Key principles underpinning GDPR
- Lawfulness, fairness & transparency
- Purpose limitation
- Data minimisation
- Storage limitation
- Integrity and confidentiality
How we gather information
We may collect personal information from the following general sources:
- from you directly, when we meet in a business context;
- from data you provide online via our website data collection forms (training course or webinar registration, job applications);
- from your interaction with and use of our online services including the Astrimar website, LinkedIn, Twitter, Instagram, and Facebook feeds.
Information we may gather
We may collect the following information:
- name and job title;
- contact information including email address;
- the organisation you work for, or are associated with;
- demographic information such as address, postcode, preferences and interests;
- your physical interaction with us including date and location of meetings;
- your career history as part of a job application to us;
- a log of your online interaction with us including your IP address, browser type, referring page and time of visit.
How the information is used
We require this information to understand your needs and provide you with a better service. Particular reasons may include:
- Internal record keeping;
- To perform and improve services;
- To contact you (by email, phone or mail) from time to time, to take part in our research in relation to internal business development;
- To respond to queries or questions submitted via the website, email, telephone or mail, including training course bookings and job applications;
- To provide us with more understanding about how our website is used;
- For all other purposes consistent with the proper performance of our operations and services.
- Currently Astrimar do not operate any subscription email services from our website.
Should we need to process your personal information for any purpose not listed above, we will notify you in advance.
If you fail to provide certain information when requested, we may not be able to perform a contract entered into with you, or we may be prevented from complying with our legal obligations (e.g. to ensure the health and safety of our visitors).
The legal grounds for our processing of your personal information
- Legal Obligation - Where the processing is required to comply with our legal or regulatory obligations.
- Contractual - Where we have entered into, or are taking steps to enter into, a contract (or NDA) with you or your organisation.
- Consent - Where you have consented to us processing your personal data for specific purposes, including processing of training course bookings and job applications.
- Legitimate Interests - For those persons who we actively deal with and require to process their data outside of a contract (government officials, academics, etc), we will do so for our legitimate interests as listed above in “How the information is used”.
- Security - We are committed to ensuring that your information is secure. We have in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.
Most web browsers automatically accept cookies, but you can choose to modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Our website uses Google Analytics, provided by Google, Inc to help website operators analyse how people use their site. The information generated by the cookie about your use of the Astrimar website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information in accordance with their own data protection and policy.
Links to other websites
Retaining your personal information
Unless stated otherwise, we’ll hold your personal information based on the following criteria:
- For as long as we have reasonable business needs, such as managing our relationship with you and managing our operations
- For as long as we provide goods and/or services to you and then for as long as someone could bring a claim against us; and/or
- Retention periods in line with legal and regulatory requirements or guidance.
Your rights under data protection laws
You have the right (subject to evidence of identity) to request access to, be informed about the processing of and receive a copy of the personal information we hold about you. In addition, Astrimar recognises the further rights (as applicable) of data subjects under the GDPR listed below.
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability (only relevant from 25 May 2018)
- The right to object
- The right to withdraw consent
- Rights related to automated decision making and profiling
If you wish to exercise any of the above rights, you can contact us using the details below. At all times, you have the right to complain to the Information Commissioner’s Office which enforces data protection laws: https://ico.org.uk/.
Controlling and sharing your personal information
We will never sell, distribute or lease your personal information to third parties unless we have your explicit permission or are required by law to do so. The information you provide to us will be treated by us as confidential and will be processed only by our employees within the UK/EEA. We may disclose your information to other third parties who act for us for the purposes set out here or for purposes approved by you.
Inaccurate personal information
If you believe any data we hold about you to be inaccurate or out of date, please get in touch with us as soon as possible using the contact details below.
Astrimar Ltd is the data controller of any gathered data and is registered with the Information Commissioner’s Office. You can contact us using the details on our Contacts page.