

As part of Whitgift Security’s commitment to compliance with data privacy requirements, and to reflect changes in Whitgift Security’s operating procedures, Whitgift Security may update the terms of this policy from time to time.

10 Contact details

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN.

A Reasons to Contact Us

A 1 Make an enquiry

This section describes how we process personal data when you make a general enquiry examples include questions

A 1.1 How does WS obtain personal data?

Data is collected from you when you make the enquiry.

A 1.2 What types of personal data does WS collect and use?

We use basic contact information in order that we can respond to query – examples name, address, phone numbers,

A 1.3 How does WS use the personal data it holds?

To mange your request in an efficient way and respond back to you

A 1.4 What processing of personal data is done?

We create a case and add details of your query to our locally held data stores to ensure enquiry is efficiently

A 1.5 Who does WS share personal data with?

Depending on the nature of you query we may need to include any of the organisations supplying services to us to

A 1.6 How long does WS keep the personal data it holds?

In general we would not expect to transfer your data overseas, unless you are involved in providing feedback or

A 2 Attend an event

This section describes how we process personal data when you attend any of the events which Whitgift Security runs

A 2.1 How does WS obtain personal data?

Most data is collected direct from you yourself, or from the person registering on your behalf.

A 2.2 What types of personal data does WS collect and use?

We collect basic contact information in order that we can manage event – examples name, address, phone numbers,

A 2.3 How does WS use the personal data it holds?

To invite individuals to events which may be of interest to them.

A 2.4 What processing of personal data is done?

Registration information is used to ensure that events are appropriately run, and payment taken where necessary.

A 2.5 Who does WS share personal data with?

Many of the events organised by Whitgift Security use services of external companies eg for booking on event or

A 2.6 How long does WS keep the personal data it holds?

Whitgift Security would generally expect to keep event information for up to two years.

A 2.7 Does WS transfer personal data overseas?

When Whitgift Security asks you for feedback from events we use SurveyMonkey which is a US based company. We

A 3 Subscribe to newsletters

This section describes how we process personal data when you have requested that we send you one or more of the

A 3.1 How does WS obtain personal data?

Most is collected direct from you yourself, or from the person signing up on your behalf

A 3.2 What types of personal data does WS collect and use?

We collect basic contact information in order that we can send you the newsletters eg email address. Without this

A 3.3 How does WS use the personal data it holds?

To provide you with information about how to protect your organisation in the digital world, relevant information

A 3.4 What processing of personal data is done?

We load your contact details onto our computing environment and store email addresses in E-Goi(an EU mailing)

A 3.5 Who does WS share personal data with?

We use e-Goi to provide our mailing service.

A 3.6 How long does WS keep the personal data it holds?

Generally contact data will be kept for 5 years after individuals has stopped having a relationship with Whitgift

A 4 Apply for employment

This section describes how we process personal data when you are applying for work opportunities with Whitgift

A 4.1 How does WS obtain personal data?

Most is collected direct from you yourself when you apply. We get some information following DBS check and

A 4.2 What types of personal data does WS collect and use?

When you apply for a role we collect:

A 4.3 How does WS use the personal data it holds?

To determine your suitability for a role with our organisation and if we have a suitable role for you.

A 4.4 What processing of personal data is done?

We review the data you provide us to determine your suitability for a role with our organisation.

A 4.5 Who does WS share personal data with?

Generally for unsuccessful candidates information will be kept for up to 2 years and for successful candidates for 7

A 5 Exercise your rights

This section describes how we process personal data when you are making a request with respect to how we are

A 5.1 How does WS obtain personal data?

Data is collected from you when making the request, or person with the right to make a request on your behalf

A 5.2 What types of personal data does WS collect and use?

We collect basic contact information so we can respond to you – examples name, address, email address

A 5.3 How does WS use the personal data it holds?

We are using the data in order that we can respond to your request in a timely manner

A 5.4 What processing of personal data is done?

When we receive a request from you which is a request to exercise your control over your data, we will set up an

A 5.5 Who does WS share personal data with?

The request may require that we contact organisations that process data for us. Where necessary and practicable we

A 5.6 How long does WS keep the personal data it holds?

Generally we will keep a record of your request and how we responded to it for up to two years after we have

A 6 Communicate with us as a business

This section describes how weprocess personal data when you are communicating with us as a business. We hold the

A 6.1 How does WS obtain personal data?

Data is collected from you directly when you communicate with us, or may be passed to us as a result of attending

A 6.2 What types of personal data does WS collect and use?

We collect basic contact information in order that we can respond to communication – examples name, address,

A 6.3 How does WS use the personal data it holds?

We use the data to mange an our business relationship with you and respond in an efficient and effective way.

A 6.4 What processing of personal data is done?

Processing will depend on the nature of the communications. Where we expect that we will have on ongoing

A 6.5 Who does WS share personal data with?

Depending on the nature of your communication we may need to include any of the organisations supplying services

A 6.6 How long does WS keep the personal data it holds?

Generally we will keep a correspondence for up to two years. Where we deem the correspondence to form part of

A 7 Client Referrals

This section describes how we process personal data when you where you have been referred by another

A 7.1 How does WS obtain personal data?

Data is collected from the another organisation or individual making the referral

A 7.2 What types of personal data does WS collect and use?

The information we receive will depend on the nature of the referral. Information may include:

A 7.3 How does WS use the personal data it holds?

We use the information to be able to contact you to discuss the referral.

A 7.4 What processing of personal data is done?

We create a case and add details of the referral to our locally held data stores to ensure the referral is efficiently

A 7.5 Who does WS share personal data with?

Depending on the nature of the referral we may need to include any of the organisations supplying services to us to

A 7.6 How long does WS keep the personal data it holds?

We would generally expect to keep correspondence for up to two years. Where correspondence is deemed to be a

A 7.7 Does WS transfer personal data overseas?

A 7.8 How does WS protect the personal data it holds?

B Our Services

B 1 Website Visitors

This section describes how we manage personal data when you visit our website.

B 1.1 How does WS obtain personal data?

In general, you can visit this website without providing any information about yourself. If we do collect personal data

B 1.2 What types of personal data does WS collect and use?

When visiting our website without identifying yourself, WS collects some anonymous information including online

B 1.3 How does WS use the personal data it holds?

This information is used to help us to improve our site’s content and functionality The legal basis we rely on to

B 1.4 What processing of personal data is done?

We analyse where, on which types of devices and how our site is used, how many visitors we receive, and where

B 1.5 Who does WS share personal data with?

We use third parties in running some pieces of our business and providing some of our services. See full policy for

B 1.6 How long does WS keep the personal data it holds?

B 1.7 Does WS transfer personal data overseas?

We do not transfer personal data outside European Economic Area.

B 1.8 How does WS protect the personal data it holds?

For our website we have implemented technology that encrypts all connections to our website ensuring that your

B 2 Office Visitors

This section describes how we managing of personal data when you meet with us.

B 2.1 How does WS obtain personal data?

All information is provided by you, or if you are part of a group the information may have been provided by your

B 2.2 What types of personal data does WS collect and use?

The personal data collected and held by Whitgift Security includes name, organisation you represent, contact

B 2.3 How does WS use the personal data it holds?

We use the information to contact the people we are meeting and prepare for meetings.

B 2.4 What processing of personal data is done?

Processing will depend on the nature of the meeting, individuals attending the meeting, preparation that need to

B 2.5 Who does WS share personal data with?

Depending on the nature of the meeting we may need to include any of the organisations supplying services to us to

B 2.6 How long does WS keep the personal data it holds?

Details about the meeting may be retained for up to two years. Where we deem the correspondence around the

B 3 Certifications

This section describes how we managing of personal data when you apply for certifications through Whitgift Security

B 3.1 How does WS obtain personal data?

Data is collected from you directly when you apply for certifications through Whitgift Security, or is provided by

B 3.2 What types of personal data does WS collect and use?

The personal data collected will generally include contact names (first and last name) and contact details (company)

B 3.3 How does WS use the personal data it holds?

Whitgift Security use of personal data is necessary to enable delivery of the certification service including processing

B 3.4 What processing of personal data is done?

The information is processed for the following purposes:

B 3.5 Who does WS share personal data with?

Clients who use assessment services to IASME or Cyber Essentials certifications will have data

B 3.6 How long does WS keep the personal data it holds?

Whitgift Security will not keep personal data longer than is necessary, retention periods are defined by policy. The

B 3.7 Does WS transfer personal data overseas?

When Whitgift Security asks you for feedback from events we use SurveyMonkey which is a US based company. We

B 4 Toolboxes

This section describes how we managing of personal data when you request that we supply you with one of our

B 4.1 How does WS obtain personal data?

Data is collected from you directly when you apply for a toolbox from Whitgift Security.

B 4.2 What types of personal data does WS collect and use?

The personal data collected will generally include contact names (first and last name) and contact details (company

B 4.3 How does WS use the personal data it holds?

Whitgift Security use of personal data is necessary to enable delivery of the toolbox including processing the order

B 4.4 What processing of personal data is done?

The information is processed for the following purposes:

B 4.5 Who does WS share personal data with?

For this service we do not expect to share data with any 3rd party, unless you ask for our help and we need to involve

B 4.6 How long does WS keep the personal data it holds?

Whitgift Security will not keep personal data longer than is necessary, retention periods are defined by policy. The

B 4.7 Does WS transfer personal data overseas?

When Whitgift Security asks you for feedback from events we use SurveyMonkey which is a US based company. We

B 4.8 How does WS protect the personal data it holds?

B 5 Planning an event

This section describes how we process personal data when we when planning an event

B 5.1 How does WS obtain personal data?

Data will have been collected from other activities we will have collected information about individuals or

B 5.2 What types of personal data does WS collect and use?

We use basic contact information when organising events and anonymised information about the client base who

B 5.3 How does WS use the personal data it holds?

Information is used to contact individuals about putting on the event, To invite individuals to event which may be of

B 5.4 What processing of personal data is done?

We use anonymous demographic information to decide what events would be of interest to our community of

B 5.5 Who does WS share personal data with?

Data may be shared with other companies who are participating in running the event.

B 5.6 How long does WS keep the personal data it holds?

WS will retain information about events for up to two years after the event.

B 5.7 Does WS transfer personal data overseas?

When Whitgift Security asks you for feedback from events we use SurveyMonkey which is a US based company. We

B 5.8 How does WS protect the personal data it holds?

Last Updated

Dec 2018

Make an enquiry Privacy Notice

1 Introduction

Whitgift Security(WS) is committed to respecting and protecting your privacy. We believe in making things easy for our clients. We know there’s nothing more off-putting than the sight of a lot of small print, so we’ve made our Privacy Policy clear, simple and easy to read. This Privacy Notice describes how we process personal data when you make a general enquiry examples include questions about the organisation, services the organisation provides, or one of our events. Our privacy notice is structured by providing you with information about how we manage data relevant to all our interactions with you – for example your data protection rights, who to contact, who we share your data with We then have answers to the common questions that people ask about how we protect data for this interaction.

2 What’s changed?

There have been no material changes to the policy since it was last updated in May 2018. We have changed the way it is presented.

3 Our promise to you

Whitgift Security is committed to protecting your privacy. Any processing of personal data, such as the name, address, e-mail address, or telephone number will always be carried out in accordance with the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018.

4 Who is in control of your information?

We never lose sight of the fact that it is your personal information and you own it and can choose who has access to it and how it is processed. Whitgift Security are registered as the ‘Data Controllers’ with the Information Commissioner’s Office (ICO). Details are published on a register on the ICO website where you can also find lots of useful information about Data Protection, what it means to you as an individual and how it applies to companies like Whitgift Security. The law within the European Economic Area gives those whose personal data is held by Whitgift Security specific rights to control the personal data held about them. When you make a request

  1. We will respond within a month of you making the request
  2. We will not charge you for making a request unless the request is unreasonable.
  3. Where we refuse to respond to a request, we will explain why we are not responding and remind you that you can complain to the ICO.
Â

These include the right to:

  1. right of access – to obtain from Whitgift Security, confirmation that personal data is held, as well as a written description of such personal data, the purpose(s) for which it is being used, the source(s) of the personal data and details of any recipients
  2. Right to rectification – request corrections of personal data which is inaccurate ie incorrect or misleadingas to anymatter of fact
Â

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN. If any individual wishes to complain about how Whitgift Security is handling data or responding to requests they should contact the Information Commissioners Office – Website

5 What we do with your data?

5.1 How does WS obtain personal data?

Data is collected from you when you make the enquiry.

5.2 What types of personal data does WS collect and use?

We use basic contact information in order that we can respond to query – examples name, address, phone numbers, email address If you do not provide us with sufficient information to be able to contact you we will be unable to respond.

5.3 How does WS use the personal data it holds?

To mange your request in an efficient way and respond back to you

5.4 What processing of personal data is done?

We create a case and add details of your query to our locally held data stores to ensure enquiry is efficiently managed We establish the best person to respond to question, we will forward questions to relevant individuals to find answer We respond to you with answers, or advise where you may be able to get help

5.5 Who does WS share personal data with?

Depending on the nature of you query we may need to include any of the organisations supplying services to us to help answer it.

5.6 How long does WS keep the personal data it holds?

We would generally expect to keep correspondence for up to two years. Where correspondence is deemed to be a company record it may be retained for up to seven years.

5.7 Does WS transfer personal data overseas?

In general we would not expect to transfer your data overseas, unless you are involved in providing feedback or request to receive newsletters. We manage surveys and feedback through SurveyMonkey which is based in the US. We rely on the Privacy Shield Framework when transferring information.

6 Children’s data

Whitgift Security does not provide services directly to children or proactively collect their personal information. However, we are sometimes given information about children in relation to the services we offer. The information in the relevant parts of this notice applies to children as well as adults.

7 Links and other services

Where Whitgift Security provide links to websites of other organisations or refer to other services this privacy notice does not cover how those organisations processes personal information. We would encourage you to read the privacy notices for the other organisations and websites you visit.

8 How is data protected?

Whitgift Security takes clients confidentiality and security very seriously. Whitgift Security has implemented appropriate internal security procedures that restrict access to and disclosure of personal data within Whitgift Security. These procedures will be reviewed from time to time to determine whether they are being complied with and are effective. Where data is shared by 3rd parties they are bound by contract to do the same. Whitgift Security has implemented security measures such that it has achieved and maintains Cyber Essentials and IASME audited certifications.

9 Policy updates

As part of Whitgift Security’s commitment to compliance with data privacy requirements, and to reflect changes in Whitgift Security’s operating procedures, Whitgift Security may update the terms of this policy from time to time.

10 Contact details

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN.

Last Updated

Dec 2018

Attend an event Privacy Notice

1 Introduction

Whitgift Security(WS) is committed to respecting and protecting your privacy. We believe in making things easy for our clients. We know there’s nothing more off-putting than the sight of a lot of small print, so we’ve made our Privacy Policy clear, simple and easy to read. This Privacy Notice describes how we process personal data when you attend any of the events which Whitgift Security runs or hosts or supports. Examples include workshops, webinars, trade shows Our privacy notice is structured by providing you with information about how we manage data relevant to all our interactions with you – for example your data protection rights, who to contact, who we share your data with We then have answers to the common questions that people ask about how we protect data for this interaction.

2 What’s changed?

There have been no material changes to the policy since it was last updated in May 2018. We have changed the way it is presented.

3 Our promise to you

Whitgift Security is committed to protecting your privacy. Any processing of personal data, such as the name, address, e-mail address, or telephone number will always be carried out in accordance with the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018. We have implemented processes and security controls in line with industry best practice to keep your personal information safe. We will never sell your data to third parties. We will be clear and open with you about why we collect your personal information and how we use it.

4 Who is in control of your information?

We never lose sight of the fact that it is your personal information and you own it and can choose who has access to it and how it is processed. Whitgift Security are registered as the ‘Data Controllers’ with the Information Commissioner’s Office (ICO). Details are published on a register on the ICO website where you can also find lots of useful information about Data Protection, what it means to you as an individual and how it applies to companies like Whitgift Security. The law within the European Economic Area gives those whose personal data is held by Whitgift Security specific rights to control the personal data held about them. When you make a request

  1. We will respond within a month of you making the request
  2. We will not charge you for making a request unless the request is unreasonable.
  3. Where we refuse to respond to a request, we will explain why we are not responding and remind you that you can complain to the ICO.
Â

These include the right to:

  1. right of access – to obtain from Whitgift Security, confirmation that personal data is held, as well as a written description of such personal data, the purpose(s) for which it is being used, the source(s) of the personal data and details of any recipients
  2. Right to rectification – request corrections of personal data which is inaccurate ie incorrect or misleading as to any matter of fact
  3. right to erasure – request deletion of data where
  4. the personal data is no longer necessary for the purpose which it was originally collected or processed for
  5. you withdraw consent for data which we are holding on the basis of consent or legitimate interest
  6. you object to us processing your data for direct marketing
  7. we have processed the personal data unlawfully
  8. if there are circumstances where you do not have the right we will let you know promptly
  9. right to restrict processing – request Whitgift Security stops processing associated your personal data if
  10. there is a dispute about accuracy of data
  11. we no longer need the data, but you need us to keep it for legal claims
  12. we have processed the personal data unlawfully
  13. right to data portability – request we provide you the personal data you have provided us in an electronic format eg CSV file. This applies where
  14. basis for holding the data is consent or for the performance of a contract
  15. we are proceeding the data electronically
Â

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN. If any individual wishes to complain about how Whitgift Security is handling data or responding to requests they should contact the Information Commissioners Office – Website

5 What we do with your data?

5.1 How does WS obtain personal data?

Most data is collected direct from you yourself, or from the person registering on your behalf.

5.2 What types of personal data does WS collect and use?

We collect basic contact information in order that we can manage event – examples name, address, phone numbers, email address. Without this information we may not be able to contact you if there are changes in the event details. You may choose to disclose dietary and allergy information where refreshments is being severed or medical information if it impacts the delivery of the event. You do not have to provide this information, if we do not have it the event may not be as satisfactory for you.

5.3 How does WS use the personal data it holds?

To invite individuals to events which may be of interest to them. To facilitate successful events and ensure that there is sufficient space for all to enjoy the event. To improve future events.

5.4 What processing of personal data is done?

Registration information is used to ensure that events are appropriately run, and payment taken where necessary. Registration on the day may be processed in the event of an incident to ensure everyone’s safety. Information provided either before or during event may be used to assess suitability of event and make adjustments to meet your requirements. Feedback is reviewed to improve future events we host. The basis that we process this data associated with the event is contract as you will be attending one of the events we host. Your contact information may be used to publicise events to you. The basis that we process this data legitimate interest as you have attended previous similar events.

5.5 Who does WS share personal data with?

Many of the events organised by Whitgift Security use services of external companies eg for booking on event or venues. We have carried out a basic due diligence of these companies. The companies may require additional information and have their own data protection policies which may not be the same as Whitgift Security’s. We will not share data unless we are required to.

5.6 How long does WS keep the personal data it holds?

Whitgift Security would generally expect to keep event information for up to two years.

5.7 Does WS transfer personal data overseas?

When Whitgift Security asks you for feedback from events we use SurveyMonkey which is a US based company. We rely on the Privacy Shield Framework to transfer this information.

6 Children’s data

Whitgift Security does not provide services directly to children or proactively collect their personal information. However, we are sometimes given information about children in relation to the services we offer. The information in the relevant parts of this notice applies to children as well as adults.

7 Links and other services

Where Whitgift Security provide links to websites of other organisations or refer to other services this privacy notice does not cover how those organisations processes personal information. We would encourage you to read the privacy notices for the other organisations and websites you visit.

8 How is data protected?

Whitgift Security takes clients confidentiality and security very seriously. Whitgift Security has implemented appropriate internal security procedures that restrict access to and disclosure of personal data within Whitgift Security. These procedures will be reviewed from time to time to determine whether they are being complied with and are effective. Where data is shared by 3rd parties they are bound by contract to do the same. Whitgift Security has implemented security measures such that it has achieved and maintains Cyber Essentials and IASME audited certifications.

9 Policy updates

As part of Whitgift Security’s commitment to compliance with data privacy requirements, and to reflect changes in Whitgift Security’s operating procedures, Whitgift Security may update the terms of this policy from time to time.

10 Contact details

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN.

Last Updated

Dec 2018

Subscribe to newsletters Privacy Notice

1 Introduction

Whitgift Security(WS) is committed to respecting and protecting your privacy. We believe in making things easy for our clients. We know there’s nothing more off-putting than the sight of a lot of small print, so we’ve made our Privacy Policy clear, simple and easy to read. This Privacy Notice describes how we process personal data when you have requested that we send you one or more of the publications Whitgift Security creates on a regular basis. Our privacy notice is structured by providing you with information about how we manage data relevant to all our interactions with you – for example your data protection rights, who to contact, who we share your data with We then have answers to the common questions that people ask about how we protect data for this interaction.

2 What’s changed?

There have been no material changes to the policy since it was last updated in May 2018. We have changed the way it is presented.

3 Our promise to you

Whitgift Security is committed to protecting your privacy. Any processing of personal data, such as the name, address, e-mail address, or telephone number will always be carried out in accordance with the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018. We have implemented processes and security controls in line with industry best practice to keep your personal information safe. We will never sell your data to third parties. We will be clear and open with you about why we collect your personal information and how we use it.

4 Who is in control of your information?

We never lose sight of the fact that it is your personal information and you own it and can choose who has access to it and how it is processed. Whitgift Security are registered as the ‘Data Controllers’ with the Information Commissioner’s Office (ICO). Details are published on a register on the ICO website where you can also find lots of useful information about Data Protection, what it means to you as an individual and how it applies to companies like Whitgift Security. The law within the European Economic Area gives those whose personal data is held by Whitgift Security specific rights to control the personal data held about them. When you make a request

  1. We will respond within a month of you making the request
  2. We will not charge you for making a request unless the request is unreasonable.
  3. Where we refuse to respond to a request, we will explain why we are not responding and remind you that you can complain to the ICO.
Â

These include the right to:

  1. right of access – to obtain from Whitgift Security, confirmation that personal data is held, as well as a written description of such personal data, the purpose(s) for which it is being used, the source(s) of the personal data and details of any recipients
  2. Right to rectification – request corrections of personal data which is inaccurate ie incorrect or misleading as to any matter of fact
  3. right to erasure – request deletion of data where
  4. the personal data is no longer necessary for the purpose which it was originally collected or processed for
  5. you withdraw consent for data which we are holding on the basis of consent or legitimate interest
  6. you object to us processing your data for direct marketing
  7. we have processed the personal data unlawfully
  8. if there are circumstances where you do not have the right we will let you know promptly
  9. right to restrict processing – request Whitgift Security stops processing associated your personal data if
  10. there is a dispute about accuracy of data
  11. we no longer need the data, but you need us to keep it for legal claims
  12. we have processed the personal data unlawfully
  13. right to data portability – request we provide you the personal data you have provided us in an electronic format eg CSV file. This applies where
  14. basis for holding the data is consent or for the performance of a contract
  15. we are proceeding the data electronically
Â

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN. If any individual wishes to complain about how Whitgift Security is handling data or responding to requests they should contact the Information Commissioners Office – Website

5 What we do with your data?

5.1 How does WS obtain personal data?

Most is collected direct from you yourself, or from the person signing up on your behalf

5.2 What types of personal data does WS collect and use?

We collect basic contact information in order that we can send you the newsletters eg email address. Without this information we would not be able to send you the newsletter.

5.3 How does WS use the personal data it holds?

To provide you with information about how to protect your organisation in the digital world, relevant information about IT security, and events we are holding or supporting.

5.4 What processing of personal data is done?

We load your contact details onto our computing environment and store email addresses in E-Goi(an EU mailing service). We use information to create a list of individuals who want to receive the relevant newsletters We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our newsletters. We rely on legitimate interest and consent to provide you the newsletters. You can withdraw consent for us to send you newsletters at any time.

5.5 Who does WS share personal data with?

We use e-Goi to provide our mailing service.

5.6 How long does WS keep the personal data it holds?

Generally contact data will be kept for 5 years after individuals has stopped having a relationship with Whitgift Security

6 Children’s data

Whitgift Security does not provide services directly to children or proactively collect their personal information. However, we are sometimes given information about children in relation to the services we offer. The information in the relevant parts of this notice applies to children as well as adults.

7 Links and other services

Where Whitgift Security provide links to websites of other organisations or refer to other services this privacy notice does not cover how those organisations processes personal information. We would encourage you to read the privacy notices for the other organisations and websites you visit.

8 How is data protected?

Whitgift Security takes clients confidentiality and security very seriously. Whitgift Security has implemented appropriate internal security procedures that restrict access to and disclosure of personal data within Whitgift Security. These procedures will be reviewed from time to time to determine whether they are being complied with and are effective. Where data is shared by 3rd parties they are bound by contract to do the same. Whitgift Security has implemented security measures such that it has achieved and maintains Cyber Essentials and IASME audited certifications.

9 Policy updates

As part of Whitgift Security’s commitment to compliance with data privacy requirements, and to reflect changes in Whitgift Security’s operating procedures, Whitgift Security may update the terms of this policy from time to time.

10 Contact details

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN.

Last Updated

Dec 2018

Apply for employment Privacy Notice

1 Introduction

Whitgift Security(WS) is committed to respecting and protecting your privacy. We believe in making things easy for our clients. We know there’s nothing more off-putting than the sight of a lot of small print, so we’ve made our Privacy Policy clear, simple and easy to read. This Privacy Notice describes how we process personal data when you are applying for work opportunities with Whitgift Security. Our privacy notice is structured by providing you with information about how we manage data relevant to all our interactions with you – for example your data protection rights, who to contact, who we share your data with We then have answers to the common questions that people ask about how we protect data for this interaction.

2 What’s changed?

There have been no material changes to the policy since it was last updated in May 2018. We have changed the way it is presented.

3 Our promise to you

Whitgift Security is committed to protecting your privacy. Any processing of personal data, such as the name, address, e-mail address, or telephone number will always be carried out in accordance with the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018. We have implemented processes and security controls in line with industry best practice to keep your personal information safe. We will never sell your data to third parties. We will be clear and open with you about why we collect your personal information and how we use it.

4 Who is in control of your information?

We never lose sight of the fact that it is your personal information and you own it and can choose who has access to it and how it is processed. Whitgift Security are registered as the ‘Data Controllers’ with the Information Commissioner’s Office (ICO). Details are published on a register on the ICO website where you can also find lots of useful information about Data Protection, what it means to you as an individual and how it applies to companies like Whitgift Security. The law within the European Economic Area gives those whose personal data is held by Whitgift Security specific rights to control the personal data held about them. When you make a request

  1. We will respond within a month of you making the request
  2. We will not charge you for making a request unless the request is unreasonable.
  3. Where we refuse to respond to a request, we will explain why we are not responding and remind you that you can complain to the ICO.
Â

These include the right to:

  1. right of access – to obtain from Whitgift Security, confirmation that personal data is held, as well as a written description of such personal data, the purpose(s) for which it is being used, the source(s) of the personal data and details of any recipients
  2. Right to rectification – request corrections of personal data which is inaccurate ie incorrect or misleading as to any matter of fact
  3. right to erasure – request deletion of data where
  4. the personal data is no longer necessary for the purpose which it was originally collected or processed for
  5. you withdraw consent for data which we are holding on the basis of consent or legitimate interest
  6. you object to us processing your data for direct marketing
  7. we have processed the personal data unlawfully
  8. if there are circumstances where you do not have the right we will let you know promptly
  9. right to restrict processing – request Whitgift Security stops processing associated your personal data if
  10. there is a dispute about accuracy of data
  11. we no longer need the data, but you need us to keep it for legal claims
  12. we have processed the personal data unlawfully
  13. right to data portability – request we provide you the personal data you have provided us in an electronic format eg CSV file. This applies where
  14. basis for holding the data is consent or for the performance of a contract
  15. we are proceeding the data electronically
Â

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN. If any individual wishes to complain about how Whitgift Security is handling data or responding to requests they should contact the Information Commissioners Office – Website

5 What we do with your data?

5.1 How does WS obtain personal data?

Most is collected direct from you yourself when you apply. We get some information following DBS check and following up with referees.

5.2 What types of personal data does WS collect and use?

When you apply for a role we collect: •Basic contact information – examples name, address, phone numbers, email address •interests and experience – may include education, qualifications, availability, why you are interested in role •health data which may be relevant to your ability to do the role – examples are details of physical or mental health, medication or sickness records. •information relating to relevant criminal convictions and offences -examples are details of conviction, organisations analysis of relevance of conviction for role. •emergency contact information includes names, phone numbers, relationship You do not have to share this information with us, if you do not then it may impact our ability to offer you a role with our organisation One we have established that you may be eligible for the role we will then contact referees: you need to provide us with referee information which may include names, phone numbers, email address, how long known for

5.3 How does WS use the personal data it holds?

To determine your suitability for a role with our organisation and if we have a suitable role for you. If we offer you a role we need to: – To understand if there are any issues that need to be considered when assigning you activities – To ensure you have necessary information to complete your assigned activities

5.4 What processing of personal data is done?

We review the data you provide us to determine your suitability for a role with our organisation. Your completed application form reviewed and uploaded to our computer systems We will contact you to keep you updated on the progress of your application. We will take Up references We will assess if your are suitable for a role with our organisation. We will train you so they understand the specific role in the projects(s) and are aware of relevant Whitgift Security policies and procedures. The basis that we process this data is contract.

5.5 Who does WS share personal data with?

We will also be contacting the referees that you have provided to us to ask for a reference.

5.6 How long does WS keep the personal data it holds?

Generally for unsuccessful candidates information will be kept for up to 2 years and for successful candidates for 7 years after they have finished working with us

6 Children’s data

Whitgift Security does not provide services directly to children or proactively collect their personal information. However, we are sometimes given information about children in relation to the services we offer. The information in the relevant parts of this notice applies to children as well as adults.

7 Links and other services

Where Whitgift Security provide links to websites of other organisations or refer to other services this privacy notice does not cover how those organisations processes personal information. We would encourage you to read the privacy notices for the other organisations and websites you visit.

8 How is data protected?

Whitgift Security takes clients confidentiality and security very seriously. Whitgift Security has implemented appropriate internal security procedures that restrict access to and disclosure of personal data within Whitgift Security. These procedures will be reviewed from time to time to determine whether they are being complied with and are effective. Where data is shared by 3rd parties they are bound by contract to do the same. Whitgift Security has implemented security measures such that it has achieved and maintains Cyber Essentials and IASME audited certifications.

9 Policy updates

As part of Whitgift Security’s commitment to compliance with data privacy requirements, and to reflect changes in Whitgift Security’s operating procedures, Whitgift Security may update the terms of this policy from time to time.

10 Contact details

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN.

Last Updated

Dec 2018

Exercise your rights Privacy Notice

1 Introduction

Whitgift Security(WS) is committed to respecting and protecting your privacy. We believe in making things easy for our clients. We know there’s nothing more off-putting than the sight of a lot of small print, so we’ve made our Privacy Policy clear, simple and easy to read. This Privacy Notice describes how we process personal data when you are making a request with respect to how we are processing your data. Our privacy notice is structured by providing you with information about how we manage data relevant to all our interactions with you – for example your data protection rights, who to contact, who we share your data with We then have answers to the common questions that people ask about how we protect data for this interaction.

2 What’s changed?

There have been no material changes to the policy since it was last updated in May 2018. We have changed the way it is presented.

3 Our promise to you

Whitgift Security is committed to protecting your privacy. Any processing of personal data, such as the name, address, e-mail address, or telephone number will always be carried out in accordance with the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018. We have implemented processes and security controls in line with industry best practice to keep your personal information safe. We will never sell your data to third parties. We will be clear and open with you about why we collect your personal information and how we use it.

4 Who is in control of your information?

We never lose sight of the fact that it is your personal information and you own it and can choose who has access to it and how it is processed. Whitgift Security are registered as the ‘Data Controllers’ with the Information Commissioner’s Office (ICO). Details are published on a register on the ICO website where you can also find lots of useful information about Data Protection, what it means to you as an individual and how it applies to companies like Whitgift Security. The law within the European Economic Area gives those whose personal data is held by Whitgift Security specific rights to control the personal data held about them. When you make a request

  1. We will respond within a month of you making the request
  2. We will not charge you for making a request unless the request is unreasonable.
  3. Where we refuse to respond to a request, we will explain why we are not responding and remind you that you can complain to the ICO.
Â

These include the right to:

  1. right of access – to obtain from Whitgift Security, confirmation that personal data is held, as well as a written description of such personal data, the purpose(s) for which it is being used, the source(s) of the personal data and details of any recipients
  2. Right to rectification – request corrections of personal data which is inaccurate ie incorrect or misleading as to any matter of fact
  3. right to erasure – request deletion of data where
  4. the personal data is no longer necessary for the purpose which it was originally collected or processed for
  5. you withdraw consent for data which we are holding on the basis of consent or legitimate interest
  6. you object to us processing your data for direct marketing
  7. we have processed the personal data unlawfully
  8. if there are circumstances where you do not have the right we will let you know promptly
  9. right to restrict processing – request Whitgift Security stops processing associated your personal data if
  10. there is a dispute about accuracy of data
  11. we no longer need the data, but you need us to keep it for legal claims
  12. we have processed the personal data unlawfully
  13. right to data portability – request we provide you the personal data you have provided us in an electronic format eg CSV file. This applies where
  14. basis for holding the data is consent or for the performance of a contract
  15. we are proceeding the data electronically
Â

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN. If any individual wishes to complain about how Whitgift Security is handling data or responding to requests they should contact the Information Commissioners Office – Website

5 What we do with your data?

5.1 How does WS obtain personal data?

Data is collected from you when making the request, or person with the right to make a request on your behalf

5.2 What types of personal data does WS collect and use?

We collect basic contact information so we can respond to you – examples name, address, email address Sufficient information so that we can verify who you are and process your request. The specifics will depend on the request you are making, this could include other names you are know by, details of the information you believe to be inaccurate, online identifiers

5.3 How does WS use the personal data it holds?

We are using the data in order that we can respond to your request in a timely manner

5.4 What processing of personal data is done?

When we receive a request from you which is a request to exercise your control over your data, we will set up an electronic case file containing the details of your request. This normally includes your contact details and any other information you have given us. This will also be used to store any information relevant to responding to your request. We will review your request and determine the best way that we can respond to it. We will contact others within our organisation to complete the necessary processing to respond to your request. Where necessary we will approach other organisations who process data for us to carry out any required processing. Collate information to respond to your request Inform you of progress of the request and provide you with final result. We will remove relevant information from the case file, but retain a log of what we did and how we responded The basis that we process this data is legal obligation

5.5 Who does WS share personal data with?

The request may require that we contact organisations that process data for us. Where necessary and practicable we will also contact any third party who data has been shared with to carry out the same processing we have.

5.6 How long does WS keep the personal data it holds?

Generally we will keep a record of your request and how we responded to it for up to two years after we have finished processing the request.

6 Children’s data

Whitgift Security does not provide services directly to children or proactively collect their personal information. However, we are sometimes given information about children in relation to the services we offer. The information in the relevant parts of this notice applies to children as well as adults.

7 Links and other services

Where Whitgift Security provide links to websites of other organisations or refer to other services this privacy notice does not cover how those organisations processes personal information. We would encourage you to read the privacy notices for the other organisations and websites you visit.

8 How is data protected?

Whitgift Security takes clients confidentiality and security very seriously. Whitgift Security has implemented appropriate internal security procedures that restrict access to and disclosure of personal data within Whitgift Security. These procedures will be reviewed from time to time to determine whether they are being complied with and are effective. Where data is shared by 3rd parties they are bound by contract to do the same. Whitgift Security has implemented security measures such that it has achieved and maintains Cyber Essentials and IASME audited certifications.

9 Policy updates

As part of Whitgift Security’s commitment to compliance with data privacy requirements, and to reflect changes in Whitgift Security’s operating procedures, Whitgift Security may update the terms of this policy from time to time.

10 Contact details

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN.

Last Updated

Dec 2018

Communicate with us as a business Privacy Notice

1 Introduction

Whitgift Security(WS) is committed to respecting and protecting your privacy. We believe in making things easy for our clients. We know there’s nothing more off-putting than the sight of a lot of small print, so we’ve made our Privacy Policy clear, simple and easy to read. This Privacy Notice describes how we process personal data when you are communicating with us as a business. We hold the names and contact details of individuals acting in their capacity as representatives of their organisations, across the business. Interactions relate to customers, suppliers, contracts, buildings management, IT services etc. Our privacy notice is structured by providing you with information about how we manage data relevant to all our interactions with you – for example your data protection rights, who to contact, who we share your data with We then have answers to the common questions that people ask about how we protect data for this interaction.

2 What’s changed?

There have been no material changes to the policy since it was last updated in May 2018. We have changed the way it is presented.

3 Our promise to you

Whitgift Security is committed to protecting your privacy. Any processing of personal data, such as the name, address, e-mail address, or telephone number will always be carried out in accordance with the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018. We have implemented processes and security controls in line with industry best practice to keep your personal information safe. We will never sell your data to third parties. We will be clear and open with you about why we collect your personal information and how we use it.

4 Who is in control of your information?

We never lose sight of the fact that it is your personal information and you own it and can choose who has access to it and how it is processed. Whitgift Security are registered as the ‘Data Controllers’ with the Information Commissioner’s Office (ICO). Details are published on a register on the ICO website where you can also find lots of useful information about Data Protection, what it means to you as an individual and how it applies to companies like Whitgift Security. The law within the European Economic Area gives those whose personal data is held by Whitgift Security specific rights to control the personal data held about them. When you make a request

  1. We will respond within a month of you making the request
  2. We will not charge you for making a request unless the request is unreasonable.
  3. Where we refuse to respond to a request, we will explain why we are not responding and remind you that you can complain to the ICO.
Â

These include the right to:

  1. right of access – to obtain from Whitgift Security, confirmation that personal data is held, as well as a written description of such personal data, the purpose(s) for which it is being used, the source(s) of the personal data and details of any recipients
  2. Right to rectification – request corrections of personal data which is inaccurate ie incorrect or misleading as to any matter of fact
  3. right to erasure – request deletion of data where
  4. the personal data is no longer necessary for the purpose which it was originally collected or processed for
  5. you withdraw consent for data which we are holding on the basis of consent or legitimate interest
  6. you object to us processing your data for direct marketing
  7. we have processed the personal data unlawfully
  8. if there are circumstances where you do not have the right we will let you know promptly
  9. right to restrict processing – request Whitgift Security stops processing associated your personal data if
  10. there is a dispute about accuracy of data
  11. we no longer need the data, but you need us to keep it for legal claims
  12. we have processed the personal data unlawfully
  13. right to data portability – request we provide you the personal data you have provided us in an electronic format eg CSV file. This applies where
  14. basis for holding the data is consent or for the performance of a contract
  15. we are proceeding the data electronically
Â

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN. If any individual wishes to complain about how Whitgift Security is handling data or responding to requests they should contact the Information Commissioners Office – Website

5 What we do with your data?

5.1 How does WS obtain personal data?

Data is collected from you directly when you communicate with us, or may be passed to us as a result of attending meetings or being part of email correspondence which include multiple people.

5.2 What types of personal data does WS collect and use?

We collect basic contact information in order that we can respond to communication – examples name, address, phone numbers, email address. During the course of the activity further information may be disclosed

5.3 How does WS use the personal data it holds?

We use the data to mange an our business relationship with you and respond in an efficient and effective way.

5.4 What processing of personal data is done?

Processing will depend on the nature of the communications. Where we expect that we will have on ongoing relationship with, your contact information will be loaded into our contact management system The basis that we process this data will be vary depending on the nature of the communication, for many communications it is likely to be contract or legal obligation when dealing with customers and suppliers. Other communications are likely to be processed on the basis of legitimate interests as a business.

5.5 Who does WS share personal data with?

Depending on the nature of your communication we may need to include any of the organisations supplying services to us to help answer it.

5.6 How long does WS keep the personal data it holds?

Generally we will keep a correspondence for up to two years. Where we deem the correspondence to form part of our business records we will keep it for 7 years.

6 Children’s data

Whitgift Security does not provide services directly to children or proactively collect their personal information. However, we are sometimes given information about children in relation to the services we offer. The information in the relevant parts of this notice applies to children as well as adults.

7 Links and other services

Where Whitgift Security provide links to websites of other organisations or refer to other services this privacy notice does not cover how those organisations processes personal information. We would encourage you to read the privacy notices for the other organisations and websites you visit.

8 How is data protected?

Whitgift Security takes clients confidentiality and security very seriously. Whitgift Security has implemented appropriate internal security procedures that restrict access to and disclosure of personal data within Whitgift Security. These procedures will be reviewed from time to time to determine whether they are being complied with and are effective. Where data is shared by 3rd parties they are bound by contract to do the same. Whitgift Security has implemented security measures such that it has achieved and maintains Cyber Essentials and IASME audited certifications.

9 Policy updates

As part of Whitgift Security’s commitment to compliance with data privacy requirements, and to reflect changes in Whitgift Security’s operating procedures, Whitgift Security may update the terms of this policy from time to time.

10 Contact details

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN.

Last Updated

Dec 2018

Client Referrals Privacy Notice

1 Introduction

Whitgift Security(WS) is committed to respecting and protecting your privacy. We believe in making things easy for our clients. We know there’s nothing more off-putting than the sight of a lot of small print, so we’ve made our Privacy Policy clear, simple and easy to read. This Privacy Notice describes how we process personal data when you where you have been referred by another organisation or individual. Our privacy notice is structured by providing you with information about how we manage data relevant to all our interactions with you – for example your data protection rights, who to contact, who we share your data with We then have answers to the common questions that people ask about how we protect data for this interaction.

2 What’s changed?

There have been no material changes to the policy since it was last updated in May 2018. We have changed the way it is presented.

3 Our promise to you

Whitgift Security is committed to protecting your privacy. Any processing of personal data, such as the name, address, e-mail address, or telephone number will always be carried out in accordance with the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018. We have implemented processes and security controls in line with industry best practice to keep your personal information safe. We will never sell your data to third parties. We will be clear and open with you about why we collect your personal information and how we use it.

4 Who is in control of your information?

We never lose sight of the fact that it is your personal information and you own it and can choose who has access to it and how it is processed. Whitgift Security are registered as the ‘Data Controllers’ with the Information Commissioner’s Office (ICO). Details are published on a register on the ICO website where you can also find lots of useful information about Data Protection, what it means to you as an individual and how it applies to companies like Whitgift Security. The law within the European Economic Area gives those whose personal data is held by Whitgift Security specific rights to control the personal data held about them. When you make a request

  1. We will respond within a month of you making the request
  2. We will not charge you for making a request unless the request is unreasonable.
  3. Where we refuse to respond to a request, we will explain why we are not responding and remind you that you can complain to the ICO.
Â

These include the right to:

  1. right of access – to obtain from Whitgift Security, confirmation that personal data is held, as well as a written description of such personal data, the purpose(s) for which it is being used, the source(s) of the personal data and details of any recipients
  2. Right to rectification – request corrections of personal data which is inaccurate ie incorrect or misleading as to any matter of fact
  3. right to erasure – request deletion of data where
  4. the personal data is no longer necessary for the purpose which it was originally collected or processed for
  5. you withdraw consent for data which we are holding on the basis of consent or legitimate interest
  6. you object to us processing your data for direct marketing
  7. we have processed the personal data unlawfully
  8. if there are circumstances where you do not have the right we will let you know promptly
  9. right to restrict processing – request Whitgift Security stops processing associated your personal data if
  10. there is a dispute about accuracy of data
  11. we no longer need the data, but you need us to keep it for legal claims
  12. we have processed the personal data unlawfully
  13. right to data portability – request we provide you the personal data you have provided us in an electronic format eg CSV file. This applies where
  14. basis for holding the data is consent or for the performance of a contract
  15. we are proceeding the data electronically
Â

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN. If any individual wishes to complain about how Whitgift Security is handling data or responding to requests they should contact the Information Commissioners Office – Website

5 What we do with your data?

5.1 How does WS obtain personal data?

Data is collected from the another organisation or individual making the referral

5.2 What types of personal data does WS collect and use?

The information we receive will depend on the nature of the referral. Information may include: Basic contact information – examples name, address, phone numbers, email address reason for referral – potential future relationship, services of interest We need this information to be able to contact you to discuss the referral.

5.3 How does WS use the personal data it holds?

We use the information to be able to contact you to discuss the referral.

5.4 What processing of personal data is done?

We create a case and add details of the referral to our locally held data stores to ensure the referral is efficiently managed We establish the best person to respond to referral and follow up with you as appropriate. The basis that we are processing data is legitimate interest

5.5 Who does WS share personal data with?

Depending on the nature of the referral we may need to include any of the organisations supplying services to us to help answer it.

5.6 How long does WS keep the personal data it holds?

We would generally expect to keep correspondence for up to two years. Where correspondence is deemed to be a company record it may be retained for up to seven years.

5.7 Does WS transfer personal data overseas?

5.8 How does WS protect the personal data it holds?

6 Children’s data

Whitgift Security does not provide services directly to children or proactively collect their personal information. However, we are sometimes given information about children in relation to the services we offer. The information in the relevant parts of this notice applies to children as well as adults.

7 Links and other services

Where Whitgift Security provide links to websites of other organisations or refer to other services this privacy notice does not cover how those organisations processes personal information. We would encourage you to read the privacy notices for the other organisations and websites you visit.

8 How is data protected?

Whitgift Security takes clients confidentiality and security very seriously. Whitgift Security has implemented appropriate internal security procedures that restrict access to and disclosure of personal data within Whitgift Security. These procedures will be reviewed from time to time to determine whether they are being complied with and are effective. Where data is shared by 3rd parties they are bound by contract to do the same. Whitgift Security has implemented security measures such that it has achieved and maintains Cyber Essentials and IASME audited certifications.

9 Policy updates

As part of Whitgift Security’s commitment to compliance with data privacy requirements, and to reflect changes in Whitgift Security’s operating procedures, Whitgift Security may update the terms of this policy from time to time.

10 Contact details

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN.

Last Updated

Dec 2018

Website Visitors Privacy Notice

1 Introduction

Whitgift Security(WS) is committed to respecting and protecting your privacy. We believe in making things easy for our clients. We know there’s nothing more off-putting than the sight of a lot of small print, so we’ve made our Privacy Policy clear, simple and easy to read. This Privacy Notice describes how we manage personal data when you visit our website. Our privacy notice is structured by providing you with information about how we manage data relevant to all our interactions with you – for example your data protection rights, who to contact, who we share your data with We then have answers to the common questions that people ask about how we protect data for this interaction.

2 What’s changed?

There have been no material changes to the policy since it was last updated in May 2018. We have changed the way it is presented.

3 Our promise to you

Whitgift Security is committed to protecting your privacy. Any processing of personal data, such as the name, address, e-mail address, or telephone number will always be carried out in accordance with the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018. We have implemented processes and security controls in line with industry best practice to keep your personal information safe. We will never sell your data to third parties. We will be clear and open with you about why we collect your personal information and how we use it.

4 Who is in control of your information?

We never lose sight of the fact that it is your personal information and you own it and can choose who has access to it and how it is processed. Whitgift Security are registered as the ‘Data Controllers’ with the Information Commissioner’s Office (ICO). Details are published on a register on the ICO website where you can also find lots of useful information about Data Protection, what it means to you as an individual and how it applies to companies like Whitgift Security. The law within the European Economic Area gives those whose personal data is held by Whitgift Security specific rights to control the personal data held about them. When you make a request

  1. We will respond within a month of you making the request
  2. We will not charge you for making a request unless the request is unreasonable.
  3. Where we refuse to respond to a request, we will explain why we are not responding and remind you that you can complain to the ICO.
Â

These include the right to:

  1. right of access – to obtain from Whitgift Security, confirmation that personal data is held, as well as a written description of such personal data, the purpose(s) for which it is being used, the source(s) of the personal data and details of any recipients
  2. Right to rectification – request corrections of personal data which is inaccurate ie incorrect or misleading as to any matter of fact
  3. right to erasure – request deletion of data where
  4. the personal data is no longer necessary for the purpose which it was originally collected or processed for
  5. you withdraw consent for data which we are holding on the basis of consent or legitimate interest
  6. you object to us processing your data for direct marketing
  7. we have processed the personal data unlawfully
  8. if there are circumstances where you do not have the right we will let you know promptly
  9. right to restrict processing – request Whitgift Security stops processing associated your personal data if
  10. there is a dispute about accuracy of data
  11. we no longer need the data, but you need us to keep it for legal claims
  12. we have processed the personal data unlawfully
  13. right to data portability – request we provide you the personal data you have provided us in an electronic format eg CSV file. This applies where
  14. basis for holding the data is consent or for the performance of a contract
  15. we are proceeding the data electronically
Â

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN. If any individual wishes to complain about how Whitgift Security is handling data or responding to requests they should contact the Information Commissioners Office – Website

5 What we do with your data?

5.1 How does WS obtain personal data?

In general, you can visit this website without providing any information about yourself. If we do collect personal data through our website, we’ll be upfront about this. We’ll make it clear when we collect personal information and we’ll explain what we intend to do with it. When you use our website, we collect information in the following ways: Analytics We use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. This information is only processed in a way that does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. Cookies You can read more about how we use cookies on the Cookies section. We use a cookies tool on our website which relies on implied consent of users. We have aligned our use of cookies with the standard of consent required by GDPR. This means that we are in the process of updating the tool which, by default, requires explicit opt in action by users of our website. This will apply to the non-necessary cookies. We will ensure any necessary cookies for functionality and security are marked so that they are not deleted by the tool. Search engine We use a third-party to help maintain the security and performance of our website. The service checks that traffic to

5.2 What types of personal data does WS collect and use?

When visiting our website without identifying yourself, WS collects some anonymous information including online identifiers which includes IP address.

5.3 How does WS use the personal data it holds?

This information is used to help us to improve our site’s content and functionality The legal basis we rely on to process your personal data is legitimate interests – this allows us to process personal data when its necessary for the purposes of our legitimate interests.

5.4 What processing of personal data is done?

We analyse where, on which types of devices and how our site is used, how many visitors we receive, and where they click through to the site from; and remember you in case you re-visit our site, so we will know if you have already been served with cookie banners, surveys, or (where site content is undergoing testing) which version of the content you looked at.

5.5 Who does WS share personal data with?

We use third parties in running some pieces of our business and providing some of our services. See full policy for details on how this is managed If you have provided explicit names above may want to identify again here what data is shared Answers well depend if you share information with third parties) To provide our security service, our 3rd party processes site visitors’ IP addresses.

5.6 How long does WS keep the personal data it holds?

5.7 Does WS transfer personal data overseas?

We do not transfer personal data outside European Economic Area.

5.8 How does WS protect the personal data it holds?

For our website we have implemented technology that encrypts all connections to our website ensuring that your data is secure.

6 Children’s data

Whitgift Security does not provide services directly to children or proactively collect their personal information. However, we are sometimes given information about children in relation to the services we offer. The information in the relevant parts of this notice applies to children as well as adults.

7 Links and other services

Where Whitgift Security provide links to websites of other organisations or refer to other services this privacy notice does not cover how those organisations processes personal information. We would encourage you to read the privacy notices for the other organisations and websites you visit.

8 How is data protected?

Whitgift Security takes clients confidentiality and security very seriously. Whitgift Security has implemented appropriate internal security procedures that restrict access to and disclosure of personal data within Whitgift Security. These procedures will be reviewed from time to time to determine whether they are being complied with and are effective. Where data is shared by 3rd parties they are bound by contract to do the same. Whitgift Security has implemented security measures such that it has achieved and maintains Cyber Essentials and IASME audited certifications.

9 Policy updates

As part of Whitgift Security’s commitment to compliance with data privacy requirements, and to reflect changes in Whitgift Security’s operating procedures, Whitgift Security may update the terms of this policy from time to time.

10 Contact details

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN.

Last Updated

Dec 2018

Office Visitors Privacy Notice

1 Introduction

Whitgift Security(WS) is committed to respecting and protecting your privacy. We believe in making things easy for our clients. We know there’s nothing more off-putting than the sight of a lot of small print, so we’ve made our Privacy Policy clear, simple and easy to read. This Privacy Notice describes how we managing of personal data when you meet with us. Generally we do not meet visitors at our registered address but will meet at a mutually agreed time and location Our privacy notice is structured by providing you with information about how we manage data relevant to all our interactions with you – for example your data protection rights, who to contact, who we share your data with We then have answers to the common questions that people ask about how we protect data for this interaction.

2 What’s changed?

There have been no material changes to the policy since it was last updated in May 2018. We have changed the way it is presented.

3 Our promise to you

Whitgift Security is committed to protecting your privacy. Any processing of personal data, such as the name, address, e-mail address, or telephone number will always be carried out in accordance with the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018. We have implemented processes and security controls in line with industry best practice to keep your personal information safe. We will never sell your data to third parties. We will be clear and open with you about why we collect your personal information and how we use it.

4 Who is in control of your information?

We never lose sight of the fact that it is your personal information and you own it and can choose who has access to it and how it is processed. Whitgift Security are registered as the ‘Data Controllers’ with the Information Commissioner’s Office (ICO). Details are published on a register on the ICO website where you can also find lots of useful information about Data Protection, what it means to you as an individual and how it applies to companies like Whitgift Security. The law within the European Economic Area gives those whose personal data is held by Whitgift Security specific rights to control the personal data held about them. When you make a request

  1. We will respond within a month of you making the request
  2. We will not charge you for making a request unless the request is unreasonable.
  3. Where we refuse to respond to a request, we will explain why we are not responding and remind you that you can complain to the ICO.
Â

These include the right to:

  1. right of access – to obtain from Whitgift Security, confirmation that personal data is held, as well as a written description of such personal data, the purpose(s) for which it is being used, the source(s) of the personal data and details of any recipients
  2. Right to rectification – request corrections of personal data which is inaccurate ie incorrect or misleading as to any matter of fact
  3. right to erasure – request deletion of data where
  4. the personal data is no longer necessary for the purpose which it was originally collected or processed for
  5. you withdraw consent for data which we are holding on the basis of consent or legitimate interest
  6. you object to us processing your data for direct marketing
  7. we have processed the personal data unlawfully
  8. if there are circumstances where you do not have the right we will let you know promptly
  9. right to restrict processing – request Whitgift Security stops processing associated your personal data if
  10. there is a dispute about accuracy of data
  11. we no longer need the data, but you need us to keep it for legal claims
  12. we have processed the personal data unlawfully
  13. right to data portability – request we provide you the personal data you have provided us in an electronic format eg CSV file. This applies where
  14. basis for holding the data is consent or for the performance of a contract
  15. we are proceeding the data electronically
Â

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN. If any individual wishes to complain about how Whitgift Security is handling data or responding to requests they should contact the Information Commissioners Office – https://ico.org.uk/concerns/handling/

5 What we do with your data?

5.1 How does WS obtain personal data?

All information is provided by you, or if you are part of a group the information may have been provided by your group leader.

5.2 What types of personal data does WS collect and use?

The personal data collected and held by Whitgift Security includes name, organisation you represent, contact information. The selected venue for meeting may require information to be provided to them, they may also collect name, organisation and depending on location car registration.

5.3 How does WS use the personal data it holds?

We use the information to contact the people we are meeting and prepare for meetings. The legal basis we rely on is legitimate interests – this allows us to process personal data when its necessary for the purposes of our legitimate interests.

5.4 What processing of personal data is done?

Processing will depend on the nature of the meeting, individuals attending the meeting, preparation that need to take place before the meeting and any follow up activities. Where we expect that we will have on ongoing relationship with, your contact information will be loaded into our contact management system The basis that we process this data will be vary depending on the nature of the communication, for many communications it is likely to be contract or legal obligation when dealing with customers and suppliers. Other communications are likely to be processed on the basis of legitimate interests as a business.

5.5 Who does WS share personal data with?

Depending on the nature of the meeting we may need to include any of the organisations supplying services to us to help us prepare for the meeting, or to resolve actions from the meeting o conclude a successful meeting.

5.6 How long does WS keep the personal data it holds?

Details about the meeting may be retained for up to two years. Where we deem the correspondence around the meeting to form part of our business records we will keep it for 7 years.

6 Children’s data

Whitgift Security does not provide services directly to children or proactively collect their personal information. However, we are sometimes given information about children in relation to the services we offer. The information in the relevant parts of this notice applies to children as well as adults.

7 Links and other services

Where Whitgift Security provide links to websites of other organisations or refer to other services this privacy notice does not cover how those organisations processes personal information. We would encourage you to read the privacy notices for the other organisations and websites you visit.

8 How is data protected?

Whitgift Security takes clients confidentiality and security very seriously. Whitgift Security has implemented appropriate internal security procedures that restrict access to and disclosure of personal data within Whitgift Security. These procedures will be reviewed from time to time to determine whether they are being complied with and are effective. Where data is shared by 3rd parties they are bound by contract to do the same. Whitgift Security has implemented security measures such that it has achieved and maintains Cyber Essentials and IASME audited certifications.

9 Policy updates

As part of Whitgift Security’s commitment to compliance with data privacy requirements, and to reflect changes in Whitgift Security’s operating procedures, Whitgift Security may update the terms of this policy from time to time.

10 Contact details

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN.

Last Updated

Dec 2018

Consultancy Services Privacy Notice

1 Introduction

Whitgift Security(WS) is committed to respecting and protecting your privacy. We believe in making things easy for our clients. We know there’s nothing more off-putting than the sight of a lot of small print, so we’ve made our Privacy Policy clear, simple and easy to read. This Privacy Notice describes how we managing of personal data when we are working with you providing you consulting services. Our privacy notice is structured by providing you with information about how we manage data relevant to all our interactions with you – for example your data protection rights, who to contact, who we share your data with We then have answers to the common questions that people ask about how we protect data for this interaction.

2 What’s changed?

There have been no material changes to the policy since it was last updated in May 2018. We have changed the way it is presented.

3 Our promise to you

Whitgift Security is committed to protecting your privacy. Any processing of personal data, such as the name, address, e-mail address, or telephone number will always be carried out in accordance with the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018. We have implemented processes and security controls in line with industry best practice to keep your personal information safe. We will never sell your data to third parties. We will be clear and open with you about why we collect your personal information and how we use it.

4 Who is in control of your information?

We never lose sight of the fact that it is your personal information and you own it and can choose who has access to it and how it is processed. Whitgift Security are registered as the ‘Data Controllers’ with the Information Commissioner’s Office (ICO). Details are published on a register on the ICO website where you can also find lots of useful information about Data Protection, what it means to you as an individual and how it applies to companies like Whitgift Security. The law within the European Economic Area gives those whose personal data is held by Whitgift Security specific rights to control the personal data held about them. When you make a request

  1. We will respond within a month of you making the request
  2. We will not charge you for making a request unless the request is unreasonable.
  3. Where we refuse to respond to a request, we will explain why we are not responding and remind you that you can complain to the ICO.
Â

These include the right to:

  1. right of access – to obtain from Whitgift Security, confirmation that personal data is held, as well as a written description of such personal data, the purpose(s) for which it is being used, the source(s) of the personal data and details of any recipients
  2. Right to rectification – request corrections of personal data which is inaccurate ie incorrect or misleading as to any matter of fact
  3. right to erasure – request deletion of data where
  4. the personal data is no longer necessary for the purpose which it was originally collected or processed for
  5. you withdraw consent for data which we are holding on the basis of consent or legitimate interest
  6. you object to us processing your data for direct marketing
  7. we have processed the personal data unlawfully
  8. if there are circumstances where you do not have the right we will let you know promptly
  9. right to restrict processing – request Whitgift Security stops processing associated your personal data if
  10. there is a dispute about accuracy of data
  11. we no longer need the data, but you need us to keep it for legal claims
  12. we have processed the personal data unlawfully
  13. right to data portability – request we provide you the personal data you have provided us in an electronic format eg CSV file. This applies where
  14. basis for holding the data is consent or for the performance of a contract
  15. we are proceeding the data electronically
Â

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN. If any individual wishes to complain about how Whitgift Security is handling data or responding to requests they should contact the Information Commissioners Office – Website

5 What we do with your data?

5.1 How does WS obtain personal data?

Data is collected from you directly when you request that we provide your organisation with consulting services, or is provided by individuals we work with in your organisation.

5.2 What types of personal data does WS collect and use?

The personal data collected will generally include contact names (first and last name) and contact details (company name, postal address, telephone and e-mail addresses) for delivery, support and billing. Where further information is collected it will be as a result of the consulting activities we are engaged in. A fuller description may be provided with term and conditions at the start of the engagement.

5.3 How does WS use the personal data it holds?

Most of Whitgift Security’ use of personal data is necessary to enable it to provide a service to its Clients, including order processing, delivery of service be it a workshop, accreditation or consultancy as well as for invoicing and to answer general enquiries.

5.4 What processing of personal data is done?

The information is processed for the following purposes: 1.Data collected when a client signs up for consulting & virtual CISO services – data will be processed by Whitgift Security. Data will be used to invoice and communicate with the client concerning the assignment. The data will be seen by the Whitgift Security personnel during the assignment process. 2.When the assignment has finished the information will be used to follow-up to ask client for feedback and post- assignment activities.

5.5 Who does WS share personal data with?

The 3rd parties clients data is shared with will depend on the services required to support assignment. Specifics will be discussed with clients as assignment is scoped.

5.6 How long does WS keep the personal data it holds?

Whitgift Security will not keep personal data longer than is necessary, retention periods are defined by policy. The policy is reviewed from time to time to determine whether it is being complied with and is effective. In general • Data associated with invoicing is retained for 7 years • Contact data is retained for up to 12 months after last client interaction or agreed date for follow-up.

5.7 Does WS transfer personal data overseas?

When Whitgift Security asks you for feedback from events we use SurveyMonkey which is a US based company. We rely on the Privacy Shield Framework to transfer this information.

5.8 How does WS protect the personal data it holds?

6 Children’s data

Whitgift Security does not provide services directly to children or proactively collect their personal information. However, we are sometimes given information about children in relation to the services we offer. The information in the relevant parts of this notice applies to children as well as adults.

7 Links and other services

Where Whitgift Security provide links to websites of other organisations or refer to other services this privacy notice does not cover how those organisations processes personal information. We would encourage you to read the privacy notices for the other organisations and websites you visit.

8 How is data protected?

Whitgift Security takes clients confidentiality and security very seriously. Whitgift Security has implemented appropriate internal security procedures that restrict access to and disclosure of personal data within Whitgift Security. These procedures will be reviewed from time to time to determine whether they are being complied with and are effective. Where data is shared by 3rd parties they are bound by contract to do the same. Whitgift Security has implemented security measures such that it has achieved and maintains Cyber Essentials and IASME audited certifications.

9 Policy updates

As part of Whitgift Security’s commitment to compliance with data privacy requirements, and to reflect changes in Whitgift Security’s operating procedures, Whitgift Security may update the terms of this policy from time to time.

10 Contact details

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN.

Last Updated

Dec 2018

Certifications Privacy Notice

1 Introduction

Whitgift Security(WS) is committed to respecting and protecting your privacy. We believe in making things easy for our clients. We know there’s nothing more off-putting than the sight of a lot of small print, so we’ve made our Privacy Policy clear, simple and easy to read. This Privacy Notice describes how we managing of personal data when you apply for certifications through Whitgift Security Our privacy notice is structured by providing you with information about how we manage data relevant to all our interactions with you – for example your data protection rights, who to contact, who we share your data with We then have answers to the common questions that people ask about how we protect data for this interaction.

2 What’s changed?

There have been no material changes to the policy since it was last updated in May 2018. We have changed the way it is presented.

3 Our promise to you

Whitgift Security is committed to protecting your privacy. Any processing of personal data, such as the name, address, e-mail address, or telephone number will always be carried out in accordance with the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018. We have implemented processes and security controls in line with industry best practice to keep your personal information safe. We will never sell your data to third parties. We will be clear and open with you about why we collect your personal information and how we use it.

4 Who is in control of your information?

We never lose sight of the fact that it is your personal information and you own it and can choose who has access to it and how it is processed. Whitgift Security are registered as the ‘Data Controllers’ with the Information Commissioner’s Office (ICO). Details are published on a register on the ICO website where you can also find lots of useful information about Data Protection, what it means to you as an individual and how it applies to companies like Whitgift Security. The law within the European Economic Area gives those whose personal data is held by Whitgift Security specific rights to control the personal data held about them. When you make a request

  1. We will respond within a month of you making the request
  2. We will not charge you for making a request unless the request is unreasonable.
  3. Where we refuse to respond to a request, we will explain why we are not responding and remind you that you can complain to the ICO.
Â

These include the right to:

  1. right of access – to obtain from Whitgift Security, confirmation that personal data is held, as well as a written description of such personal data, the purpose(s) for which it is being used, the source(s) of the personal data and details of any recipients
  2. Right to rectification – request corrections of personal data which is inaccurate ie incorrect or misleading as to any matter of fact
  3. right to erasure – request deletion of data where
  4. the personal data is no longer necessary for the purpose which it was originally collected or processed for
  5. you withdraw consent for data which we are holding on the basis of consent or legitimate interest
  6. you object to us processing your data for direct marketing
  7. we have processed the personal data unlawfully
  8. if there are circumstances where you do not have the right we will let you know promptly
  9. right to restrict processing – request Whitgift Security stops processing associated your personal data if
  10. there is a dispute about accuracy of data
  11. we no longer need the data, but you need us to keep it for legal claims
  12. we have processed the personal data unlawfully
  13. right to data portability – request we provide you the personal data you have provided us in an electronic format eg CSV file. This applies where
  14. basis for holding the data is consent or for the performance of a contract
  15. we are proceeding the data electronically
Â

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN. If any individual wishes to complain about how Whitgift Security is handling data or responding to requests they should contact the Information Commissioners Office – Website

5 What we do with your data?

5.1 How does WS obtain personal data?

Data is collected from you directly when you apply for certifications through Whitgift Security, or is provided by individuals completing the certification application forms.

5.2 What types of personal data does WS collect and use?

The personal data collected will generally include contact names (first and last name) and contact details (company name, postal address, telephone and e-mail addresses) for delivery, support and billing.

5.3 How does WS use the personal data it holds?

Whitgift Security use of personal data is necessary to enable delivery of the certification service including processing the order and invoicing, creating the online accounts to enable the Client to apply for the requested certification; contacting client about completion of the certification, answering general enquiries and follow-up to remind the client about the renewal date.

5.4 What processing of personal data is done?

The information is processed for the following purposes: 1. Data collected when a client applies for an assessment – data will be processed by both IASME consortium and Pervade Software Ltd. Data will be used to generate an assessment account and an invoice and communicate with the client concerning the assessment. The data will be seen by the Whitgift Security assessor during the assessment process. When the assessment has finished the information will be used to remind the client about the renewal date and associated follow-up. 2. If a client is eligible for the included insurance and chooses to accept it then some of their data will be passed to Sutcliffe & Co for the processing of the insurance cover. Sutcliffe & Co with then share it with other Insurance professionals to ensure the client has the insurance cover. 3. After the assessment has been completed, a client is asked for permission to use their data. They give consent specifically for it to be used for a congratulations tweet, a congratulations post on LinkedIn, authorisation for the UK government to contact then in the future for publicity or research and for IASME and/or Whitgift Security to contact them for publicity or research. If any of these are agreed to the data will be used only for those purposes. The basis that we process this data will be contract. When we remind you about certificate renewals the basis is legitimate interests as a business.

5.5 Who does WS share personal data with?

Clients who use assessment services to IASME or Cyber Essentials certifications will have data • passed to IASME consortium who is the accreditation body • loaded to Pervade software who support the IASME certifications • shared with Sutcliffe & Co where clients accept cyber insurance offer

5.6 How long does WS keep the personal data it holds?

Whitgift Security will not keep personal data longer than is necessary, retention periods are defined by policy. The policy is reviewed from time to time to determine whether it is being complied with and is effective. In general • Data associated with invoicing is retained for 7 years • Contact data is retained for up to 15 months following certification to remind the client about the renewal date.

5.7 Does WS transfer personal data overseas?

When Whitgift Security asks you for feedback from events we use SurveyMonkey which is a US based company. We rely on the Privacy Shield Framework to transfer this information.

6 Children’s data

Whitgift Security does not provide services directly to children or proactively collect their personal information. However, we are sometimes given information about children in relation to the services we offer. The information in the relevant parts of this notice applies to children as well as adults.

7 Links and other services

Where Whitgift Security provide links to websites of other organisations or refer to other services this privacy notice does not cover how those organisations processes personal information. We would encourage you to read the privacy notices for the other organisations and websites you visit.

8 How is data protected?

Whitgift Security takes clients confidentiality and security very seriously. Whitgift Security has implemented appropriate internal security procedures that restrict access to and disclosure of personal data within Whitgift Security. These procedures will be reviewed from time to time to determine whether they are being complied with and are effective. Where data is shared by 3rd parties they are bound by contract to do the same. Whitgift Security has implemented security measures such that it has achieved and maintains Cyber Essentials and IASME audited certifications.

9 Policy updates

As part of Whitgift Security’s commitment to compliance with data privacy requirements, and to reflect changes in Whitgift Security’s operating procedures, Whitgift Security may update the terms of this policy from time to time.

10 Contact details

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN.

Last Updated

Dec 2018

Toolboxes Privacy Notice

1 Introduction

Whitgift Security(WS) is committed to respecting and protecting your privacy. We believe in making things easy for our clients. We know there’s nothing more off-putting than the sight of a lot of small print, so we’ve made our Privacy Policy clear, simple and easy to read. This Privacy Notice describes how we managing of personal data when you request that we supply you with one of our documentation packs or the toolbox. Our privacy notice is structured by providing you with information about how we manage data relevant to all our interactions with you – for example your data protection rights, who to contact, who we share your data with We then have answers to the common questions that people ask about how we protect data for this interaction.

2 What’s changed?

There have been no material changes to the policy since it was last updated in May 2018. We have changed the way it is presented.

3 Our promise to you

Whitgift Security is committed to protecting your privacy. Any processing of personal data, such as the name, address, e-mail address, or telephone number will always be carried out in accordance with the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018. We have implemented processes and security controls in line with industry best practice to keep your personal information safe. We will never sell your data to third parties. We will be clear and open with you about why we collect your personal information and how we use it.

4 Who is in control of your information?

We never lose sight of the fact that it is your personal information and you own it and can choose who has access to it and how it is processed. Whitgift Security are registered as the ‘Data Controllers’ with the Information Commissioner’s Office (ICO). Details are published on a register on the ICO website where you can also find lots of useful information about Data Protection, what it means to you as an individual and how it applies to companies like Whitgift Security. The law within the European Economic Area gives those whose personal data is held by Whitgift Security specific rights to control the personal data held about them. When you make a request

  1. We will respond within a month of you making the request
  2. We will not charge you for making a request unless the request is unreasonable.
  3. Where we refuse to respond to a request, we will explain why we are not responding and remind you that you can complain to the ICO.
Â

These include the right to:

  1. right of access – to obtain from Whitgift Security, confirmation that personal data is held, as well as a written description of such personal data, the purpose(s) for which it is being used, the source(s) of the personal data and details of any recipients
  2. Right to rectification – request corrections of personal data which is inaccurate ie incorrect or misleading as to any matter of fact
  3. right to erasure – request deletion of data where
  4. the personal data is no longer necessary for the purpose which it was originally collected or processed for
  5. you withdraw consent for data which we are holding on the basis of consent or legitimate interest
  6. you object to us processing your data for direct marketing
  7. we have processed the personal data unlawfully
  8. if there are circumstances where you do not have the right we will let you know promptly
  9. right to restrict processing – request Whitgift Security stops processing associated your personal data if
  10. there is a dispute about accuracy of data
  11. we no longer need the data, but you need us to keep it for legal claims
  12. we have processed the personal data unlawfully
  13. right to data portability – request we provide you the personal data you have provided us in an electronic format eg CSV file. This applies where
  14. basis for holding the data is consent or for the performance of a contract
  15. we are proceeding the data electronically
Â

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN. If any individual wishes to complain about how Whitgift Security is handling data or responding to requests they should contact the Information Commissioners Office – Website

5 What we do with your data?

5.1 How does WS obtain personal data?

Data is collected from you directly when you apply for a toolbox from Whitgift Security.

5.2 What types of personal data does WS collect and use?

The personal data collected will generally include contact names (first and last name) and contact details (company name, postal address, telephone and e-mail addresses) for delivery, support and billing.

5.3 How does WS use the personal data it holds?

Whitgift Security use of personal data is necessary to enable delivery of the toolbox including processing the order and invoicing; contacting client about updates to the toolbox during their support period and answering general enquiries.

5.4 What processing of personal data is done?

The information is processed for the following purposes: 1.Data collected when a client signs up for toolboxes – data will be processed by Whitgift Security. Data will be used to invoice and communicate with the client concerning the toolbox. 2.The information will be used to follow-up to ask client for feedback about the toolbox.

5.5 Who does WS share personal data with?

For this service we do not expect to share data with any 3rd party, unless you ask for our help and we need to involve others in responding to your query.

5.6 How long does WS keep the personal data it holds?

Whitgift Security will not keep personal data longer than is necessary, retention periods are defined by policy. The policy is reviewed from time to time to determine whether it is being complied with and is effective. In general • Data associated with invoicing is retained for 7 years • Contact data is retained for up to 12 months after last client interaction or agreed date for follow-up.

5.7 Does WS transfer personal data overseas?

When Whitgift Security asks you for feedback from events we use SurveyMonkey which is a US based company. We rely on the Privacy Shield Framework to transfer this information.

5.8 How does WS protect the personal data it holds?

6 Children’s data

Whitgift Security does not provide services directly to children or proactively collect their personal information. However, we are sometimes given information about children in relation to the services we offer. The information in the relevant parts of this notice applies to children as well as adults.

7 Links and other services

Where Whitgift Security provide links to websites of other organisations or refer to other services this privacy notice does not cover how those organisations processes personal information. We would encourage you to read the privacy notices for the other organisations and websites you visit.

8 How is data protected?

Whitgift Security takes clients confidentiality and security very seriously. Whitgift Security has implemented appropriate internal security procedures that restrict access to and disclosure of personal data within Whitgift Security. These procedures will be reviewed from time to time to determine whether they are being complied with and are effective. Where data is shared by 3rd parties they are bound by contract to do the same. Whitgift Security has implemented security measures such that it has achieved and maintains Cyber Essentials and IASME audited certifications.

9 Policy updates

As part of Whitgift Security’s commitment to compliance with data privacy requirements, and to reflect changes in Whitgift Security’s operating procedures, Whitgift Security may update the terms of this policy from time to time.

10 Contact details

If any individual wishes to contact Whitgift Security regarding the personal data held about them or has any other question about Whitgift Security’ data privacy procedures, they should direct an email to contact@Whitgifts.com send a letter to Jane Whitgift at Whitgift Security, 20 Dawes Road, London, England, SW6 7EN.

Last Updated

Dec 2018

Get in Touch

Let Whitgift Security help you secure your online business now
Contact us
Scroll Top
Cookie settings