Arcadia Consulting are committed to protecting and respecting your privacy.
This policy sets out the basis on which personal data we collect from you, that you provide to us, or that we obtain about you from other sources, will be processed by us. Please read the following to understand our views and practices regarding your personal data and how we will treat it. By visiting any of our websites, or by providing us with any information about yourself, you are accepting and agreeing to the practices described in this notice.
For the purpose of the General Data Protection Regulation (Regulation (EU) 2016/679, the “GDPR”) as amended or replaced from time to time (“Data Protection Law”), the data controller is Arcadia Consulting Limited, a company registered in England and Wales with company number 8271078 whose registered office is at 30 City Road, London, EC1Y 2AB United Kingdom.
1. Information we collect from you
We will collect and process the following data about you:
1.1. Information you give us.
This is information about you that you give us by filling in forms on our website(s) (“our sites“) or by corresponding with us by phone, e-mail or otherwise. It includes information you provide when you send us an email, call us, register for any purpose on our sites, give us your details at an event, submit an enquiry, request a call-back, use our products and/or services, make a complaint to us, report a problem with our sites or services, and when you apply for a role with us. The information you give us may include your name, address, e-mail address, phone number, work details, education details.
1.2. Information we collect about you.
With regard to each of your visits to our sites we will automatically collect the following information:
3. Purposes for which we process the information
We use information held about you in the following ways:
3.1. Information you give to us.
We will use this information:
3.2. Information we collect about you.
We will use this information:
4. Disclosure of your information
4.1. If you post a message or if you upload any other content to any of our sites, you agree that:
Such message or other content may be published on our website;
You will comply with the Arcadia Consulting Terms and Conditions
4.2. You agree that we have the right to share your personal information with:
For administrative purposes, any of our Arcadia group undertakings, as defined in s1161(5) of the UK Companies Act 2006, provided that they either:
4.3. Additionally, we may disclose your personal information to third parties:
5. Legal basis of processing
5.1. Data Protection Law requires us to meet at least one “legal ground” for processing, currently set out in Article 6 of the General Data Protection Regulation. The grounds applicable to the personal data to which this notice relates are:
If more than one of the above grounds apply to the processing of data in question, the applicable ground will be the one that is set out first above.
5.2. Special categories of personal data
If you provide us with any special categories of personal data (that is to say information as to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sex life or sexual orientation or genetic or biometric data) or personal data relating to criminal convictions and offences, it is a condition of us receiving that information that you expressly consent (and you hereby do) to us processing that personal data for the purposes set out in clause 3. Accordingly, if you do not want us to process any such categories of personal data, please do not provide it to us. (Alternatively, in an employment relationship, we may process such data to the extent necessary to give effect to our and your obligations and rights in relation to employment or for the assessment of working capacity.)
6. Where we store your personal data
The data that we collect from you will be stored on our servers or those of our service providers. It will not be transferred to, and stored at, a destination outside the European Economic Area (“EEA”) unless:
6.2. All information you provide to us is stored on our secure servers.
6.3. Unfortunately, the transmission of information via the internet is not secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our sites; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
7. Length of data storage
Our policy is to ensure that personal data is only stored for as long as is necessary for the purposes set out at section 3 above. This may vary according to the type of information and the specific applicable purpose(s). We will retain data only for so long as is necessary for the purposes for which we hold it – if you would like to know what that means in respect of your personal data, please contact us (see section 8 below). In determining how long we retain your information we take into consideration our legal obligations, good industry practice, the guidance of relevant UK authorities such as HM Revenue & Customs (HMRC), the Chartered Institute of Personnel and Development (CIPD), and also tax, accounting, health and safety, and employment rules.
8. Your rights
You have various rights under Data Protection Law. These include:
8.2. You can exercise any of the rights set out above, free of charge, by using any applicable methods set out in our communications with you, or by contacting us. In respect of certain of the rights referred to above, your right may be qualified by the GDPR (which we will discuss with you following your request) or we may need more information from you, which we will ask you for following your request. We may ask you to provide further information in order to confirm your identity. Please also note that if you submit unfounded or excessive (for example repetitive) requests to exercise any of these rights, we reserve the right to make a reasonable charge for providing the requested information or taking the requested action, or to decline your request.
8.3. You also have the right to lodge a complaint with the Information Commissioner’s Office (www.ico.org.uk) if you are concerned that we are not respecting your rights under Data Protection Law. The Information Commissioner’s Office is the authority in the UK which is responsible for overseeing the application of, and enforcing, Data Protection Law.
9. Accessing your data
You have the right to obtain confirmation as to whether we are processing (including holding) personal data about you; and if we are processing personal data about you, you are entitled to be provided with
Please see section 8.2 above as to how to exercise your rights under this section 9. Section 8.2 applies in full to the exercise of these rights.
If you wish for to make a complaint on any personal data being held, then this should be addressed to firstname.lastname@example.org. Upon receipt a thorough investigation will be made into the process and lines of communication in undertaking your complaint and about the personal data being held.