1. Your personal data – what is it?
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).
2. Who are we?
Oikos is the data controller (contact details below). This means it decides how your personal data is processed and for what purposes.
3. How do we process your personal data?
Oikos complies with its obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
We use your personal data for the following purposes: –
- We take your name and email address to provide you with our services.
- To fulfill our contractual obligations to our clients.
- We take your personal data to provide you with a response to our contact form on our website.
- We may collect business cards during events in which we participate.
- To gather information on delegates who have used Oikos. This information will be shared with the sponsor of the event.
The personal data that is provided to us is provided either directly from the individual concerned, from a third party acting on behalf of an individual, or from publicly available sources (such as internet searches, Companies House).
4. What is the legal basis for processing your personal data?
We will only use your personal data entered on our website for the reasons stated on the website.
For all other uses of data set out above, we have a legitimate interest in processing it to provide professional services to clients and improve our products and services.
5. Sharing your personal data
We don’t share your personal information with anyone. Information we gather during events will be shared with the event organisers and sponsors.
6. How long do we keep your personal data?
We retain the personal data processed by us in a live environment for as long as is considered necessary for the purpose(s) for which it was collected (including as required by applicable law or regulation, typically 6 years). We may keep data for longer to establish, exercise, or defend our legal rights and the legal rights of our clients.
In addition, personal data may be securely archived with restricted access and other appropriate safeguards where there is a need to continue to retain it.
Locations of Processing
Where possible, personal data resides within the UK territory but may be transferred to, and stored at, a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. We will take all reasonable steps to ensure that your data is treated securely, in accordance with this privacy statement.
7. Your rights and your personal data
Individuals have certain rights over their personal data and data controllers are responsible for fulfilling these rights as follows:
- Individuals may request access to their personal data held by us as a data controller.
- Individuals may request us to rectify personal data submitted to us or, where appropriate, contact us via the relevant website registration page or by amending the personal details held on relevant applications with which they registered.
- Individuals may request that we erase their personal data
- Where we process personal data based on consent, individuals may withdraw their consent at any time by contacting us or clicking on the unsubscribe link in an email received from us.
- Individuals may have other rights to restrict or object to our processing of personal data and the right to data portability.
- Individuals may request information about, or human intervention into, any automated data processing that we may undertake.
If you wish to exercise any of these rights, please send an email to email@example.com.
8. Further processing
If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
9. Contact Details
To exercise all relevant rights, queries or complaints please in the first instance contact firstname.lastname@example.org
You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/.