Privacy Policy

 

I understand that your privacy is important to you and that you care about how your personal data is used. I respect and value the privacy of all my clients and will only collect and use personal data in ways that are described here, and which are consistent with our obligations and your rights under the law.

 

What does this Privacy Policy cover?

I conduct my consultancy as a sole trader.  This Privacy Policy explains how I use your personal data: how it is collected, how it is held and how it is processed. It also explains your rights under the law relating to your personal data.

 

What is personal data?

Personal data is defined by the General Dara Protection Regulation 2016/679 (the “GDPR”) and the Data Protection Act 2018 (collectively the “Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.

What are my data protection responsibilities?

I use and am responsible for personal information about you, and I am therefore the ‘data controller’ of your personal data for the purposes of the Data Protection Legislation.

What are your rights?

Under the Data Protection Legislation, you have the following rights which I will work to uphold:

  • The right to be informed about my collection and use of your personal data. This Privacy Policy should tell you everything you need to know, but you can always contact me to find out more or to ask any questions using the contact details below.
  • The right to access the personal data I hold about you.
  • The right to have your personal data rectified if any of your personal data held by me is inaccurate or incomplete.
  • The right to be forgotten, i.e. the right to ask me to delete or otherwise dispose of any of your personal data that I hold.
  • The right to restrict the processing of your personal data.
  • The right to object to me using your personal data for a particular purpose or purposes.
  • The right to withdraw consent. This means that if I am relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.
  • The right to data portability. This means that, if you have provided personal data to me directly, I am using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask me for a copy of that personal data to re-use with another service or business in many cases.
  • Rights regarding automated decision-making and profiling. Please note that I do not use your data in this way.

You can read more about these rights here.

Further information about your rights can also be obtained by contacting the Information Commissioner’s Office or your local Citizen’s Advice Bureau.

What personal information do I collect about you?

I may collect personal information from you in the course of our business, including through the provision of consultancy services, through your use of my website, when you contact or request information from me, or as a result of your relationship with me.

The personal information that I process includes:

  • Basic information, such as your name (including prefix and title), the company you work for, your position or title and your relationship to a person.
  • Contact information, such as your postal address, email address and phone number(s).
  • Information relating to your location, preferences or interests.
  • In certain circumstances, your and others’ signature, financial information and payment-related information
  • In certain circumstances, data relating to health (including disabilities), ethnicity, race, religious beliefs, trade union membership and other ‘special category personal data’.
  • Technical information, such as information relating to your visits to my website or in relation to emails that I send you.
  • The content of any enquiry submitted by you or on your behalf over our website.
  • Identification and background information provided by you or collected by me in the course of providing mediation services.
  • Any other information relating to you which you may provide to me

It is important that your personal data is kept accurate and up-to-date. If any of the personal data I hold about you changes, please keep me informed for so long as I hold your personal data.

How I obtain your personal information

  • I obtain information from you in the course of providing my consultancy services to you.
  • I collect your personal information when you use my website and in the course of email communications with you.
  • I gather information about you when you provide it to me, or interact with us directly, such as communicating on my website.
  • I may use publicly available sources to obtain your personal information in order to ensure that the contact details I hold for you are up to date

How I use your personal information

I use the personal information that I collect about you from the sources listed above, in a number of ways:

  • To provide and improve my services to you, including maintaining our records relating to consultancy. This includes providing personal information to me in my capacity as a consultant.
  • To respond to any query that you may submit to me.
  • To manage and administer my relationship with you (and/ or your business) including by maintaining our database of contents and other third parties for administration, accounting and relationship management purposes
  • To complete my contractual obligations to you
  • For my legitimate business purposes such as carrying out any relevant conflict checks and managing the operation of our practice
  • To keep accounting records
  • To promote and market my services
  • To provide work shadowing opportunities
  • To comply with my professional, legal and regulatory obligations
  • To respond to potential complaints or make complaints
  • To establish and exercise my legal rights or for the purpose of bringing or defending legal proceedings
  • Where I consider it necessary, to prevent or respond to actual or potential fraud or illegal activities.

Use of our website

When someone visits andygeorgiou.com I use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. I do this to find out things such as the number of visitors to the various parts of the site. Google Analytics does this by placing small text files called ‘cookies’ on your device. The information that cookies collect is only processed in a way which does not identify anyone. I do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If I do want to collect personally identifiable information through our website, I will make this clear. I will make it clear when I collect personal information and will explain what I intend to do with it.

Search queries and results are logged anonymously to help me improve my website and search functionality. No user-specific data is collected either by me or by any third party.

Marketing and other emails

With your permission and/ or where permitted by law, I may also use your personal data for marketing purposes, which may include contacting you by email with information about my services and news. You will not be sent any unlawful marketing or spam. If you receive marketing communications from me and no longer wish to do so, you may unsubscribe at any time by emailing me here or by managing your preferences at the foot of the email received from me.

Legal basis on which we use or store your personal information

The Data Protection Legislation requires that all those that process personal data have a legal basis for doing so. The lawful bases identified in the Data Protection Legislation, and which provide my legal bases for processing your personal data are:

  • To perform a contract or to take steps to enter into a contract, such as a contract to provide consultancy services to you
  • For legitimate business purposes as detailed in ‘How I use your personal information’ above.
  • To comply with legal and regulatory obligations
  • Where I am otherwise required or authorised to do so by law
  • Where processing ‘special category’ data is necessary in the context of the establishment, exercise or defence of legal claims

How long I keep your personal information

I will not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected. The retention period may vary from one piece of information to another. The retention period will also take into account my need to meet any legal or regulatory obligations, good practice and our legitimate business purposes. The need to use or store your personal information will be reassessed on a regular basis and any information which can be destroyed because it is no longer required will be disposed of securely and effectively.

Who I share your personal data with

I may share your information with certain trusted third parties in accordance with contractual arrangements in place with them including:

  • Suppliers who provide support services in relation to IT and email marketing
  • Third parties involved in hosting our website

I may share information with business administration service providers, insurers and in connection with bank transfers and accountancy requirements.

I may also be required to provide your information to the Information Commissioner’s Office, to regulators or to the police or intelligence services where required or permitted by law.

I do not sell, rent or otherwise make personal information or contacts commercially available to any third party, except with your prior permission.

 

How I protect your personal information

I am committed to ensuring that your information is secure. I use a variety of physical, technical and organisational measures to help protect your personal information from unauthorised access, use, disclosure, alteration or destruction. Unfortunately the transmission of information via the internet is not completely secure and although I do my best to protect your data, I cannot absolutely guarantee its security.

I will monitor any emails sent to me, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

Complaints or queries

I try to meet the highest standards when collecting and using personal information. For this reason, I take any complaints we receive about this very seriously. I encourage people to bring it to my attention if they think that my collection or use of information is unfair, misleading or inappropriate. I would also welcome any suggestions for improving our procedures.

If you are not satisfied with the way I have handled your privacy concerns or want to make a formal complaint about the way we have processed your personal information, you can contact the Information Commissioner’s Office which is the statutory body which oversees data protection law – www.ico.org.uk/concerns.

Access to personal information

I try to be as open as I can be in terms of giving people access to their personal information. Individuals can find out if I hold any personal information by making a ‘subject access request’ under the Data Protection Act 1998. If I do hold information about you we will:

  • give you a description of it;
  • tell you why I am holding it;
  • tell you who it could be disclosed to; and
  • let you have a copy of the information.

To make a subject access request to me, you need to put the request in writing to the address provided below. I will respond to your subject access request within 30 days. Normally, I aim to provide a complete response, including a copy of your personal data within that time. In some cases, particularly if your request is complex, more time may be required up to a maximum of three months from the date I receive your subject access request. You will be kept fully informed of my progress. If I do hold information about you, you can ask me to correct any mistakes by contacting me again.

Links to other websites

This Privacy Policy does not cover any links within this site linking to other websites. I encourage you to read the privacy statements on the other websites you visit.

 

How do I use Cookies?

Cookies are small text files containing information that is stored on an internet user’s device when visiting a website. The information a cookie contains and its purpose is determined by the website operator and can be used by that web server every time you visit that site. Cookies are used to save time and make visiting websites more efficient. If you would like more information regarding what cookies are and what they do, more information is available at http://allaboutcookies.org.

My website may place and access certain first-party cookies on your computer or device. First-party cookies are those placed directly by me and are used only by me. I use cookies to facilitate and improve your experience of my website and to provide and improve my services. I have carefully chosen these cookies and have taken steps to ensure your privacy and personal data is protected and respected at all times.

By using my website, you may also receive certain third-party Cookies on your computer or device. Third-party Cookies are those placed by websites, services, and/or parties other than me. Third-party Cookies are used on my website for the purposes of our Google analytics tracking system. Website analytics refers to a set of tools used to collect and analyse anonymous usage information, enabling me to better understand how my Site is used. This, in turn, enables me to improve my Site and the services offered through it. These service providers are not permitted to use the information collected on my behalf except to help me conduct and improve our business. These Cookies are not integral to the functioning of Our Site and your use and experience of Our Site will not be impaired by refusing consent to them.

All cookies used by and on our website are used in accordance with the Privacy and Electronics Communications (EC Directive) Regulations 2003 (“Cookie Law”).

Before cookies are placed on your computer or device, you will be shown a pop-up requesting your consent to set those cookies. By giving your consent to the placing of cookies, you are enabling me to provide the best possible experience and service to you. You may, if you wish, refuse consent to the placing of cookies; however certain features of my website may not function fully or as intended without them.

Certain features of my website may depend on cookies to function. Cookie Law deems these cookies to be “strictly necessary”. Your consent will not be sought to place these cookies. You may still block these cookies by changing your internet browser settings, but please be aware that my website may not work properly if you do.

In addition to the controls that I provide, you can choose to enable or disable cookies in your internet browser. By default, most internet browsers accept cookies, but this can be changed. For further details, please consult the help menu in your internet browser or the documentation that came with your device.

You can choose to delete cookies on your computer or device at any time, however you may lose information that enables you to access our website more quickly and efficiently including any login or personalisation settings.

It is recommended that you keep your internet browser and operating system up-to-date and that you consult the help and guidance provided by the developer of your internet browser and manufacturer of your computer or device if you are unsure about adjusting your privacy settings.

Changes to this Privacy Policy

I keep my Privacy Policy under regular review. I may change it from time to time if, for example, the law changes or if I change our business in a way that affects personal data protection. This Privacy Policy was last updated on 06 August 2020.

How to contact me

If you want to request information about anything to do with your personal data and data protection, including to make a subject access request, you can email us or write to:

Andy Geogiou
73 Rutland Drive
Morden
SM4 5QD

Email: hello@andygeorgiou.com