iDigital Marketing helps clients with digital sales and marketing tools and content, learning content and technologies as well as learning resources. We take our responsibilities under data protection seriously, including upholding the data subject’s right to transparency. This privacy notice contains information about what data we collect and store about you, how we use it, the legal basis for using it and how long we keep it. It also tells you who we share this information with, what we do to protect your data and how to get in touch with us.
Who We Are?
iDigital Marketing is a trading division of iDigital Marketing Limited (company number 07863287). We collect, use and are responsible for certain categories of your personal information. When we do this, we are the ‘controller’ of this information for the purposes of the General Data Protection Regulation (GDPR) and other applicable data protection laws, including the Data Protection Act 2018.
We also will process data given to us by our clients under their instruction in the course of providing services to them. When we do this, we are a data processor, which accounts for most of our processing activity.
Information collected by us
We may collect personal data about you as follows:
• Your name and contact details (including your address, email and phone numbers);
• Information about the business you work at and your role there;
• Information about your regulatory status such as any registration details held by you or your business;
• Information about partnerships and sole practitioner firm details including registration details, address, name and your position;
• Training records, development plans and test results (e.g. online learning test results);
• Company Identifier (employee number in some cases);
• Personal information that may be included in communications with us;
• Information you provide to us about your clients or matters;
• Details of goods and services that we provide to or receive from you, or that we are arranging to provide or receive from you.
• Payment information and financial information that relates to our relationship including bank details, bank account, credit card and payment information to process transactions with you/your company;
• Personal information given to us in relation to working at iDigital Marketing such as your CV, answers to any tests or assessments, education, training, employment history and information given in interview and meetings we may have with you.
You may also give us information that is classified as ‘special categories’ under GDPR however we do not routinely do this. We will explain this to you if we need to start processing this type of data, or if we are acting as a Data Processor then the Data Controller will explain this to you. More information about ‘special categories’ can be found here.
Information Collected From Other Sources
We may also collect the same categories of information from third parties such as:
• Your employer or authorised individuals in a business you work for or own;
• Public bodies such as Companies House;
• Recruitment companies and public CV publishing companies and websites;
• Information on public record, including professional networking sites;
• Suppliers of goods or services;
• Accountants and other professional advisers;
• Our clients.
Even if we have not had direct contact with you and are processing data given to us by a third party for a purpose and with a legal basis outlined below, the contents of this privacy notice will still be in effect. We look after all personal data in the same way, regardless of where it has come from and whether we are acting as a data controller or a data processor.
How We Use Your Personal Information
We use your personal information for the following purposes:
• To arrange the provision of software, training and consultancy services;
• To comply with our legal responsibilities to regulatory bodies;
• To promote and market the services of iDigital Marketing;
• To manage matters relating to our payroll and employment, including our legal responsibilities as an employer and our obligations to HMRC;
• To engage with individuals who want to work at iDigital Marketing;
• To engage with partners that supply us with good and services;
• Provide customer support and technical assistance, as required
• Respond to questions and concerns
• Respond to a request for a demonstration of our services
• Engage in certain transactions with you
• To manage any queries or complaints you have about the services you receive;
• To train and develop our staff at iDigital Marketing;
• To monitor the quality of service we deliver to you, and ensure it meets your expectations;
• To comply with legal obligations to act in the public interest and uphold the rule of law.
Legal Reasons We Collect And Use Your Personal Information
We have a legal basis for all the data we process. We rely on a different legal basis depending on the data we are processing and the reason we are processing it. We rely on the following legal basis in these circumstances:
In some cases you will give us consent to use your information in a certain way. If you have given us consent to use your data in a certain way, and we have no other legal basis for doing so, we will rely on your consent. The activities where we rely on your consent are:
• Sending you marketing information including offers and information about our services.
• Processing job applications. You can withdraw consent at any time however please be aware we will be unable to process your application if you do so.
• You always have the right to withdraw your consent at any time. If you wish to withdraw your consent then please contact us using any of the details below (‘Get in touch’).
We will rely on our legal obligations to process information for the following purposes:
• Complying with our responsibilities to regulators and under applicable legislation.
• Complying with our legal obligations as an employer.
• Complying with obligations to HMRC regarding records keeping of our financial activity, including information relating to transactions, billing and payments.
• Defending a legal claim or upholding the rule of law.
Use of Information Collected and/or Provided by Customers
• Our Customers use iDigital Marketing services to assemble and deliver online sales and marketing tools as well as training programs used by their employees, business affiliates & customers.
• iDigital Marketing does not control the content of these training programs or the types of information that our Customers may choose to collect or manage using our services. Such information belongs to the Customer and is used, disclosed, and protected by them.
• iDigital Marketing processes Customers’ information as they direct and in accordance, and we store it on our service providers’ servers, but we do not have control over its collection or management.
Performance of a Legal Contract
We will process information that relates to the services we are providing you with, or receiving from you, that are bound by our engagement with you. The areas where we are processing data to enter into, or fulfil a legal contract or order are:
• Delivering services to you under contract/order and keeping you updated with changes or information relating to those services.
• When we are processing information from you to arrange a contract between us, such as when you give us your details to enter into an agreement for services with us.
• Performance of any contract as a supplier or customer.
We may rely on a legitimate interest to process information. When we do this, we will have assessed our legitimate interest to consider the rights and freedoms of the data subject.
We rely on legitimate interest to train our staff so that they can provide an exceptional service to all of our clients. There may be scenarios relating to their engagement with you which we review with them as part of training and development.
We rely on legitimate interests in some cases to invite you to certain events such as webinars and seminars. Our legitimate interest is to provide information to our clients and contacts that will support their use of our services and that could be of benefit to them.
Who Will We Share Your Personal Information With?
We take client confidentiality very seriously and will not share any information entered into any of our software or platforms unless required to do so by law. Other information we process we may share with:
• Professional advisers, advisers and consultants that help us to manage iDigital Marketing and achieve our objectives as a business;
• Training agencies that help us to develop our staff and services;
• Our accountants and solicitors that are engaged by us to provide services required by law, such as filing financial information with HMRC;
• We may use data processors, such as software providers, in the course of running the business including CRM providers, email communication platforms, social media platforms and help desk management systems;
• We will use 3rd party hosting providers to provision and host our software and platforms;
• Storage and archiving providers to ensure your information is protected securely and backed up.
We expect any partners, suppliers or third parties we share data with to meet the requirements of GDPR.
We will share personal information with official bodies if required by law including the ICO, the police, law enforcement and intelligence agencies.
Transfer Of Your Information Outside The European Economic Area (EEA)
It may be necessary to transfer your personal information outside the EEA or to an international organisation in order to perform your instructions. We do not routinely transfer data outside of the EEA, and if we do we will notify you of the reasons. Clients can access our systems outside of the EEA by logging in through the cloud based portal. In these cases and when we are acting as a data processor, the means and purposes of processing (including transfer outside of the EEA) is decided entirely by our client.
How Long Will We Store Your Personal Data?
We will only keep your information for as long as necessary to complete the purposes we have described above. We use the following retention periods and review these periodically to make sure we are only keeping what we need (If information can be kept for two different periods, we will keep it for the longer of those two periods):
• Client information – We will keep information about you as our client for a period of 1 year after our contract with you ends unless we have another legal basis to process that information;
• Advice – We will keep any information relating to client advice we have given for a period of 7 years after the date of the advice, or for any limitation period plus 1 year, whichever is longer;
• System information – Any information you enter into our platforms will be kept for a maximum of 9 months after the contract ends. For most of this time, the information will be kept in secure encrypted backups that are deleted at the end of that period;
• Financial Transactions – Information about you and any financial transactions, including fees paid and payments for services, we will keep for a period of 7 years to comply with HMRC requirements to keep accurate records that can be audited;
• Contact information – Information used in marketing with your consent or to pursue a legitimate interest will be kept for 30 days once you have withdrawn your consent.
Under the GDPR, you have a number of important rights that you can exercise free of charge. In summary, these rights are:
• Transparency over how we use your personal data and fair processing of your information (which includes the right to be given the information in this notice)
• Access to your personal information and other supplementary information;
• Require us to correct any mistakes or complete missing information we hold on you;
• Require us to erase your personal information in certain circumstances;
• Receive a copy of the personal information you have provided to us or have this information be sent to a third party, this will be provided to you or the third party in a structured, commonly used and machine readable format;
• Object at any time to processing of your personal information for direct marketing;
• Object in certain other situations to the continued processing of your personal information;
• Restrict our processing of your personal information in certain circumstances;
• Request not to be subject to automated decision making which produce legal effects that concern you or affect you in a significantly similar way;
If you want more information about your rights under the GDPR please see the Guidance from the Information Commissioners Office on Individual’s rights under the GDPR.
If you want to exercise any of these rights, please contact us (see ‘get in touch’ for contact details) and let us know who you are and what right you want to exercise. We may need to ask for additional information regarding your identity, and we may also need some information from you on specific categories of data, types of processing activities or periods of processing activities that you wish to focus your request around.
We will respond to you no later than one month from when we receive your request.
How To Make A Complaint
If something does go wrong or you are in anyway unhappy with how we have treated your data then please do not hesitate to contact our MD, Terry Simmons ([email protected] or see below ‘get in touch’).
The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority. The UK supervisory authority is the Information Commissioner’s Office who can be contacted at https://ico.org.uk/concerns/.
iDigital Marketing, as an online training, content creation and software company, puts information security and confidentiality at the core of our business. We have implemented a number of measures to protect your information including:
• Training all of our staff on GDPR and information security;
• Third party security reviews;
• Policies and procedures that cover information security and data protection legislation;
• Security functions in systems such as IP locks, administration controls and logging;
• Encrypted backups taken periodically to make sure data is always available,
• Encryption on devices that hold data and ability to remote disable company devices;
• Password policies for any systems that hold data;
• Staff awareness and contractual confidentiality clauses.
We do not intend to process your personal information for any reason other than stated within this privacy notice. If this changes, we will update this privacy notice on our website.
Changes To This Privacy Notice
This privacy was published in May 2018. It is due for review no later than May 2019. We regularly review our internal privacy practices and may change this policy from time to time. When we do, we will inform you by updating our website.
Get In Touch
If you have any questions about this privacy notice or the information we hold about you, please contact us and let us know it is in relation to your data. We will make sure you speak to the right person:
By Post: iDigital Marketing Head Office, Warren Bruce Court, Warren Bruce Road, Trafford Park, Manchester, M17 1LB, UK
By Email: [email protected]
Phone: +44 (0)161 669 4418