Data Protection and Privacy Policy

Capture Ltd provides website templates for Data & Privacy Policy and Terms & Conditions to be helpful to our clients when getting started with the system. We do not take responsibility for the contents of these templates or their adequacy, and stress that it is up to the client to create policies that are appropriate for their organisation.

 

This privacy policy explains how our organisation uses the personal data we collect from you.

  • What data do we collect?
  • How do we collect your data?
  • How we use your data
  • Communication
  • Who do we share your data with?
  • Automated Decision Making
  • Storage and Transfer
  • Data protection and retention
  • What are your rights?
  • How to contact us
  • How to contact the appropriate authority
  • Changes to our privacy policy

 What data do we collect?

 The type of personal data we collect and use varies depending upon whether you are visiting our website, registering for our newsletter, purchasing a product or a service, requesting support or providing data and /or content as a contributor. This includes the following:

 Personally Identifiable Data:

  • Identity Data such as first name, surname, gender, date of birth, company or organisation name.
  • Contact Data such as address, e-mail address, telephone number.
  • Technical Data such as internet protocol (IP) address, login data, browser, operating system information and location.
  • Financial Data such as customer payment card details, bank details, VAT number, information about payments to and from you and other details of services you have purchased from us.
  • and any other data that you might provide during the course of our relationship.

Special Category Data

Information relating to your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, criminal convictions, sex life or sexual orientation, or certain types of genetic or biometric data is known as ‘special category’ data.

Please note we do not seek to collect special categories of data from you.

 How do we collect your data?

In most cases, you directly provide your data to [Company Name].

We collect and process your data for the following lawful bases:

 

When You:Lawful Basis:
Visit our website and consent to cookies [cookie policy URL]Consent
Purchase any of our products or servicesContractual obligation
Request supportContractual obligation
Have outstanding invoices due for collectionLegitimate Interests
Receive operational communications about your account and/or servicesLegitimate Interests
Voluntarily complete a customer survey or provide feedback on any of our message boards or via emailLegitimate Interests
Download information such as eBooksLegitimate Interests
Register your interest or enquire about our products and servicesLegitimate Interests
Contact us through any platform, including but not limited to, social media sitesConsent
Provide data and/or content as a contributorContractual obligation>

 

 

We may also collect your data indirectly via, but not limited to, the following:

  • a third party for which [Company Name] are acting as a processor or sub-processor
  • official Government bodies such as HMRC, Court, Police.
  • analytics providers (such as Google),
  • providers of technical, payment and delivery services, and
  • by conducting searches of publicly-available databases or social media sites, such as Facebook, Twitter and LinkedIn
  • a trusted partner for marketing purposes, in these circumstances your express consent will be sought before sharing to [Company Name].

 

How we use your data

[Company Name] collects your data so that we can:

  • Process your request, enquiry or order, registration, content submission and manage your account.
  • Provide access to our system/use our products and services
  • Email you information about other products, services and resources, that we think you might like.
  • Personalise your browsing experience (please refer to the Cookie Policy for further information).
  • Perform our contractual obligations to you.
  • Communicate with you.

 

Communication

We will always keep you informed of essential information related to your account via operational communications.

If you no longer wish to receive marketing communications, please use the ‘Unsubscribe’ option in the email or contact us at [Company unsubscribe email address].

 

Who do we share your data with?

We may share your data with authorised third parties (processors), where the appropriate lawful bases apply and/or in order to fulfil our contract with you. This is typically:

  • Business partners, suppliers and sub-contractors to the extent we consider it reasonably necessary for us to perform our contract with you
  • Our outsourced IT services provider/s of wi-fi, IT and system administration services to our business
  • Analytics and search engine providers that assist us in the improvement and optimisation of our website
  • Law enforcement and Government agencies including HMRC and courts and tribunal services,
  • Credit reference and fraud prevention agencies

 

We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.

 

Only with your express consent will [Company Name] share your data with our partner companies so they may share and promote their products and services.

If, at any point, we need to use your data for any other reason than that originally provided, we will not do so until we have contacted you directly unless there is a legal reason not to.

 

Automated Decision Making

[Company Name] will not subject individuals to decisions based on automated processing except where:

  • It is necessary for entering into or the performance of a contract
  • It is authorised by law
  • The individual has given their explicit consent

 

Storage and Transfer of Data

All information you provide to us is stored on our secure servers in the United Kingdom, or on secure cloud-based services in a country within the European Economic Area.

[Company Name] will ensure that appropriate safeguards and lawful bases are applied for all transfers of data outside of the EEA.

 

Data Protection and Retention

[Company Name] make every reasonable effort to protect your data while it is entrusted to us, ensuring all third parties meet our high standards and datacentres hold current valid information security certification.

 

In the unfortunate event of a data breach which results in a high risk to the rights and freedom of an individual, we shall make every reasonable effort to notify the affected individual in line with UK data protection regulation.

 

In line with current data UK data protection regulation, we will only ever retain your data for as long as we need to, once this period has expired, your data will be securely deleted.

Please contact our compliance team if you would like a copy of our retention schedule.


What are your rights?

Your data protection rights are listed below in line with the UK Data Protection Act 2018:

The right to access – You have the right to be informed and request copies of your personal data.

The right to rectification – You have the right to request that [Company Name] correct any information you believe is inaccurate. If your personal data changes or is incorrect, please notify us and we will update it without undue delay.

The right to erasure – You have the right to request that [Company Name] erase your personal data, under certain qualifying conditions.

The right to restrict processing – You have the right to request that [Company Name] restrict the processing of your personal data if you believe the processing is incorrect, unlawful, in dispute or you need it retained for legal reasons.

The right to object to processing – You have the right to object to [Company Name] processing of your personal data.

The right to data portability – You have the right to request that [Company Name] transfer the data that we have collected to another organisation, or directly to you.


How to contact us

If you have any questions about [Company Name] privacy policy, the data we hold on you, or you would like to exercise your rights, please do not hesitate to contact us.

 

[Company compliance email address]

Or write to us at: [Company postal address]

 

Please note that we may need to conduct identity verification checks or, for third parties requesting access, evidence of authority, before sharing data or processing a subject request.

All subject requests will be processed and responded to within 30 days. In exceptional circumstances, we may request permission for additional time from the UK Supervisory Authority.

You will not have to pay a fee to exercise any of your rights. However, we may charge a reasonable fee or refuse to comply if your request is clearly unfounded, repetitive or excessive.

 

How to contact the appropriate authority

If you feel [Company Name] has not addressed a concern in a satisfactory manner or your data has been unlawfully processed, you have the right to complain to the UK Supervisory Authority, the Information Commissioner’s Office.

 

Changes to our privacy policy

We keep our privacy policy under regular review. This was last updated: February 2024

Loading...

Your download will start shortly, please do not navigate away from this page until the download prompt has appeared. Doing so may cause your download to be interrupted.