Bronzeleaf Group Ltd - Data Protection Policy

 

1. Introduction At Bronzeleaf Group Ltd, we are committed to ensuring the privacy and protection of personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy sets out how we collect, store, and process personal data from our clients, website visitors, and other contacts during site visits, in a manner that is secure, transparent, and respectful of individual privacy rights.

2. Scope This policy applies to all personal data processed by Bronzeleaf Group Ltd, including data collected via:

  • Our website (e.g., contact forms, enquiries)
  • Client contacts (e.g., during site visits, email, phone communications)
  • Any other direct or indirect interactions with our company

This policy covers employees, contractors, and third parties who handle personal data on behalf of Bronzeleaf Group Ltd.

3. Key Definitions

  • Personal Data: Any information that can identify an individual, such as names, email addresses, phone numbers, or IP addresses.
  • Processing: Any operation performed on personal data, such as collection, recording, storage, use, or deletion.
  • Data Subject: The individual whose personal data is being processed.
  • Data Controller: The organisation (Bronzeleaf Group Ltd) that determines the purposes and means of processing personal data.

4. Data Collection Bronzeleaf Group Ltd collects personal data through various channels, including:

  • Website: When visitors submit enquiries, sign up for newsletters, or fill out contact forms, we collect names, email addresses, phone numbers, and other information voluntarily provided.
  • Client Interactions: During site visits, consultations, or other interactions, we may collect personal details (such as contact information) to deliver our services effectively.
  • Cookies: Our website uses cookies to track user activity and enhance the website experience. Users will be informed of cookie use and provided with options to manage their preferences.

5. Purpose of Data Processing We collect and process personal data for the following purposes:

  • Responding to enquiries and providing client support
  • Facilitating site visits and consultations
  • Sending relevant communications (e.g., newsletters, updates) when consent has been provided
  • Complying with legal and regulatory obligations
  • Improving our website and services based on user interactions

6. Legal Basis for Processing In accordance with the UK GDPR, Bronzeleaf Group Ltd processes personal data on the following legal bases:

  • Consent: Where individuals have provided clear consent for us to process their data (e.g., signing up for newsletters).
  • Contractual Obligation: Where data processing is necessary to fulfil a contract (e.g., when providing services to a client).
  • Legal Obligation: Where data processing is required to comply with legal obligations.
  • Legitimate Interests: Where processing is necessary for our legitimate interests (e.g., improving our services), and these interests do not override individual rights.

7. Data Retention We will retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Personal data collected via the website and client interactions will be reviewed periodically and securely deleted when no longer needed.

8. Data Security Bronzeleaf Group Ltd takes appropriate measures to ensure the security of personal data. This includes:

  • Using encryption and secure storage methods to protect data.
  • Limiting access to personal data to authorised personnel only.
  • Implementing technical measures such as firewalls, anti-virus software, and password protection.
  • Regularly reviewing and updating security practices to address new threats.

9. Data Sharing We will not share personal data with third parties unless:

  • It is necessary to provide the services requested (e.g., sharing data with contractors during site visits).
  • We are required to do so by law or regulatory authorities.
  • The data subject has given their consent to the sharing of their information.

When sharing data with third-party service providers, we ensure that they adhere to strict data protection standards and have appropriate safeguards in place.

10. Data Subject Rights Under the UK GDPR, individuals have the following rights regarding their personal data:

  • Right to Access: Individuals can request access to the personal data we hold about them.
  • Right to Rectification: Individuals can request corrections to inaccurate or incomplete personal data.
  • Right to Erasure: Individuals can request that we delete their personal data, subject to certain conditions.
  • Right to Restrict Processing: Individuals can request that we limit the processing of their personal data under specific circumstances.
  • Right to Data Portability: Individuals can request the transfer of their personal data to another organisation.
  • Right to Object: Individuals can object to the processing of their personal data if they believe it is not justified.

Requests related to these rights should be submitted to our Data Protection Officer (DPO) at [email address].

11. Data Breaches In the event of a personal data breach, Bronzeleaf Group Ltd will take immediate action to mitigate the breach and notify the relevant authorities (the Information Commissioner’s Office, or ICO) within 72 hours, if necessary. Affected individuals will be informed if the breach is likely to result in a high risk to their rights and freedoms.

12. Policy Review and Monitoring This policy will be reviewed and updated annually or whenever there are significant changes to our data processing activities or relevant regulations. We will ensure that all employees are made aware of any changes and trained accordingly.


Contact Information:

For further information or to discuss any aspects of this policy, please contact:

Director: Sebastian Robinson

Email: seb@bronzeleaf.co.uk

Phone: 07903 648288

 

× Got a question, WhatsApp us!