2. Who we are
Here are the details that the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regards to the processing of personal data and on the free movement of such data, known as General Data Protection Regulation (GDPR) says we have to give you as a “data controller”:
- Our site address is http://www.organisedchaosmgmt.com
- We are Organised Chaos Management headed by Flip Dewar
- Our business address is 15 Dalling Road, London, W6 0JD
- You can contact us at firstname.lastname@example.org any issue related to the processing of your data.
3. What we may collect
We may collect and process the following personal data about you:
- Client and supplier contacts: these are the contact details which you have provided to us, or which we have obtained from public sources or industry contacts, related to the services you may request or have requested us to provide (Client Services) or related to the services we may request or have requested you, or the business you work for, to provide to us including on behalf of our clients (Supplier Services);
- Client and supplier service data: this is the personal information about you, your family or your business and/or personal assistance needs which you have provided to us, or which we have obtained from public sources or industry contacts, or which we generate or request others to generate in connection with requested Client Services or our requests for Supplier Services, as the case may be, including through:
- any correspondence or engagement with you or on your behalf (such as the contact form on our website, in meetings with you or any of your representatives or the people you represent, or via telephone calls, emails, social media or other means);
- contracts and contract materials;
- diary and appointment details;
- travel, relocation and holiday documentation;
- passports and visas;
- accounts for utilities, domestic services and other supplies;
- event attendance and organization;
- materials for training, education and care activities;
- photos, videos and other recordings; and
- invoices and payment forms.
- Online engagement data: details of your visits to our website and contact with us via social media such as the pages you visit and the resources you use; and
- Technical data: information about your computer or device you use to access our website e.g. your IP address, browser, operating system, etc.;
Under GDPR we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights. We will only process your personal data if at least one of the following basis applies:
- you have given consent to the processing of your personal data for one or more specific purposes;
- processing is necessary for the performance of a contract to which you are a party or in order to take steps at the request of you prior to entering into a contract;
- processing is necessary for compliance with a legal obligation to which we are subject;
- processing is necessary to protect the vital interests of you or of another natural person;
- processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; and/or
- processing is necessary for the purposes of the legitimate interests pursued by us or by our third party supplier, such as our website host or technology providers, except where such interests are overridden by the fundamental rights and freedoms of the data subject which require protection of personal data.
In most cases, whether we are providing you or working with you in connection with the provision of Client Services or you are providing us or working with us in connection with Supplier Services, we or our service suppliers will be processing your personal data under basis f. above for the legitimate interest of operating, managing and promoting our business as a provider of personal assistance and business services or under basis b. if we have a contract with you personally or basis c. when we need to comply with legal requirements and requests. In rare, emergency situations we may use your data under basis d.
If we rely on consent under basis a. we will inform you specifically when we obtain this and of your ability to withdraw that consent at any time.
NOTE The processing of the following “special” categories of personal data (i.e. sensitive data) is restricted under the GDPR: (i) “personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership”; (ii) “genetic data, biometric data for the purpose of uniquely identifying a natural person”; and finally “data concerning health or data concerning a natural person’s sex life or sexual orientation”.
We do not generally process such data unless it is strictly necessary for the Client Services or Supplier Services and we have your explicit consent or we need to comply with legal requirements and requests or it is an emergency situation and you physically (or legally) cannot provide consent or where you have made that information public.
All cookies used on our site are set by us.
Most computer and some mobile web browsers automatically accept cookies but, if you prefer, you can change your browser to prevent that or to notify you each time a cookie is set. You can prevent the setting of cookies by adjusting the settings on your browser. Please note however, that by blocking or deleting cookies you may not be able to take full advantage of the site.
Our cookies will be used for:
Essential session management
- creating a specific log-in session for a user of the website in order that the website remembers that a user is logged in and that their page requests are delivered in an effective, secure and consistent manner;
- recognising when a user of the website has visited before allowing us to identify the number of unique users we receive to the website and make sure we have enough capacity for the number of users that we get;
- recognising if a visitor to the website is registered with us in any way;
- we may also log information from your computer including the existence of cookies, your IP address and information about your browser program in order to allow us to diagnose problems, administer and track your usage of our website.
- customising elements of the promotional layout and/or content of the pages of the website.
Performance and measurement
- collecting statistical information about how our users use the website so that we can improve the website and learn which parts are most popular to users.]
5. How we use what we collect
We use personal data about you in order to operate, manage and promote our business as a provider of personal assistance and business services and in particular to:
- enable us to provide the Client Services we have been requested to provide;
- enable service providers to provide the Supplier Services we have requested them to provide;
- issue invoices and process the payments we receive for our Client Services;
- receive invoices and process the payments we make for the Supplier Services; and
- tell clients and suppliers and prospective clients and suppliers about our business, our services and our charges including on our website and in social media.
[If you do not want to receive email or other direct communications about our business or services then contact us at any time to opt-out at email@example.com
In addition, if you don’t want us to use your personal data for any of the other reasons set out in this section 5, you can let us know at any time by contacting us at firstname.lastname@example.org, but this may limit our ability to provide services to you or request services from you.
In some cases, the collection of personal data may be a statutory or contractual requirement, and we will be limited in the services we can provide or request if you don’t provide or seek to restrict your personal data in these cases.
6. Disclosing your information
We may disclose your personal data in the following cases:
- to the other persons that: (i) we have specifically been requested to provide it to; or (ii) it is otherwise necessary for us to do so; in order to provide the Client Services;
- to (i) our clients and their representatives; or (ii) the other persons that it is otherwise necessary for us to do so; in order for us to obtain the benefit of the Supplier Services;
- to banks and payment processors in order to process payments;
- if we have a legal obligation to do so, or in order to protect other people’s property, safety or rights;
- by exchanging information with financial institutions and professional and legal advisers to protect against fraud or credit risks; and
- if we want to sell our business, or our company, we can disclose it to the potential buyer.
Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under the GDPR and the law.
7. Transfers outside the European Union (EU)
We may need to transfer your data outside of the EU (where data protection law may not provide an equivalent level of protection to the GDPR) in connection with Client Services or Supplier Services requested or provided from outside of the EU and therefore this will be necessary for the purposes of our contract with you or a contract from which you benefit or it will be with your consent.
We only keep your personal data for as long as we need to in order to use it as described above in section 5, and/or for as long as we have your permission to keep it. In any event, we will conduct an [annual] review to ascertain whether we need to keep your personal data. Your personal data will be deleted if we no longer need it.
9. Your rights
You can ask us not to use your data for marketing. You can do this by ticking by contacting us at any time at email@example.com
Under the GDPR, you have the right to:
- request access to, deletion of or correction of, your personal data held by us at no cost to you;
- request that your personal data be transferred to another person (data portability);
- be informed of what data processing is taking place;
- restrict processing;
- to object to processing of your personal data; and
- complain to a supervisory authority which in the UK is the Office of the Information Commissioner (ICO).
10. Links to other sites
Please note that this policy will not apply to other websites that you get to via a link from our website. We have no control over how your data is collected, stored or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.