Cyangold Limited Privacy Policy

1. The legal bit

Cyangold Limited is a company registered in England and Wales, company number 04633615. Our registered address is: The Circle, 33 Rockingham Lane, Sheffield S1 4FW. Cyangold Limited is hereafter referred to as "we", "us", "our" and "ours". We provide a range of business services, including website design and build, marketing and administrative services, business improvement and consultancy services.

We only collect and use the personal data about you that we need to provide you with our services. We do this in accordance with the General Data Protection Regulation (GDPR), the new Data Protection Act (DPA) 2018 and any other applicable laws and regulations (hereafter referred to as 'Data Protection Legislation') that we need to in order to process your data legally and securely.

For the purposes of legal compliance with said Data Protection Legislation, we are the 'data controller'. This means that we're responsible for deciding how we collect, hold and use personal data about you, and that we're required to notify you of the information contained in this privacy policy.

This policy affects your legal rights and obligations so please read it carefully to understand our practices regarding the collection and storage of your personal data and how we will treat it. If you have any questions, please contact us by emailing: services@cyangold.co.uk.

2. How we collect your personal data

When you request information or services from us, we need to know your name, email address, mailing address, telephone number and business name (where appropriate). We may also need to collect information about your business and/or project in order to provide you with a quote and any services you ask us to provide. This information allows us to respond to any enquiries, to process and fulfil your order and to notify you of your order status.

3. Information we may hold about you

  • your personal details (such as your name, address, telephone number, email address and, where relevant, your company information)
  • information about your business and/or project
  • details of contact we have had with you in relation to the provision, or the proposed provision, of our services
  • details of any services you have received from us
  • our correspondence and communications with you

You don't need to provide us with any personal data to view our website. However, we still collect a small amount of anonymised information as set out in the 'Cookies' section of this policy.

As we ask our clients to pay via BACS, we don't generally collect or store any payment information, unless you've requested to pay by another means, in which case we'll discuss this with you.

4. Cookies

We use Google Analytics to monitor how our website is being used. Google Analytics uses cookies to collect information anonymously and generates reports detailing information such as the number of visits, where visitors generally come from, how long they stay on each page, and which pages they visit.

A cookie is a small text file containing a unique identification number that is placed on your device when you visit a website or application. Your web browser (such as Google Chrome, Internet Explorer or Mozilla Firefox) then sends these cookies back to the website on each subsequent visit so that they can remember things like preferences.

Google Analytics cookies do not collect any personal data. They only collect and store information about your device and your activities. This information could include (a) your computer or other device's unique ID number; (b) technical information about your device such as type of device, web browser or operating system; (c) your preferences and settings such as time zone and language; and (d) statistical data about your browsing actions and patterns. We collect and use this information on an anonymous basis to improve our website and the services we provide, and for analytical and research purposes.

If you do not agree to this you can disable persistent cookies in your browser. This will prevent Google Analytics from logging your visits.

5. How we use your personal data

We'll only use your personal data lawfully to provide our services and respond to enquiries/feedback. Generally we'll use contractual obligation rather than consent as a legal basis for processing your personal data.

We'll use your personal data to:

  • provide you with the information about our services that you've requested from us, or which we feel may interest you
  • carry out our obligations in relation to any agreements entered into for the provision of our services
  • notify you about any changes to our services
  • respond to any feedback you have provided about our business or services

In some circumstances we may anonymise or pseudonymise your personal data so that it can no longer be associated with you, in which case we may use it without further notice to you. If you refuse to provide us with certain information when requested, we may not be able to perform the contract we have entered into with you or we may be unable to comply with our legal or regulatory obligations.

We may also process your personal data without your knowledge or consent, in accordance with this notice, where we are legally required or permitted to do so.

Most commonly, we'll use your personal data in the following circumstances:

  • where we need to perform the contract we are about to enter into or have entered into with you e.g. to provide you with a new website or consultancy services
  • to respond to an enquiry or complaint you have made about our company or services
  • where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
  • where we need to comply with a legal or regulatory obligation, including for audit purposes

6. How long we retain your personal data

We'll only keep your personal data for as long as is necessary to fulfil the purposes for which it was collected. When assessing what retention period is appropriate for your personal data, we take into consideration:

  • the requirements of our business and the services provided
  • any statutory or legal obligations
  • the purposes for which we originally collected the personal data
  • the lawful grounds on which we based our processing
  • the types of personal data we have collected
  • the amount and categories of your personal data
  • whether the purpose of the processing could reasonably be fulfilled by other means

7. How and why we might share your data

We may share your personal data with any service providers, sub-contractors and agents that we may appoint to perform functions on our behalf and in accordance with our instructions, including email communication providers, IT service providers, accountants, auditors and lawyers.

Under certain circumstances we may have to disclose your personal data under applicable laws and/or regulations, for example, as part of anti-money laundering processes or protect a third party's rights, property, or safety.

We may also share your personal data in connection with, or during negotiations of, any merger, sale of assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company.

8. How we keep your data safe and secure

We'll process your personal data in a manner that ensures appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

Where we've given you, or you have chosen, a password (for example to login to your website content management platform), you are responsible for keeping this password confidential.

We've put in place reasonable and appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to employees, suppliers and/or contractors who have a business need to know.

They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

9. Your duty to inform us of changes and keep your data up to date

All personal data that you provide to us must be true, complete and accurate. If you provide us with inaccurate or false data, and we suspect or identify fraud, we'll record this.

It's important that the personal data we hold about you is accurate and current. Should your personal information change, please notify us of these changes by emailing: services@cyangold.co.uk.

10. Your rights regarding your personal data

Under certain circumstances, by law you have the right to:

  • request access to your personal data; this enables you to receive details of the personal data we hold about you and to check that we are processing it lawfully
  • request correction of the personal data that we hold about you
  • request erasure of your personal data; you may ask us to delete or remove personal data where there is no good reason for us continuing to process it, plus you have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing

Please note, we reserve the right to charge an administrative fee if your request is manifestly unfounded or excessive.

11. Your right to withdraw consent

In the limited circumstances where you've provided your consent to the collection, processing and transfer of your personal data for a specific purpose (outside of any contractual obligation), you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please email us at: services@cyangold.co.uk.

Once we've received notification that you've withdrawn your consent, we'll no longer process your personal data for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law (in which case we will notify you of this).

12. General

If any provision of this policy is held by a court of competent jurisdiction to be invalid or unenforceable, then such provision shall be construed, as nearly as possible, to reflect the intentions of the parties and all other provisions shall remain in full force and effect.

This policy shall be governed by and construed in accordance with the law of England and Wales, and you agree to submit to the exclusive jurisdiction of the English Courts.

13. Changes to this notice

We may update or change the terms of this policy from time to time by posting a new version on our website. You're responsible for regularly reviewing this policy so that you're aware of any changes to it. If you continue to use our website after the date we state any changes will take effect, you will have accepted the changes.

This privacy notice was last updated on 19 June 2018.

14. Enquiries and complaints

If you have any queries or concerns with regard to our data protection and privacy policy, please email us at: services@cyangold.co.uk.

If you have any complaints in relation to this policy or otherwise in relation to our processing of your personal data, you should contact the UK supervisory authority: the Information Commissioner, see www.ico.org.uk.