Definitions and interpretation
Collectively all information that you submit to Keystone Compliance Ltd, via the website (contact us form), email and financial/transaction data. This definition incorporates, where applicable, the definitions provided in the Data Protection Laws;
Data Protection Laws
Any applicable law relating to the processing of personal Data, including but not limited to the GDPR, and any national implementing and supplementary laws, regulations and secondary legislation;
The UK General Data Protection Regulations;
Keystone Compliance Ltd, we or us
Keystone Compliance Ltd, a company incorporated in England and Wales with registered number 12810975 whose registered office address is at 23-27 Bolton Street, Chorley, Lancashire, PR7 AA;
User or you
Any third party that accesses and completes the “Contact us” form on the website and is not either (i) employed by Keystone Compliance Ltd and acting in the course of their employment or (ii) engaged as a consultant or otherwise providing services to Keystone Compliance Ltd and accessing the website in connection with the provision of such services; and
The website that you have used or are currently using. www.keystonecompliance.co.uk and ay sub-domains of this site unless expressly excluded by their own terms and conditions
For purposes of the applicable Data Protection Laws, Keystone Compliance Ltd is the “data controller”. This means that Keystone Compliance Ltd determines the purposes for which, and the manner in which, your data is processed.
What We may collect
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
- Identity Data includes first name, last name, username or similar identifier. When you email, phone or otherwise, we may collect information such as your first name, last name, email address and phone number.
- Contact Data includes billing address, invoicing address, email address and telephone numbers.
- Financial Data includes bank account and payment card details.
- Transaction Data includes details about payments and other details of our Services you have purchased from us.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this Website.
- Reviews, feedback and survey responses
- Usage Data includes information about how you use our Website and Services.
- Marketing and Communications Data includes your preferences in receiving marketing from us and your communication preferences.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. Nor do we collect any information about criminal convictions and offences.
How we collect data
We collect Data in the following ways:
(i) Data that is given to us directly by you; and
(ii) Data that is collected automatically
Data that is given to us directly by you includes:
(i) When you contact us through the website, by telephone, email, post or through any other means
(ii) When you use our services;
We may automatically collect some information about your visit to the website. This information helps us to make improvements to our website content and navigation. This information includes:
(i) Your IP address
(ii) The Date, times and frequency with which you access the website; and
(iii) The way you use and interact with its content
How we use data
We may use the information in the following ways:
a) To personalise your website experience and to allow us to deliver the type of content and product offerings in which you are most interested.
b) To administer a contest, promotion, survey or other site feature.
c) If you have consented to receive our e-mail newsletter or updates, we may send you periodic e-mails. If you would no longer like to receive promotional e-mail from us, please refer to the “How can you opt-out, remove or modify information you have provided to us?” section below.
If you have not opted-in to receive e-mail newsletters, bulletins or updates, you will not receive these e-mails. Visitors who register or participate in other site features such as marketing programs and “members-only” content will be given a choice whether they would like to be on our e-mail list and receive e-mail communications from us.
d) Present Website content effectively to you.
e) Provide information, and services that you request, or (with your consent) which we think may interest you.
f) Carry out our contracts with you.
g) Provide the relevant Services to you
h) Tell you our charges.
If you are already our customer, we will only contact you electronically about things similar to what was previously sold to you.
If you are a new customer, you will only be contacted if you agree to it.
We may keep a record of those links which are used the most to enable us to provide the most helpful information but we agree to keep such information confidential and you will not be identified from this information.
In addition, if you don’t want us to use your personal data for any of the other reasons set out in this section, you can let us know at any time by contacting us at firstname.lastname@example.org and we will delete your data from our systems. However, you acknowledge this will limit our ability to provide the best possible services to you.
In some cases, the collection of personal data may be a statutory or contractual requirement, and we will be limited in the services we can provide you if you don’t provide your personal data in these cases.
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
Where we need to perform the contract we are about to enter into or have entered into with you.
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
c) Where we need to comply with a legal or regulatory obligation, for example compliance with health and safety or other statutory obligations.
Who we share data with
We may share your data with the following groups of people for the following reasons:
- Our employees, associates and/or professional advisors – to obtain advice (including specialist advice) from professionals / specialists which may be involved in the services being provided
Keeping Data Secure
We will use technical and organisational measures to safeguard your Data, for example:
(i) Access to your records is controlled by username and password
(ii) Data is stored on secure servers/networks which have additional cyber security protection
(iii) Website has SSL Certificate enabling an encrypted connection
Keystone Compliance have additional cyber security insurance cover which will assist in any suspected or realised data breach. If you suspect any misuse or unauthorised access to your Data, please let us know immediately by contacting us at email@example.com.
We will keep personal data for as long as is necessary which is usually the life of our relationship and up to a period of seven years after our relationship has ended. We may however be required to retain personal data for a longer period of time to ensure we comply with our legislative and regulatory requirements. We review our data retention obligations to ensure we are not retaining data for longer than we are legally obliged to.
You have the following rights in relation to your Data:
(a) Right to access – the right to request (i) copies of the information we hold about you at any time, or (ii) that we modify, update or delete such information. If we provide you with access to the information we hold about you, we will not charge for this, unless your request is “manifestly unfounded or excessive”. Where we are legally permitted to do so, we may refuse your request. If we refuse your request, we will tell you the reasons why.
(b) Right to correct – the right to have your Data rectified if it is inaccurate or incomplete.
(c) Right to erase – the right to request that we delete or remove your Data from our systems.
(d) Right to restrict our use of your Data – the right to “block” us from using your Data or limit the way in which we use it
(e) Right to Data portability – the right to request that we move, copy or transfer your Data
(f) Right to object- the right to object to out use of your Data including where we use it for legitimate interests.
To make enquiries, exercise any of your rights set out above, or withdraw your consent to the processing of your data (where consent is our legal basis for processing your Data), please contact use via email at firstname.lastname@example.org.
If you are not satisfied with the way a complaint you make in relation to your Data is handled by us, you may be able to refer your complaint to the relevant data protection authority. For the UK, this is the Information Commissioners Office (ICO). The ICO contact details can be found on their website at https://ico.org.uk
It is important that the Data we hold about you is accurate and current. Please keep us informed if your Data changes during the period for which we hold it.
Links to other websites
Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.
This Agreement will be governed by an interpreted according to the law of England and Wales. All disputes arising under the Agreement will be subject to the exclusive jurisdiction of the English and Welsh courts.