The Valley CIDS data protection notice refers to our commitment to treat your information in line with good practice, legislation requirements and to protect clients, staff and other individuals as well as the organisation.
This policy covers all data subjects (living individuals) whose personal data is collected in line with UK Data Protection Laws.
The Personal Information we collect
Where you submit your personal information to us it will only be used for;
Valley CIDS collects the following information from our clients
The personal information gathered on the website
We may collect technical information relating to your use of our website, including your browser type or the Internet Protocol (IP) address used to connect your computer to the internet. We also gather general information about the use of our website, such as which pages users visit most often and which services, events or facilities are of most interest. We may also track which pages users visit when they click on links in emails.
We may use this information to personalise the way our website is presented when users visit, to make improvements to our website and to ensure we provide the best service for users. Wherever possible, we use aggregated or anonymous information which does not identify individual visitors to our website.
We will never request personal information about your health or the health of your family members or friends, unless we inform you how that information will be used and receive your express consent to use it.
When someone visits Valley CIDS we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be upfront about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
Links to other websites
The lawful basis to collect this information
We collect this information on the lawful basis for entering into or performance of a contract as well as consent and legitimate interest.
In certain circumstances, we may have to abide by a legal obligation which we may be subject to, including, but not limited to, sharing data with the HMRC or law enforcement agencies. Where we do this, and we are legally permitted to, we will clearly inform you.
People who email us
Any email sent to us, including any attachments, may be monitored and used by us for reasons of legitimate business, security and for monitoring compliance with office policy. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.
The storage location of information
All data is stored within the UK only.
Valley CIDS ensures all the best security practices are followed to ensure privacy by design is integral to the processing of information.
Retention of information
We will retain client data for a maximum period of 6 years after the contract has ended to enable us:
All data will be removed following security best practices to ensure the data is fully deleted and unrecoverable.
Where we use your information for marketing we rely on consent or, in some cases, legitimate interest.
You can stop any further direct marketing from us by:
Information we share
As part of the client contract we need to share information with:
Under the UK Data Protection laws individual have the following rights:
If at any point you believe the information we process on you is incorrect, you may request to see this information and even have it corrected or deleted. If you wish to raise a complaint about how we have handled your personal data, you can contact our Data Protection Officer who will investigate the matter.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office https://ico.org.uk/concerns.
If you would like further information about this Policy, please contact the Data Protection Officer at the following address, telephone number and email address:
The Saltpot, 13-14 The Green, Swanwick, Alfreton, Derbyshire, DE55 1BL.
Tel: 01773 609603
If Valley CIDS or substantially all of its assets, are acquired, or in the unlikely event that Valley CIDS goes out of business or enters bankruptcy, user information would be one of the assets that are transferred or acquired by a third party. You acknowledge that such transfers may occur and that any acquirer of Valley CIDS may continue to use your personal information as set forth in this policy. If this occurs you will be informed prior to the transfer.
Handling a Personal Data Breach
In the event of a data breach, we will use the ICO standard reporting form, ICO Data Breach reporting template, and in the event that the data breach has a significant impact on the people affected we will inform them directly either via email or our website.