Protecting any and all Personal Data collected or provided to us pursuant to our services and through this website (“directrnd.co.uk”) is very important to us. This Privacy Notice explains how we handle Personal Data with respect to the data protection laws of England and Wales and the EU General Data Protection Regulation. Any personal information you choose to share with us on the Website will be used, stored and processed in accordance with this Privacy Notice. If you do not agree with this Privacy Notice in relation to your use of the Website, please log off and clear your browser of any cookies which may have been placed in your browser by our site in the interim.
Who we are:
Company Name: KC ADVISORY LTD
Company Number: 11068194
A registered company in: England and Wales
With its registered address at: Union Suite The Union Building, 51 – 59 Rose Lane, Norwich, Norfolk, England, NR1 1BY
Referred to as “Direct R&D”
For the purposes of the Data Protection Act 1998, the General Data Protection Regulations and any other applicable data protection and privacy laws and regulations (“Data Protection Legislation”), Direct R&D will be the ‘data controller’ for all personal information that we determine the means and purpose of processing. We are registered with the Information Commissioners Office under registration number TBC By “Personal Data” we refer to information collected or held by Direct R&D, that identifies and relates to you as an individual.
Information we may collect
We may collect, process and store the following kinds of Personal Data, and we may also collect certain types of anonymous statistical data. Sometimes we may need to ask for your explicit consent to collect personal data and when this is required we will make that request clear. This might include the following:
personal information to enable us to provide our professional services to you. This will often include your name, address, email and preferred contact details. We may also need to collect information such as your national insurance number and UTR as well as financial details.
professional information is collected when you apply for a role within Direct R&D or become one of our employees. This includes your CV, job history, skills and experiences, qualifications, professional memberships, work place performance and other information we may need to service the terms of your employment contract such as absence records, medical or health information and next of kin details. We may also receive information about you from your employer if we are performing a role on their behalf such as bookkeeping or payroll.
technical information about the type of computer you are using and about your visits to, and use of, the Website. This is anonymous data such as your computer’s IP address, geographical location, browser type, referral source, length of visit and the number and type of pages viewed. This is anonymous statistical data and it cannot identify a specific person if or when it is collected;
information that you provide to us through the Website contact form, chat windows email, telephone or otherwise. This information may include your name, email address, telephone number and postal address;
any other information that you choose to send to us and for which you gave your consent for us to use.
What do we do with the information we collect?
We may use your Personal Data for a number of purposes including: Where we have your permission to do so, we may also use the information collected to:
provide you with information about our services that we offer via promotional communications; and
keep you up to date with features on the Website,
however, you can opt-out of any of these data uses at any time by firstname.lastname@example.org
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Legal basis of processing
We will only process your information for as long as we have a relevant legal basis to do so. This is usually in order to provide you with the contractual services you have requested from Direct R&D or if you have provided us with adequate consent to process your information for other purposes. We may use the legal basis of legitimate interests to process your information but this will always be after a careful consideration to ensure that the processing is balanced and reasonable. If we choose to process your information under the legal basis of legitimate interests, we will always inform you of our legitimate business interest and your right to object. We may also be required to process your personal information under a legal or regulatory obligation. We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us at email@example.com.
We have taken reasonable technical and procedural precautions to prevent the loss, misuse or inadvertent alteration of your personal data. We will store all the personal data you provide in secure servers or systems. However, we cannot guarantee the security of any data you choose to send to us over the internet and if you choose to send such information to us via the internet, you do so at your own risk. The Website does however use an SSL certificate to help ensure that any information sent to us through it, is more secure than it otherwise would be. If you look in the address bar of your browser, when visiting our site, you will see the letters https. The S stands for secure and means that information sent to us through our site is sent to us through an encrypted channel. We are committed to ensuring that your information is secure and we have procedures in place to try and prevent any unauthorised access or disclosures and to safeguard and keep secure the information that we collect online. All the Personal Data collected by us and stored electronically is held on a secure server in the EEA only. Where required, this information is encrypted for additional security. We use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files, and we authorise access to Personal Data only for those employees who require it to fulfil their job responsibilities.
Transfer of data outside of the EU
We shall not transfer any personal data to any country outside of the European Economic Area unless we ensure that such personal data is subject to an adequate level of protection and appropriate legal safeguards in accordance with Data Protection Legislation.
Sharing your information with others
We never sell your personal data to any third party. We only share your data with third parties where it is required to do so by law and or to deliver the information and or services you have requested from us. This would also only be done with respect to the applicable Data Protection Legislation. In addition to the disclosures reasonably necessary for the purposes identified elsewhere in this Privacy Notice, we may disclose information about you:
to carefully selected sub-processors to help us collect, store or manage your information. This will always be managed under the terms of a written data processing agreement;
to the extent that we are required to do so by the applicable Data Protection Legislation;
in connection with any legal proceedings or prospective legal proceedings;
in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk); and
to the purchaser (or prospective purchaser) of any business or asset which we are (or are contemplating) selling.
Access to your Personal Data
You have rights in relation to any Personal Data that we hold about you. If you wish to access your Personal Data you may make a formal subject access request by contacting Direct R&D. The information you request must relate to you or another person that you have authority to act on their behalf. Direct R&D will require a confirmation of your ID prior to providing any information about the data we hold. If you are unable to provide sufficient information to prove your ID, Direct R&D reserves the right to refuse your request for access to Personal Data. The rights you have in relation to the Personal Data we hold regarding you are:
the right to rectify any inaccuracies in the information we hold;
the right to erasure of information in specific circumstances;
the right to request transfer of your information to another controller; and
the right to object to processing in certain circumstances.
If you have provided us with consent to process your information, you always reserve the right to withdraw this consent via the method detailed in the paragraph below. We are committed to ensuring that your wishes are respected and upon notification that you wish to withdraw your consent, Direct R&D will immediately cease processing the information in question. Please send your request to Direct R&D by contacting us at firstname.lastname@example.org. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Changes to this Privacy Notice
We may change this Privacy Notice at any time to ensure it always accurately reflects the way we collect, use and safeguard your Personal Data. Please check this notice from time to time to ensure you are aware of any updates we may have made to our Personal Data handling practices. The date of the changes will be listed in the ‘Last updated’ section below. We will endeavour to notify all of our current clients of any updates to this notice via email and we will post the relevant announcement on the Website homepage. We recommend that you print a copy of this page for your reference.
We may also use anonymous cookie data for re-marketing purposes. This means, you may see our promotions and advertisements on other websites that you visit. You might also wish to visit the Information Commissioner’s website to find out more about cookies.
Linking to Third-Party Websites
Information regarding children
We do not intentionally market our services or collect information via this website from data subjects under the age of 13. We do not collect information regarding children for the provision of our services and will erase any data collected if informed by the parent or legal guardian of a child whose data we have erroneously collected.
How can you make a complaint?
Please note that if you are not satisfied with the processing of your personal data as set out in this Privacy Notice, please contact us at email@example.com. You have the right to issue a complaint directly with the Information Commissioners Office, the data protection supervisory authority for England and Wales (https://ico.org.uk/concerns/).
Please contact us at firstname.lastname@example.org if you have any questions, comments or requests regarding this Privacy Notice.