Dunwell Data Protection provides a specialist data protection consultancy, advice and training service to organisations. We provide a variety of data protection services to help organisations with their data protection compliance.
Personal data collected
For us to provide our services to you we need to collect and use a small amount of personal data about you, or the individuals who work at your organisation. The personal data we need is:
We do not collect any of the special categories of personal data.
We do not provide our consultancy, advice or training service to children.
This information is gathered from you when:
What we use your personal data for and the legal basis we rely on
We use your personal data to provide you with our consultancy, advice and training services and for direct marketing.
The legal basis we rely on are:
Contractual obligation (GDPR Article 6(1)(b))
The consultancy, advice and training services we provide to you are done so under contract. We require certain information from you to enable us to fulfil our contractual obligation. If you are not able to provide all the information we need we may not be able to provide the service to you and the arrangement may be terminated.
Legitimate interests (GDPR Article 6(1)(f)
GDPR allows us to use legitimate interests for direct marketing purposes. We have undertaken a legitimate interest assessment, which balances our business purposes for the processing against your right to privacy. The outcome of the balancing test justifies our use of legitimate interests for this purpose. For clients who have either enquired about our services with a view to purchasing them, or are existing customers using our services, or are lapsed customers who have used our services, or have booked on one of our training sessions, it would not be an unreasonable expectation to receive information from us about our services.
This also complies with e-Privacy laws, currently the Privacy & Electronic Communication Regulations 2003, which governs how a business can undertake electronic direct marketing. We can rely on soft opt-in for “individual subscribers” for email marketing to prospective and existing customers. We do not need either consent or soft opt-in for “corporate subscribers”.
We always give you the opportunity to object to receiving marketing communications from us, when we first collect your personal data and with every marketing communication thereafter.
You can change your marketing preferences at any time by:
Who we will share your personal data with
As a rule, we do not share your personal data with third parties without obtaining your consent to do so. The exception to this is where:
We do not share, sell or rent your personal data to third parties for them to use for their own marketing purposes.
How we keep your personal data safe
We take the security of your personal data seriously and we have put in place the appropriate organisational and technical measures to safeguard your personal data. These measures include:
When we use third-party providers to process and/or store personal data we undertake relevant assessments of their business to establish their level of compliance with GDPR and only use those that provide sufficient guarantees to implement appropriate technical and organisational measures to safeguard personal data.
Our website and email host provider only store this data on UK based servers.
If you suspect your personal data has been lost or misused, please report it to us.
Transferring personal data outside of the UK and EU
We use back-up cloud server providers to store our information. These cloud server providers have UK and EU based servers. However, there may be occasions when the information needs to be stored on servers outside of the UK and EU. We therefore ensure that we have the appropriate safeguards in place and comply with the GDPR rules relating to the transfers of personal data to 3rd countries, which includes transferring your data:
Retention of information
When we have concluded the provision of our service to you we will keep your data for a period of 2 years before it is securely disposed.
Unless you are a sole trader or a partnership (in certain cases), it will be the individuals who work for your business that have various rights in relation to how we process their personal data. Individuals can:
We do not undertake any solely automated decision-making, including profiling.
Should you wish to exercise any of your rights please get in touch with us.
If you are not happy with how we have been processing your personal data or have not dealt with one of your rights correctly when you have asked us to you may lodge a complaint with the Information Commissioners Office (ICO). The ICO has several ways in which you can get in touch with them, including post, email, and online forms. To find out how click here.
Our Contact Details
You can contact us by:
In operating our website, we use a third party service, Google Analytics, to collect and process standard internet log information about your visits to our website and the resources that you access, including, but not limited to, traffic data, location data, weblogs and other communication data.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
We gather information about your general internet use by using a cookie file. Where used, these cookies are downloaded to your computer automatically. This cookie file is stored on the hard drive of your computer as cookies contain information that is transferred to your computer’s hard drive. Cookies help us to improve our website and the service that we provide to you.
We gather information regarding your computer whilst you visit our website. This information is non-identifiable statistical information which enables us to improve our services to you.
All computers have the ability to decline cookies. This can be done by activating the setting on your browser which enables you to decline the cookies. Please note that should you choose to decline cookies, you may be unable to access parts of our website.