about this policy
Digital Detox respects your privacy and is committed to protecting your personal data.
This Privacy Notice (“Notice”) describes how Digital Detox Limited collects and uses your Personal Data in accordance with the EU General Data Protection Regulation (“GDPR”). It tells you what Personal Data Digital Detox collects, why we need it, how we use it and what protections are in place to keep it secure.
This website is not intended for children and we do not knowingly collect data relating to children.
changes to this policy
- KEY TERMS
- DATA CONTROLLER
- DATA PROTECTION MANAGER
- HOW DOES DIGITAL DETOX OBTAIN YOUR PERSONAL DATA?
“Digital Detox”, “we”, “us” and “our” means Digital Detox Limited.
“Digital Detox Personnel” means Digital Detox’s prospective, present and past partners, employees, consultants and agency staff, and people connected to such persons.
“Personal Data” means information about individuals (including you), and from which such individuals could be identified.
“Technical Data” means internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
“You” means individuals whose Personal Data we process including, but not limited to Digital Detox clients, Digital Detox client personnel, suppliers, supplier personnel, job applicants and individuals to whom we send marketing communications.
Digital Detox is the Data Controller in relation to your Personal Data and is committed to protecting the privacy rights of individuals, including your rights. communications.
Digital Detox is not required under the GDPR to appoint a Data Protection Officer and instead we have appointed a Data Protection Manager (“DPM”) who is responsible for overseeing our compliance with the GDPR and any other applicable data protection legislation and regulation.
The DPM can be contacted at email@example.com.
In some circumstances, we may obtain your Personal Data from you directly but we may collect information from our suppliers, or recruitment agencies, information or service providers and publicly available records.
On our website we may obtain your personal data from:
- Direct Interactions: You may give us your Identity & Contact details by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
- Automated technologies or interaction: As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies.[We may also receive Technical Data about you if you visit other websites employing our cookies.]
apply for our products or services;
subscribe to our service or publications;
request marketing to be sent to you;
enter a survey;
apply for a job role; or
give us feedback or contact us.
You must ensure that you are entitled to disclose that information to us and that, without our taking any further steps, we may process that information in accordance with this Notice.
We collect and use different types of Personal Data about you, which will vary in type and detail depending on the circumstances and purpose of processing. Please consider the following illustrative and non-exhaustive examples:
- Personal Data about you: name, address, date of birth, marital status, nationality, race, gender, preferred language, job title, work life and restrictions and/or required accommodations, possibly about your family life;
- Personal Data to contact you at work or home: name, address, telephone, and email addresses;
- Personal Data which may identify you: photographs and video, passport and/or driving license details, electronic signatures; and
- Personal Data to process any payment we might need to make to you: bank account details, HMRC numbers and references (where applicable).
We may process your Personal Data for effective business management purposes which may involve the use of your Personal Data in the following (non-exhaustive) ways:
- to engage and contact suppliers;
- to advertise and market the services that we provide;
- for recruitment purposes;
- for regulatory and legislative compliance and related reporting.
Under the GDPR, Digital Detox must identify a lawful basis for processing your Personal Data which may vary according to the type of Personal Data processed and the individual to whom it relates.
- Performance of a contract with you (where applicable):
Digital Detox is entitled to process the Personal Data it requires in order to fulfil its obligations under its contract with you. This will be the relevant legal basis if you are an individual client or supplier/other individual with a direct contractual relationship with Digital Detox.
- Legitimate interests of Digital Detox:
Digital Detox may also process your Personal Data on the basis that it is necessary for its legitimate business interests in the effective management and running of Digital Detox which may include, but is not limited to: engaging suppliers and supplier personnel; ensuring that its systems and premises are secure and running efficiently; for regulatory and legislative compliance, and related auditing and reporting; for insurance purposes; for recruitment/hiring purposes; for marketing purposes; and to facilitate, make and receive payments.
Digital Detox does not consider that the processing of your Personal Data, on the basis that it is within Digital Detox’s legitimate interests (whatever such interests might be), is unwarranted because of any prejudicial effect on your rights and freedoms or your legitimate interests.
- Compliance with a legal obligation to which Digital Detox is subject:
In certain circumstances, Digital Detox must process your Personal Data in order to comply with its legal obligations. This might include, but is not limited to, Personal Data required: for tax and accounting purposes; and for Digital Detox to fulfil its compliance and other obligations under relevant legislation/regulation.
More information relating to legal bases for processing Personal Data can be found on the Information Commissioner’s website (see details below) or by contacting the DPM.
If Digital Detox processes your criminal records Personal Data or special category Personal Data relating to your racial or ethnic origin, political opinions, religious and philosophical beliefs, trade union membership, health data, biometric data or sexual orientation, we will obtain your explicit consent to those activities unless this is not required by law (because, for example, it is processed for the purpose of exercising or defending legal claims) or the information is required to protect your health in an emergency. Where we are processing Personal Data based on your consent, you have the right to withdraw that consent at any time.
We may use your contact details to send you marketing materials, provided we are permitted to do so by law. As a B2B service provider we do not need consent for direct marketing to businesses (unless a sole trader or partnership) but will ensure you always have the right to unsubscribe from any marketing. You can do so by contacting us at [firstname.lastname@example.org].
We may disclose your Personal Data to third-parties (outside of Digital Detox and Digital Detox Personnel) if, but only when, we have a legal basis to do. Such recipients include but are not limited to: Digital Detox’s insurance brokers and underwriters; Digital Detox’s legal advisors, Digital Detox’s bank, auditors and accountants; Digital Detox’s outsourced IT, HR and payroll providers and other suppliers; HMRC; the Home Office and Passport Services.
We have security arrangements in place to guard against unauthorised access, improper use, alteration, destruction or accidental loss of your Personal Data. We take appropriate organisational and technical security measures and have rules and procedures in place to ensure that any Personal Data we hold is not accessed by anyone unauthorised to access it. We have in place, and abide by, a specific information security policy about the security standards used to protect your Personal Data.
When we use third-party organisations to process your Personal Data on our behalf, they must also have appropriate security arrangements, must comply with our contractual requirements and instructions and must ensure compliance with the GDPR and any other relevant data protection legislation.
In accordance with this Notice and the provisions of the GDPR, we may transfer your Personal Data to organisations located in “third countries” (those outside of the EEA). In addition to the security arrangements mentioned above in relation to our engagement of third-party organisations, where such transfers are required we will ensure that your Personal Data is adequately protected, for example, by using a contract for the transfer which contains specific data protection provisions that have been adopted by the European Commission or a relevant data protection authority. If applicable, you can request a copy of these contracts from us.
It is our policy to retain your Personal Data for the length of time required for the specific purposes for which it is processed by Digital Detox and which are set out in this Notice. However, we may be obliged to keep your Personal Data for a longer period, for example, where required by our legal and regulatory obligations or in order to ensure we have effective back-up systems. In such cases, we will ensure that your Personal Data will continue to be treated in accordance with this Notice, restrict access to any archived Personal Data and ensure that all Personal Data is held securely and kept confidential.
The GDPR generally affords individuals a right to access their Personal Data, to object to the processing of their Personal Data, to rectify, to erase, to restrict and to port their Personal Data.
We have specific procedures in place in relation to Subject Access Requests (“SARs”) that you may be entitled to make. Put simply, a SAR is a request made by you which requires us to provide you with details of your Personal Data which we hold and process and a description of how we process it. Any questions or requests should be put in writing to the DPM.
There are exceptions to the rights of individuals in relation to their Personal Data and, particularly when we are processing your Personal Data for the purpose of providing legal advice to our clients, your rights may be limited. We will, at all times, respect your Personal Data and seek to be as transparent as possible but please be aware that, in some instances, we may be restricted from even acknowledging that we process your Personal Data.
If you are unhappy with the information provided in this Notice or have concerns about the way in which Digital Detox processes your Personal Data you may in the first instance contact the DPM, and if you remain dissatisfied then you may apply directly to the Information Commissioner for a decision. The Information Commissioner can be contacted at: -
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF www.ico.org.uk
We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.