processed by us and the purpose for our collection of it. Please read the following carefully to understand our practices regarding your Personal Data and how we treat it.
For the purpose of the General Data Protection Regulation (“GDPR”), which replaces the EU Data Protection Directive of 1995 and the Data Protection Act 1998, SLG Marketing Limited’s Data Protection Policy (“the Policy”) sets out the principles and legal conditions that the Company (“we”, “our”, “us”) will adhere to when obtaining, handling, processing, transporting or storing Personal Data in the course of our operations and activities, including customer, supplier, employee and other third-party data.
The Policy applies to all Personal Data we process regardless of the media on which that data is stored or whether it relates to past or present employees, workers, customers, clients or supplier contacts, website users or any other data subject.
The Policy Outlines:
Why SLG Marketing collect and process personal data and how we adhere to the principles relating to the processing of Personal Data set out in the GDPR.
How any data collected or provided by you will be processed lawfully, fairly and in a transparent manner.
On what lawful basis we will follow to process your data as set out in the GDPR.
Our commitment to ensuring that Personal Data will be kept accurate and stored only for the period which it is required to complete its purpose.
Our commitment that Personal Data will be securely stored and protected.
The rights Data Subjects have when it comes to how we handle their Personal Data.
Our accountabilities and responsibilities as a Data Controller.
Our principals for processing Personal Data:
As outlined in the GDPR and the Policy we will:
Process data lawfully, fairly and in a transparent manner – Lawfulness, Fairness and Transparency.
Collect only for specified, explicit and legitimate purposes (Purpose Limitation).
Collect only adequate, relevant and limited data proportionate to what is necessary for the purposes for which it is Processed (Data Minimisation).
Keep data accurate and where necessary update (Accuracy).
Not keep data in a form which permits identification of Data Subjects for longer than is necessary for the purposes for which the data is Processed (Storage Limitation).
Process data in a manner that ensures its security using appropriate technical and orginisational measures to protect against unauthorised or unlawful Processing and against accidental loss, destruction or damage (Security, Integrity and Confidentiality).
Not transfer to another country without appropriate safeguards being in place (Transfer Limitation).
Make data available to Data Subjects and Data Subjects allowed to exercise certain rights in relation to their Personal Data (Data Subject’s Rights and Requests).
Be responsible for and comply with the data protection principles listed above (Accountability).
What Personal Data do we collect and why do we collect it?
We may collect and process Personal Data about you including information you have
– Provided by filling in forms on our website
– Provided by filling in forms or handing us your details in any other way
– Communicated through email or other electronic means
– Communicated through certain calls to and from us, if further engagement is required
– Supplied in postal or hardcopy correspondence
– Provided us to allow customer or supplier transactions and business relationships
– Supplied to us to allow non-transactional business activity to be conducted
– Provided us as part of a job application or student placement application
– Supplied as part of consenting to opt into our marketing communications
– Offered as part of being an employee
We may also collect Personal Data and other information about you in other ways, for example:
– If you are a customer of one of our clients and we are undertaking a business activity that involves you, i.e. we are writing a press release or project story on a scheme you have
been involved with
– Indirectly, through one of our employees, your colleagues, a client or third party “see marketing policy for third party policies
– From publicly available sources, for example Companies House, Trade Media
– From financial parties, for example credit check providers
How we use your Personal Data
The way we process the Personal Data we collect, as set out above, varies depending on our relationship with you. In each case the purpose for which we request the information will be clear from the context in which it is acquired. These may include:
– Processing and fulfilling a business service or transaction
– Keeping a record of the business service, transaction or other related customer service support activity
– Administering customer and supplier records for transactional purposes
– Keeping records of your retainers, instructions, briefs, projects, queries, complaints and project details
– Keeping records of face to face appointments or telephone conference meetings and instructions
– Verifying your identity through credit checks
– Verifying your identity through an automated double opt-in process
– Communicating for business or service reasons by mobile (SMS), telephone, email or post (non-marketing communications)
– Communicating marketing messages to you, based on lawful consent as set out in the GDPR, by mobile (SMS), telephone, email or post.
– Communicating tailored marketing messages to you, based on lawful consent as set out in the GDPR, that are relevant to your role, marketing preferences and website behaviours
– upon receipt and engagement with automated email marketing (note your profile on automated decision making from an email is not identifiable to an individual) or direct through the post
– Keeping clear records of any withdrawn consent to receive marketing communication from us
– For market research
– Activity to meet our legal, regulatory and contractual obligations arising from our relationship with you
– To administer services provided through our websites
– By informing you of legal or contractual changes that may affect you
Disclosure of your Personal Data
We will only disclose your Personal Data to another person or organisation where we:
– Are compelled to share the information to provide a product or service you have requested
– Are obligated to send the information to persons or organisations who conduct legal services on our behalf
– Employ GDPR compliant external contractors to undertake market research or other marketing support on our behalf
Our legal basis for using your Personal Data
Our use of your Personal Data as outlined above is subject to different legal basis for processing, including where necessary for:
– Compliance with our legal and regulatory responsibilities
– The purpose of fulfilling any contract we enter into with you
– Carrying out a service or transaction
– To protect your vital interests
– Pursuing our legitimate interests for purposes where they are not overridden because the
processing prejudices the interests or fundamental rights and freedoms of Data Subjects.
In such cases these include:
- Communicating marketing messages to transactional customers
- Communicating marketing messages to customers we enter a contract with or supply or perform a service for
- Communicating with third-party service providers that are GDPR compliant and annually audited
- Communicating with recipients who have legally consented with a third-party to receive updates relating to their sector role. Such third-parties will be GDPR compliant and annually audited
– Or where you have given clear consent
We will only use your data for the purposes outlined above and will not store any of your data which is unrelated to our legal basis for processing it.
Withdrawing consent or your right to refuse:
Where we ask for your explicit consent to provide us with your data, you are free to refuse and withdraw your consent at any time by contacting us using the details set out below. If you refuse or withdraw your consent, we will require your email address only to ensure that we stop any automated marketing communications. This shall not affect the lawfulness of any processing that was based on your consent before you withdrew it. If you do not agree to provide your Personal Data to us we may not be able to provide you with the service you require.
Our principles of using your Data for marketing
Where processing your data for marketing purposes in compliance with GDPR, we will adhere to the following principles to ensure our commitment to protecting your data is clear:
– We will not sell your data to any third-party company
– If you opt into SLG’s marketing database, you will have the option to confirm how you would like to hear from us, for example through all mechanisms, or selectively via email, SMS telephone and/or mail.
– We will check our marketing database for acracy and compliance on an ongoing basis
– You can opt-out of our business you have consented to receive marketing updates from through a single request
– SLG will use a single, secure and trusted platform for all automated marketing communications
- Within this platform we will keep the email record of anyone opting out of marketing communications to ensure compliance on an on-going basis. This will not prevent you from opting-back in at any point
– All telephone marketing campaigns will be checked against the Telephone Preference Service (TPS) and Corporate Telephone Preference Service CTPS as well as our own suppression database before commencing
Personal Data we may collect to ensure our marketing communications are relevant to you:
– Job Title
– Company Name
– Company Type
– Work Address
– Work Telephone Number (unless you specify other)
– Work Mobile (unless you specify other)
– Work Email address (unless you specify other)
– Contact Preferences – email, direct mail, telephone etc
Storage and transfer of your Personal Data outside of the UK and EU
We will only transfer Personal Data outside of the UK and the EU (EEA) if one of the following conditions apply:
– The European Commission issues a decision confirming that the country to which we may wish to transfer your Personal Data ensures an adequate level of protection of your rights and freedoms as the Data Subject
– You have provided explicit consent to the proposed transfer after being informed of any potential risks; or
- Reasons of public interest, to establish, exercise or defend legal claims
- To protect your vital interests, if you were to be physically or legally incapable of giving consent and in some limited cases, for our legitimate interest
– Appropriate safeguards are in place such as binding corporate rules (BCR), standard contractual clauses approved by the European Commission or an approved Code of Conduct
Retention of your Personal Data
We will retain your personal information for as long as reasonably necessary for the purpose for which it was obtained and in accordance with our legal obligations. We will also ensure that we follow our data retention and destruction policy and processes thereafter.
Links to other websites
This notice only extends to our website, which is owned and operated by SLG Marketing Limited and does not therefore extend to your use of, provision of information to the collection of information on any website not connected to SLG Marketing Limited, which you may link to us by using the hypertext links within our website; or from other websites back-linking to our website.
Your personal information is protected under GDPR and you have several rights as listed below, which you can seek to implement. Please contact us in writing, by email or telephone using the details shown under the ‘Contacts and Complaints’ section below, if you wish to do so, or if you have any queries in relation to your rights. Please note these rights do not apply in all circumstances.
– Right of Access – subject to certain exceptions, you have the right of access to your Personal Data that we hold
– Right to Rectify – you have the right to rectify your personal information if you identify that the information we hold about you is inaccurate or incomplete, you have the right to have this information rectified
– Right to Withdraw – you have the right to withdraw consent and you may ask us to delete information we hold about you in certain circumstances (which would be done within the 30 days time limit). This right is not absolute, and it may not be possible for us to delete the information we hold about you, for example, if we have ongoing contractual relationship or are required to retain information to comply with our legal obligations
– Right to Restriction of Processing – i.e. for marketing purposes or automated profiling – in some cases you may have the right to have the processing of your personal information restricted. For example, where you contest the accuracy of your personal information, its use may be restricted until the accuracy is verified
– Right to Object to Processing – you may object to the processing of your personal information (including profiling) when it is based upon our legitimate interests. You may also object to the processing of your personal information for the purposes of direct marketing and for the purposes of analysis
– Right to Data Portability – you have the right to receive, move, copy or transfer your personal information to another controller when we are processing your personal information based on consent or on a contract and the processing is carried out by automated means
– Right to know How we Process Your Data – the right to be told how we process your data
– Right to Challenge – the ability to challenge the processing of your data
– Right to Request EEA Agreements – you can request a copy of our agreement under which Personal Data may be transferred outside of the EEA
– Right to Prevent Damage or Distress – the choice to stop data processing that is likely to cause damage or distress to the Data Subject or anyone else
– Right to be Notified of a Breach – we have an obligation and you have the right to be notified of a Personal Data Breach which is likely to result in high risk to your rights and freedoms
– Right to Make a Complaint – you can make a complaint to the supervisory authority and in limited circumstances, receive or ask for your Personal Data to be transferred to a third party in a structured, commonly used and machine-readable format
We may collect information about your device, including where available, your IP address, operating system and browser type, for system administration and to collect aggregate information for us to use to improve our website. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.
SLG Marketing Limited takes great care to ensure the security of our platforms, including websites and your personal information is kept secure and safe. Only authorized personnel have access to your information. We will keep your information secure by taking appropriate technical and organizational measures against unauthorised or unlawful processing, accidental loss, destruction and damage.
If you have any questions about how we treat your Personal Data and protect your privacy, or if you have any comments or wish to seek to exercise any of your rights as outlined above, to optout of receiving marketing communications from us or to complain about the use of your Personal Data, please contact us at:
SLG Marketing Limited
John Swift Building
19 Mason Street
Tel: +44 (0) 161 832 5574
Available during office hours which are Mon – Thur: 09.00 – 17.30 and Fri 09.00 – 17.00 (GMT)