We respect the privacy rights of individuals and are committed to handling personal data responsibly and in accordance with applicable law. This notice sets out the personal information that we collect and process as a data controller and/or a data processor, the purposes of the processing and the rights connected with it.
If you have any comments or questions about this notice, please contact us (details included within this notice).
WHAT IS A DATA CONTROLLER?
For general data protection regulation purposes, the “data controller” means the person or organisation who decides the purposes for which and the way in which any personal data is processed.
The data controller is:
WHAT IS A DATA PROCESSOR?
A “data processor” is a person or organisation which processes personal data for the controller.
iSB Group may act as data processors in the following situations:
- To provide you with the services or information you have requested from us
- To update you about any changes to our services or products
- To display your profile or content on the website (if consented)
- To maintain our organisational records and ensure we have your most up-to-date marketing preferences set in our CRM.
- To help us improve our service offering, campaigns or information being displayed
- To invite you to participate in interactive features on our website
- To analyse and improve the operation of our website
- To analyse your website behaviour
- To invite you to participate in voluntary surveys or market research
- To tailor advertising that is presented to you on the Internet according to your interests, preferences and profile
- To contact you where you have been identified as a key contact for an organisation (if we obtain your contact details in this way, we will only use them to contact you in the ways in which you have agreed to be contacted)
- To deliver services or carry out transactions that you have requested
WHAT IS PERSONAL DATA AND WHAT DATA MIGHT WE STORE OR COLLECT?
Personal data relates to any information about a natural person that makes you identifiable. The personal data we may collect or store includes the following:
- Identification data – such as name, gender, employee number, garment sizing.
- Contact details – such as business address, telephone numbers, email addresses.
- Employment details – such as job title/position, employee number.
We do not collect or process any sensitive personal data relating to our clients, or our clients’ employees.
WHY DO WE COLLECT DATA?
iSB Group, as a Data Controller and/or a Data Processor, is bound by the requirements of the General Data Protection Regulations (GDPR).
You agree that we are entitled to obtain, use and process the information you provide to us to enable us to deliver our services.
We collect information about you when you fill in any of the forms on our website. Website usage information is collected using cookies (please see section below).
When submitting forms on our website we may use a third-party software provider for automated data collection and processing purposes, they will not use your data for any other purposes and will only hold the data in line with our policies.
HOW WILL WE USE THE INFORMATION ABOUT YOU AND WHY?
iSB Group take your privacy seriously and will only use your personal information to provide the services you have requested from us and as we have identified above. We will only use this information subject to your instructions, data protection law and our duty of confidentiality.
We will normally collect personal data from you only where we have your consent to do so, where we need the personal information to perform a contract with you, your business or your employer (i.e. provision of services), or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. Further information on this is set out below.
Contractual purposes– We use this personal information when it is necessary for the provision of our services, in line with the purposes agreed upon between us and our customer. This also includes steps taken at your request before entering into a contract, for example carrying out product trials.
Legitimate interests– We may also collect and use personal information when it is necessary for other legitimate purposes (if we have a genuine reason and we are not harming any of your rights and interests), such as to help us conduct our business more effectively and efficiently.
We have policies and controls in place designed to prevent your data being lost, accidentally destroyed, misused or disclosed, or being accessed without authorisation and only being accessed or used for specific legal purposes.
WHO WE SHARE PERSONAL INFORMATION WITH
We take care to allow access to personal information only to those who require such access to perform their tasks and duties in relation to the provision of our services, and to third parties who have a legitimate purpose for accessing it to support these purposes. Whenever we permit a third party to access personal information, we will implement appropriate measures to ensure the information is used in a manner consistent with this notice and that the security and confidentiality of the information is maintained.
TRANSFERS TO OTHER THIRD PARTIES
We may also disclose personal information to third parties on other lawful grounds, including:
- To comply with our legal obligations, including where necessary to abide by law, regulation or contract, or to respond to a court order, administrative or judicial process, including, but not limited to, a subpoena, government audit or search warrant
- In response to lawful requests by public authorities (including for national security or law enforcement purposes)
- As necessary to establish, exercise or defend against potential, threatened or actual litigation
- Where necessary to protect the vital interests of our employees or another person.
- In connection with the sale, assignment or other transfer of all or part of our business; or
- With your expressed consent
The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. We ensure that there are appropriate technical controls in place to protect your personal details. For example, we use encryption technology on our websites and carry out regular security reviews on our network.
iSB Group has opted for third party cloud based solutions, all with restricted access to client data by our employees. Our emails and website are also encrypted for extra safety.
On this website, we hold no personal details as these are stored, with client consent, in our CRM and other GDPR compliant software applications.
WILL MY COMPANY DATA BE SECURE?
We value your privacy. As a company we have taken organisational and technical measures to protect your data from theft, loss or any kind of use that is not in line with the purposes for which the data was collected. We work with secured cloud based networks that are GDPR compliant.
We would like to send you useful articles, advice, information about our services and events which may be of interest to you. If you have consented to receive marketing, you may opt out at any point as set out below, or by clicking on the ‘unsubscribe’ button on any marketing email.
iSB Group may collect information about you whenever you interact with us, for example when you:
- Enquire about our services or visit our website
- Sign-up to receive marketing updates on a campaign or website download
- Create or update a profile
- Post content to our website or social media sites (including LinkedIn)
- Attend a business meeting with us and provide us with information about you
- Take part in one of our events
- Contact us through the following channels: website, email, phone, SMS, social media or post
We may also receive information about you from third parties. This is if you’ve given them permission to share your information with us.
Like many site operators, we collect information that your browser sends whenever you visit our Site (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics.
We will not share your information for marketing purposes with other companies.
Cookies are files with small amounts of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive.
HOW LONG WILL WE HOLD YOUR DATA FOR?
How long we keep your personal information will vary and will depend on the purpose and use of information collected. There are legal requirements that we keep some types of data for specific periods. Otherwise, we will retain it for no longer than is necessary for the purposes for which the data was collected.
YOUR DATA PRIVACY RIGHTS
The following rights are available under applicable data protection law:
Access, correct, update or request deletion of personal information. Object to processing of personal information, ask us to restrict processing of personal information or request portability of personal information.
If we have collected and processed personal information using a person’s consent, then this can be withdrawn at any time. Withdrawing consent will not affect the lawfulness of any processing we conducted prior to withdrawal, nor will it affect processing of personal information conducted in reliance on lawful processing grounds other than consent.
You have the right to complain to a data protection authority about our collection and use of personal information. For more information, please contact your local data protection authority. In the United Kingdom, the data protection authority is the Information Commissioner’s Office whose website is https://ico.org.uk/
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. You can read more about these rights at: https://ico.org.uk/for-the-public/is-my-information-being-handled-correctly/
Please note, our ability to facilitate aspects of any of the above rights will depend on whether we are a Data Processor or a Data Controller in relation to any specific data. Any requests received relating to data processed on behalf of customers should be referred to the relevant Data Controller.
ACCESS TO YOUR INFORMATION, CORRECTION, PORTABILITY AND DELETION
Right of Access. You have the right to ask iSB Group to confirm whether we process your personal data. If we do, you have the right to request access to your personal data that we process and the following information: (i) the purposes of the processing; (ii) the categories of personal data we process; (iii) the recipients or categories of recipients of your personal data; (iv) the envisaged retention period of the data where possible; (v) your right to request rectification or erasure of your personal data, or restriction of the processing of such data; (vi) your right to file a complaint with a supervisory authority; (vii) if we have not collected the data from you, any information we have available about the source of the data; and (viii) whether we use your personal data to make any automated decisions that have legal or other similar significant effects on you.
Right to rectification. You have the right to have iSB Group correct your personal data if they are inaccurate. Taking into account the purposes of the processing, you may also have the right to have incomplete personal data about you completed, including by providing a supplementary statement to iSB Group.
Right to object to processing for iSB Group’s legitimate business interests. You have the right to object to iSB Group processing your personal data when that data is processed on the basis of iSB Group’s legitimate business interests. iSB Group will honour your objection and stop processing the relevant personal data unless: (i) we have compelling legitimate grounds for the processing that override your interests, rights, and freedoms; or (ii) we need to continue processing your personal data to establish, exercise, or defend a legal claim.
Right to object to processing for direct marketing. If iSB Group processes your personal data for direct marketing purposes, you have the right to object to this processing. If you exercise this right, iSB Group will stop processing your personal data for direct marketing purposes.
Right to restrict processing.
Right to erasure. The right to erasure is also called the “right to be forgotten.” You may ask iSB Group to delete your personal data. iSB Group is required to delete your personal data upon your request only in the following circumstances: (i) your personal data is no longer necessary for the purposes for which iSB Group collected or processed them; (ii) if iSB Group processes your personal data on the basis of consent, you withdraw your consent, and no other legal ground exists for iSB Group to continue processing your personal data; (iii) if iSB Group processes your personal data for its legitimate business interests, you object to the processing, and there are no overriding legitimate grounds for iSB Group to continue processing your personal data; (iv) if iSB Group has processed your personal data unlawfully; or (v) the personal data must be erased to comply with a legal obligation under European Union law to which iSB Group is subject.
iSB Group is not required to erase your personal data to the extent that iSB Group needs to process them to: (i) exercise its right of freedom of expression and information; (ii) comply with a legal obligation under European Union law to which iSB Group is subject; or (iii) to establish, exercise, or defend a legal claim.
Right to data portability: You have the right to receive personal data you provided to iSB Group when: (i) the processing of the data is based on your consent or is necessary for the performance of a contract between you and iSB Group; (ii) iSB Group’s processing of your personal data is carried out by automated means; and (iii) complying with your request will not adversely affect the rights and freedoms of others.
If you have the right to receive such personal data and request that iSB Group provide it, iSB Group will provide it to you in a structured, commonly used, and machine-readable format.
Right to lodge a complaint with a supervisory authority. iSB Group will use its best efforts to address and settle any requests or complaints brought to its attention. In addition, you have the right to approach the competent data protection authority with requests or complaints. This can be the supervisory authority in the country or federal state where you live.
QUESTIONS ABOUT THIS POLICY
If you have any questions about this policy or the use of your personal data, please contact us with details below: