Introduction Difrent is a data controller for the purposes of the UK Data Protection Act (DPA) 2018 and the EU General Data Protection Regulation (GDPR) and is registered as such with the Information Commissioner’s Office (ICO). Difrent is committed to protecting the privacy of our clients. This privacy notice is intended to set out the basis upon which any personal data or information we collect from you, or that you provide to us, may be collected and processed by (or on behalf of) Difrent. It applies to the use of our website, our professional services or during any communications with you.
How we collect your information Your personal information such as name, address, email address and phone number, or any other personal data which may reasonably identify you, may be collected by:
Sensitive information We will not collect sensitive (special category) personal information from visitors to our website, clients or our employees, except where necessitated by the terms of our engagement. ‘Sensitive personal information’ includes information about racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation.Any sensitive personal information collected as part of our lawful processing obligations will be protected using best practice information security controls.
How we use your personal information We will use your personal information solely for the purpose for which it was provided and share it with Difrent partners (personal data may be shared with a bank or finance provider), staff and consultants on a ‘need to know’ basis. We will not use your data for other purposes without your explicit consent.We use cloud-based applications and providers for information storage. Data is stored in the EU. We will only send data outside of the EU where an organisation employs data protection rules that are recognised as being equivalent. We only use suppliers who implement the same level of security controls (or stronger) as we do ourselves.We may use your personal information for the following purposes:
As described in this policy, personal information will be retained by us and will not be sold, transferred or otherwise disclosed to any third party, other than for the purpose of lawful processing. Personal information may be anonymised/pseudonymised for the purpose of research to inform our marketing and development strategies or where such disclosure is required by law or court order.If your personal information changes or you no longer wish to receive a particular communication from us, please let us know, and we will correct, update or remove your details. Updates and removals can be done by emailing email@example.com
Security In providing services to you, we may process personal data as a controller or on your behalf as a data processor. Where we act as processor on your behalf we will only process personal data for the purposes outlined above or otherwise in accordance with your instructions, and only keep it for as long as it is needed for that purpose.We use up-to-date data storage and security controls to protect your personal information from unauthorised access, improper use or disclosure, unauthorised modification or unlawful destruction or accidental loss. All our employees and any third parties we engage to process your personal information are obliged to respect the confidentiality of your information.
Disclosing personal information to third parties We may disclose your personal information to our agents or service providers, where there is a lawful basis, for any of the purposes set out in this policy.We will not sell your information to a third party. Cookies The following cookies are in use on our website:
We do not currently use any other cookies or other means of tracking your visits to our website. You can turn off cookies in your web browser’s settings.
Your rights Under the GDPR, you have rights as an individual which you can exercise in relation to the information we hold about you. For further information, please visit ico.org.uk. If at any time you wish to exercise your rights as a data subject in relation to information we hold about you as an individual, please contact us by email to firstname.lastname@example.org or by mail to the address below.
Complaints or queries Difrent tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage you to bring it to our attention if you think that our collection or use of your information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of Difrent’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.If you want to make a complaint about the way we have processed your personal information please do so by email to email@example.com. If you are not satisfied with the response we give you then you can contact the Information Commissioner’s Office (ico.org.uk), which is the statutory body which oversees data protection law in the UK.
Agreement to terms of Privacy Notice By using this website and/or providing your personal information to us, you consent to the collection, and use of your personal information by us set out in this privacy notice. If we change our privacy policies and procedures, we will post those changes on our website or otherwise notify you to keep you aware of what information we collect, how we use it and under what circumstances we may disclose it.
Further information To learn more about how we collect, use and maintain your personal information, please contact:
Data Protection Officer, Difrent Ltd Gainsborough House, 59-60 Thames Street, Windsor, SL4 1TX
Phone: 0207 6600773