OLL4ALL (“we”, “us”, “our”) is committed to protecting and respecting your privacy. This Privacy Notice explains how we collect, use, and protect your personal data when you visit our website or engage with our services.
What Data We Collect
We may collect and process the following data about you:
- Name
- Contact information (email address, phone number)
- Professional information (job title, company name)
- Any other information you provide to us
How We Use Your Data
We use your personal data to:
- Provide and manage our services
- Communicate with you regarding our services
- Improve our website and services
- Comply with legal obligations
Legal Basis for Processing
We process your personal data based on the following legal grounds:
- Consent: You have given clear consent for us to process your personal data for specific purposes.
- Contract: Processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
- Legitimate Interests: Processing is necessary for our legitimate interests, provided these are not overridden by your rights and interests.
Data Sharing
We may share your personal data with:
- Associates working on specific projects
- Service providers who assist us in our operations
- Legal authorities if required by law
Data Security
We take appropriate measures to ensure your personal data is secure and protected against unauthorized access, loss, or destruction. This includes:
- Using OL4ALL systems to process personal data for OL4ALL purposes. Any other systems used, including cloud storage, must be approved for security.
- Protecting data stored on computers with strong passwords that are changed every 90 days.
- Encrypting or password-protecting data stored on external hard drives and memory sticks, and securely destroying these tools when no longer in use.
- Regularly backing up data.
- Shredding paper data when it is no longer needed.
Data Transmission and Sharing
Transfers of personal data to third parties and internationally can only be done if necessary and for a lawful purpose. We ensure that any data moved outside the EU is processed in compliance with UK/EU GDPR.
Data Retention
We retain personal data for no longer than necessary and justifiable. The Data Protection Lead is responsible for setting and communicating data retention periods and ensuring regular reviews of data held.
Your Rights
You have the following rights regarding your personal data:
- Access: You can request access to the personal data we hold about you.
- Rectification: You can request correction of any inaccurate or incomplete data.
- Erasure: You can request deletion of your personal data, subject to legal obligations.
- Restriction: You can request restriction of processing under certain circumstances.
- Objection: You can object to the processing of your personal data.
- Data Portability: You can request transfer of your personal data to another party.
Responding to Rights-Based Requests
To access your data, you must make a Subject Access Request (SAR) as specified on the ICO website.
Data Breaches
Any breaches or potential breaches of data privacy must be referred to the Data Protection Lead immediately for investigation and action to mitigate consequences and prevent future breaches.
Contact Us
If you have any questions or concerns about this Privacy Notice or our data practices, please contact us at:
- Email: [Your Email Address]
- Phone: [Your Phone Number]
Changes to This Privacy Notice
We may update this Privacy Notice from time to time. Any changes will be posted on our website.
