Privacy Policy

At Deontic Data, we are committed to protecting and respecting your privacy. This Privacy Notice explains when and why we collect personal information about people who visit our website or use our systems, what we collect, how we use it, the conditions under which we may disclose it to others and how we keep it secure. We may change this Privacy Notice from time to time so please check this page occasionally to ensure that you’re happy with any changes. By using our Website www.deonticdata.com, you are agreeing to this Privacy Notice. Any questions regarding this Privacy Notice and our privacy practices should be sent by email to info@deonticdata.com or in writing to our Data Protection Compliance Office at 1 The Mount, 76 Bedford Gardens, London, United Kingdom, W8 7EJ.

In this Privacy Notice, Data Protection Legislation means all applicable law relating to the processing of personal data including the Data Protection Act 1998 (“DPA”), the General Data Protection Regulation 2016/679 (“GDPR”), the Privacy and Electronic Communications (EC Directive) Regulations 2003 (“PECR”) and any statutory instrument, order rule or regulation made, as amended, extended, re-enacted or consolidated from time to time and any successor legislation to the GDPR, PECR and DPA. The terms “Personal Data”, “Sensitive Personal Data”, “Data Controller”, “Data Processor”, Data Subject and “process” (in the context of usage of Personal Data) shall have the meanings given to them in the applicable Data Protection Legislation.

Who are we?

Deontic Data Ltd is a company registered in England and Wales under company number 12601824 with principal office address at 1 The Mount, 76 Bedford Gardens, London, United Kingdom, W8 7EJ. Our business is to provide systems to support and enforce decisions around data usage, including systems implementation and development.

How do we collect information from you?

You can visit our Website without telling us who you are or giving us any personally identifiable information. We do not capture and store any Personal Data, except where You voluntarily choose to give Us Your personal details via email, by using an electronic form, or by registering with and using our Systems. We may collect Personal Data if you complete a survey that we have sent to you for research purposes – you are not obliged to complete such surveys. Any Personal Data that you provide to us will be used for providing you with the information or services you have requested from us.

What type of information is collected from you?

The Personal Data we collect might include your name, address, email address, your curriculum vitae, your profile information, IP address, and information regarding what pages are accessed and when. This includes information provided at the time of registering or subscribing to our Services, posting material or requesting further services from us. We may also ask you for information when you report a problem with our Website. We do not collect or store any Sensitive Personal Data about ethnicity, political opinion, religious or other beliefs, trade union membership, health, sexuality, criminal proceedings/convictions. It is important that the Personal Data that we store is relevant and up-to-date. To maintain it, we ask that you notify us of any changes to data that you have provided us with in the past, or if you become aware of anything inaccurate.

Our lawful basis of processing – legitimate interests

We may process Personal Data for a Legitimate Interest in order to provide you with the business service and products that you receive from us or with your express Consent (both as defined in applicable Data Protection Legislation). Our Legitimate Interests for the processing and retention of Personal Data includes:

  • Connecting potential candidates for employment opportunities with us
  • The delivery of services to you
  • Exercising and enforcing our rights after the conclusion of any contract we have had with you
  • Circumstances where it is appropriate as part of our business relationship (for example, keeping client contact details in order to file work produced for potential future reference)
  • Recording your request not to receive direct marketing

Our primary interest in processing Personal Data is the performance and administration of the services you ask us to provide for you, the proper tracking of requests made by you, the services we complete for you, prompt communication between us and the provision of support.

Our lawful basis of processing – consent

We will only request your explicit consent when we have deemed that it is the most appropriate lawful basis for processing your data. Where we do make requests for your consent, we will do so in such a way as to make the request prominent and kept separate from our terms and conditions. Once you have given consent, we will keep a record of when and how you gave consent, including exactly what you were told at the time. We regularly review consent to check that our relationship, the way we use your data and the reasons for using it have not changed. If there has been a change to any of these factors, we will contact you to inform you of any changes and request your consent. We may contact you to request renewal of your consent from time to time, if we feel this is appropriate. You can withdraw your consent at any time by contacting us at info@deonticdata.com We will always act upon requests to withdraw consent as soon as possible within our business hours.

How is your information used?

We use information held about you in the following ways:

  • To provide you with information or services that you request from us, or which we feel may interest you.
  • To allow you to participate in interactive features of our service, when you choose to do so.
  • To notify you about changes to our service.

We may analyse your Personal Data to create a profile of your interests and preferences so that we can contact you with information relevant to your job seeking. To ensure that content from our Website and/or Platforms is presented in the most effective manner for you and for your computer.

Non-personal Information Collected Automatically

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration.This is statistical data about our users’ browsing actions and patterns, and does not identify any individual. For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service. They enable us:

  • To estimate our audience size and usage pattern.
  • To store information about your preferences, and so allow us to customise our site according to your individual interests.
  • To recognise you when you return to our site.

You may refuse to accept cookies by activating the setting on your browser that allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our Website.

Security

We are committed to ensuring that Your Personal Data is secure and comply fully with all applicable Data Protection Legislation. In order to prevent unauthorised access, use or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. Our security technologies and procedures are regularly reviewed to ensure that they are up to date and effective. Security measure shall, amongst other things, include:

  • the pseudonymisation and encryption of personal data
  • the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services
  • the ability to restore the availability and access to personal data in a timely manner in the event of physical or technical incident
  • processes for regularly testing, assessing and evaluating the effectiveness of technical and organisations measures to ensure the security of the processing

Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your Personal Data we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

details of our IT security measures are available upon request.

Who has access to your information?

We do not pass any of your Personal Data to outside organizations and/or individuals, except those that assist us in providing the services to you and then only to the extent necessary. Other than as stated above, we will not disclose, sell, distribute or lease your Personal Data to third parties unless we have your permission or are required by law to do so.

We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.

Third Party Processing

Where Personal Data is processed by a third party on our behalf, we will have a contract in place to govern that relationship in accordance with Data Protection Legislation. We will remain responsible for the protection and safe processing of your data, even if we use a third party to help us process it. We will only give access to your Personal Data to a third party for them to support us in delivering our services to you (as under our Legitimate Interests, described above), or if we are required to by law.

Your rights

When reading this policy, it might be helpful to understand that your rights arising under Data Protection Legislation include:

  • The right to be informed of how your Personal Data is used (in part, through the notices found in this policy)
  • The right to access any Personal Data held about you
  • The right to rectify any inaccurate or incomplete Personal Data held about you
  • The right to erasure where it cannot be justified that the information held satisfies any of the criteria outlined in this policy, or where you have withdrawn consent
  • The right to prevent processing for direct marketing purposes, scientific/historical research or in any such way that is likely to cause substantial damage to you or another, including through profile building
  • The right to object to processing that results in decisions being made about you by automated processes and prevent those decisions being enacted

Our Data Protection Lead is Ben Whittam Smith. All queries, requests to exercise a right, or complaints regarding your Personal Data should be forwarded to them at info@deonticdata.com If you believe that Deontic Data has failed to comply with its duties under Data Protection Legislation you also have the option to lodge a complaint with the Information Commissioner’s Office by visiting https://ico.org.uk/concerns/ or calling 0303 123 1113. You can change your marketing preferences at any time by contacting us by email at info@deonticdata.com.

How you can access and update your information

We may revise these terms of use at any time by amending this page. You are expected to check this page from time to time to take notice of any changes we made. The accuracy of your information is important to us. Our service is provided through a dynamic Platforms which means that you can update your personal information and preferences at any time. You can also delete your account with us at any time. We would encourage you to log in frequently to update your information, so that we can provide the best service for you. You have the right to ask for a copy of the information We may hold about you. We may charge a reasonable fee for repeated information requests to cover our administrative costs in providing you with details of the information we hold about you. Some of the provisions contained in these terms of use may also be superseded by provisions or notices published elsewhere on our website.

Data Retention

We will keep data long enough as is necessary to fulfil any contract we may have with you, but also to meet our legal obligations. In retaining data we will strike a balance between:

Retaining data long enough to:

  • Undertake any remedial work for you
  • Provide any information required by a regulator, HMRC or other law enforcement agency
  • Defend any legal action which may be made against us

And not keeping data longer than the applicable Data Protection Legislation allows.

We have in place ongoing systems which destroy or delete data which is no longer required. Where possible we will put in place automatic systems to delete electronic data which is no longer required.

You have the right to request the erasure of your Personal Data where:

  • The original purpose for which it was collected has expired
  • You have withdrawn consent for its processing
  • Your data has been processed unlawfully
  • Erasure is required to comply with a legal obligation
  • It is not subject to any Legitimate Interests for continued processing as set out in this Privacy Policy.

Legitimate Interests will only be used as the foundation for our continued processing while the processing of your Personal Data does not pose a greater threat to you than the likely benefit to be gained. In this policy, we refer to the assessment we conduct to determine this as “Balancing”.

Where we are obliged, by law, to retain and/or process your data, we will not carry out a Balancing assessment and instead rely upon Art 6, Section 1C of the GDPR. Where required to retain data for legitimate audit and compliance interests we will anonymise any personal data that we retain. The anonymisation will not provide a route for personal data to be reconstituted. The data will be retained on a log to allow for analysis of services where required. If at a point in the future all data can be deleted it will be.

Links to other websites

Our Website may contain links to other websites run by other organisations. This Privacy Notice applies only to our Website and Systems‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our Website.In addition, if you linked to our Website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the Privacy Notice of that third party site.

16 or Under

We are concerned to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian’s permission beforehand whenever you provide us with Personal Data.

Transferring your information outside of Europe

Transferring your information outside of Europe As part of the services offered to you through our Website and Systems, the information which you provide to us may be transferred to countries outside the European Union (“EU”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the EU. These countries may not have similar data protection laws to the UK. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Privacy Notice. Such steps shall be in accordance with the applicable Data Protection Legislation.

Where transfer does occur outside the EEA we will ensure that:

  • There has been a European Community finding of adequacy pursuant to the GDPR in respect of that country or territory
  • The transfer is to the United States to an entity that conforms with the US Department of Commerce’s Privacy Shield principles
  • We put in place Model Contracts with the third party in accordance with the GDPR

If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services. Deontic Data will always act in accordance with Data Protection Legislation in the event that a Personal Data Breach occurs. If a Personal Data Breach is very small or has very limited effect, we may not notify you. All but the most trivial breaches will be notified to the Information Commissioner’s Office. Every breach will be followed by an investigation recording the details of that breach. These details, including our actions, will be held indefinitely and can be requested by you. If your personal data has been accessed in a Personal Data Breach that we believe represents material risk to you or to someone else, we will contact you without undue delay to provide you with details of the breach, including any specific information you might require in order to mitigate any harm to you. If you would like to find out more about Breach Notifications, please see our Breach Notification Policy, available by request from our Data Protection Compliance Manager at info@deonticdata.com

Review of this Privacy Notice

We keep this Privacy Notice under regular review. This Privacy Notice was last updated in August 2021.