Policy key definitions:
“I”, “our”, “us”, or “we” refer to the business, Visionise Ltd
“you”, “the user” refer to the person(s) using this website
GDPR means General Data Protection Act
PECR means Privacy & Electronic Communications Regulation
ICO means Information Commissioner’s Office
Cookies mean small files stored on a user’s computer or device
All data subjects whose data is processed by Visionise.
Fair Processing Notice
Data protection law says that we are allowed to use personal information only if we have proper reason to do so. This includes sharing it outside of Visionise.
These are the ways we may use your personal information and which of the reasons we rely on to do so:
What we use your personal information for
To manage our relationship with you and your business
To develop new ways to meet our customers’ needs and to grow our business
To develop and carry out marketing activities
To detect, investigate, report and seek to prevent financial crime
To manage risk for us and our customers
To obey laws and regulations that apply to us
To respond to complaints and seek to resolve them
Our legal duty
Our Legitimate interest
To save someone’s life or in a medical situation
To carry out a public function
Our legal duty
Our legitimate interests
Keeping our records up to date
Working out which advice would be relevant to you
Being efficient about how we fulfil our legal duties
Complying with regulations that apply to us
What is Personal Data?
Under the EU’s General Data Protection Regulation, Personal Data is defined as:
“any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
Special Categories of Personal Data
Certain data is classified under the Regulation as ”special categories”:
Data concerning a natural person’s sex life
Where we are asking you for sensitive personal data we will always tell you why and how the information will be used.
Why does Visionise need to collect and store Personal Data?
In order for us to provide you with services, we need to collect personal data for correspondence purposes and/or detailed service provision.
In any event, we are committed to ensuring that the information we collect, and use is appropriate for this purpose, and does not constitute an invasion of your privacy. We may pass your personal data on to Third Party service providers who are contracted to Visionise in the course of dealing with you.
Our contractors are obliged to keep your details securely and use them only to fulfil the service requested. Once your service need has been satisfied or the case has been closed, they will dispose of the details in line with our firm’s procedures. If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your consent, unless we are legally required to do so.
How Visionise uses your information
Visionise will process – that means collect, store and use – the information you provide in a manner that is compatible with the EU’s General Data Protection Regulation (GDPR).
We will endeavour to keep your information accurate and up to date and not keep it for longer than is necessary. We will keep your data for as long as you are a customer or staff member of Visionise.
After you stop being a customer or staff member of Visionise we reserve the right to keep your data for longer for one of the following reasons
To respond to any questions or complaints
To show that we have treated you fairly
For Legal reasons
Our aim is not to be intrusive, and we undertake not to ask irrelevant or unnecessary questions. Moreover, the information you provide will be subject to rigorous measures and procedures to minimise the risk of unauthorised access or disclosure.
Information about connected individuals
We may need to gather personal information about your close family members and dependents in order to provide our service to you effectively. In such cases it will be your responsibility to ensure that you have the consent of the people concerned to pass their information on to us. We’ll provide a copy of this privacy notice for them or, where appropriate, ask you to pass the privacy information to them.
How do we collect personal information?
Data you give to us:
When you talk to us on the phone, at our office or at external meetings
When we provide marketing advice
When you apply for products and services
When you use our website
In emails, letters and mobile devices
In financial reviews
If you take part in competitions
Data from third parties
Companies that introduce you to us
Fraud prevention agencies
Government and law enforcement agencies
Who we share your personal information with
HM Revenue & Customs, regulators and other authorities
Fraud prevention agencies
Any party linked to you or your business
Organisations that introduce you to us
Companies that we introduce to you
Companies you ask us to share your data with
Where is your information processed?
The majority of your information is processed in the UK and European Economic Area (EEA)
However, some of your information may be processed by us or third parties we work with outside of the EEA, including countries such as the United States.
Where your information is being processed outside of the EEA, we take additional steps to ensure that your information is protected to at least an equivalent level as would be applied by UK / EEA data privacy laws e.g. we put checks in place that they meet these obligations.
If you choose not to give personal information
We may need to collect personal information by law, or under the terms of a contract we have with you.
If you choose not to give us this personal information, it may delay or prevent us from meeting our obligations. It may also mean that we cannot advise on your accounts which could mean that we cancel our service you have with us.
Any data collection that is optional would be made clear at the point of collection.
We may use your personal information to tell you about news about Visionise or contact you about events.
You can ask us to stop sending you marketing messages by contacting us at any time.
How to get a copy of your personal information?
You have the right to request a copy of the information that we hold about you. If you’d like a copy of some or all of your personal information, please write to us at the below address or email email@example.com:
FAO Data Protection Squad
Visionise Ltd, Bedford, MK43 7HX
What if you want us to stop using your personal information?
You have the right to object to our use of your personal information, or to ask us to delete, remove, or stop using your personal information if there is no need for us to keep it. This is known as the right to object and right to erasure or the right to be forgotten.
There may be legal or other official reasons why we need to keep or use your data. But please tell us if you think that we should not be using it.
How to complain
Please let us know if you are unhappy with how we have used your personal information by contacting us.
You have the right to complain to the Information Commissioner’s Office.
Information collected is stored in the United States, and Google may transfer this information to third parties where required to do so by law or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.
If you dismiss the cookies warning bar that appears when you visit the site, we store a cookie that records that you have seen the warning. No personalised information is stored, and we do not track this information in any way. The cookie that is set is used merely to stop you seeing the warning repeatedly when browsing the site.
Two cookies are created automatically by systems used in our infrastructure. These hold no identifiable information and are used purely in the provisioning of the site.
The cookies used, and their lifespan are detailed below:
__utmc – google – session (will be deleted when you close your browser)
__utmb – google – 30 mins
__utmz – google – 6 months
__utma – google – 2 years
ADMINDYNSRV – server – session
DYNSRV – server – session
“cookiebar” – site – 24 hours
Email marketing messages & subscription
Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed in the “Processing of your personal data” above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third-party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences, you can also contact us at firstname.lastname@example.org and we would be happy to remove you from any lists.
Our EMS provider is Mailchimp. We hold the following information about you within our EMS system:
Email tracking – open rates, click rate, activity
Subscription time & date
Favourite email client
Favoured email format
Last time account was updated