Part 1: Deals with the European Union’s General Data Protection Regulations (GDPR), and its requirements regarding the collection and use of your personal data by Poppleton & Appleby (‘The Firm’). This is set out in more detail below.
Part 2: This part sets out the practices ‘The Firm’ follows in order to respect the privacy of all visitors to this website relating to the information we collect from this website
Part 1 GDPR
Poppleton & Appleby is the trading name of Poppleton & Appleby (Midlands) LLP, a Limited Liability Partnership
The registered office of Poppleton & Appleby is:
30 St Paul’s Square, Birmingham, B3 1QZ
Our Data Protection Officer/Head of Privacy can be contacted at:
What are your rights?
If at any point you believe the information we process on you is incorrect you can request to see this information and have it corrected or deleted, if you so wish. If you wish to raise a complaint on how we have handled your personal data, you can contact our Data Protection Office/Head of Privacy, using the email address above, who will investigate the matter.
If you are not satisfied with our response or believe we are not processing your personal data in accordance with the requirements of GDPR, then you are within your rights to lodge a complaint with the Information Commissioner’s Office (ICO).
Unless otherwise agreed with you, we will only collect basic personal data about you, which does not include any ‘sensitive personal data’. This basic personal information will include: your name, work address, telephone number, email address and job title.
The full list of your rights under GDPR is shown below:
- The right to access the personal data we hold on you
- The right to correct and update the personal data we hold on you
- The right to have your personal data erased
- The right to object to processing of your personal data
- The right to data portability
- The right to withdraw your consent to the processing at any time for any processing of personal data to which consent was sought.
- The right to object to the processing of personal data where applicable
- The right to lodge a complaint with the Information Commissioner’s Office. You can email them via: https://ico.org.uk/global/contact-us/email/, call them on 0303 123 1113, or write to them at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.
We need to know basic personal data, including: your name, work address, telephone number, email address and job title, in order to provide you with our services, and to claim our right to be paid in return for our services, under our standard terms of business if we are contracted to work for your company. If you do not provide this information then we will be unable to provide the services you have requested. We will not collect any personal data from you that we do not need in order to provide and oversee the services we have agreed to provide you with.
Use of Data
All the personal data we hold about you will be processed by our staff. No third parties will have access to your personal data unless there is a legal obligation for us to provide them with this. We have set out below the legal bases for the Firm to process your data.
We may also process your personal data if it is necessary for the performance of a contract with you, or to take steps to enter into a contract. An example of this would be processing your data in connection with providing you with services.
We will also communicate with you information about other services we can offer you and update you about our activities.
Where your information is used other than in accordance with one of these uses, we will first obtain your consent to that use. We take all reasonable steps to ensure that your personal data is processed securely.
How long do we keep data?
We will only retain your personal data for as long as is necessary to fulfil the purposes for which it is collected.
When assessing what retention period is appropriate for your personal data, we take into consideration:
- the requirements of our business and the services provided;
- any statutory or legal obligations;
- the purposes for which we originally collected the personal data;
- the lawful grounds on which we based our processing;
- the types of personal data we have collected;
- the amount and categories of your personal data; and
- whether the purpose of the processing could reasonably be fulfilled by other means.
If you consent to marketing, any information we use for this purpose will be kept with us until you notify us that you no longer wish to receive this information.
Sharing your personal data
Your personal data will only be shared with third parties including other data controllers where it is necessary for the performance of the data controllers’ tasks or where you first give us your prior consent. It is likely that we will need to share your data with:
- members of staff in the Firm other than our head of data privacy
- Our agents, suppliers and contractors. For example, we may ask a supplier to send out newsletters on our behalf, or to maintain our database software, or to provide us with administration, IT and other related services;
Any personal data transferred to countries or territories outside the European Union will only be placed on systems complying with measures giving equivalent protection of personal rights either through international agreements or contracts approved by the European Union.
Part 2 – Our Privacy Practices
At Poppleton & Appleby we use fair information practices that are designed to protect your privacy. If you have questions or you do not feel that your concerns have been addressed in our privacy statement, or you just want to talk with us, please feel free to contact us by email at GDPR@poppletonandappleby.co.uk
We collect information that is voluntarily provided by visitors to this Site. The data that the firm receives from visitors to this site includes: name, title, address, email address and telephone number, and any other information provided by visitors in email messages and attachments.
Typically, this data is collected in order to assist visitors to:
- receive information about the Firm and the services we offer
- submit CVs or work history information
- contact us for further information
It is The Firm’s policy to limit the information collected to only the minimum information required to complete a Site visitor’s request.
It is the Firm’s intention to not seek any sensitive information through our website, unless legally required for recruiting purposes. Sensitive information is defined as including data relating to race or ethnic origin, political opinions, religious or other similar beliefs, trade union membership, physical or mental health, sexual life, or criminal record.
Use of User Data
The Firm makes every practical effort to avoid excessive or irrelevant collection of data. If a visitor believes the website has collected excessive information, please contact us at GDPR@poppletonandappleby.co.uk
Except for instances where visitors explicitly choose to receive specific Poppleton & Appleby marketing or other informational materials, the Firm will not use personal data collected from our Website to distribute marketing or informational materials.
It is The Firm’s policy only to disclose User Data to third parties under the following circumstances:
- when explicitly requested by the visitor
- when required to deliver publications or reference materials requested by the visitor
- when required to facilitate conferences or events hosted by a third party
- when required to meet any other request of a visitor.
Categories of third parties that the Firm may share personally identifiable information with include National, Regional and local government entities. This Site does not collect or compile personally identifying information for the dissemination of or sale to outside parties for consumer marketing purposes, or host mailings on behalf of third parties.
A cookie is a tiny element of data that a website can send to the computer browser of a visitor, so that this computer will be recognised by the site on their return. Cookies allow our web server to recognise a computer on connection to the Site, which in turn allows the server to make downloading of pages faster than on first viewing. In addition, cookies may also be used by us to establish statistics about the use of the Site by Internet users by gathering and analysing data such as: most visited pages, time spent by users on each page, site performance, etc. By collecting and using such data our aim is to improve the quality of the Site.
The data collected by our servers and/or through cookies that may be placed on your computer will not be kept for longer than is necessary to fulfil the purposes mentioned above. In any event, such information may not be kept for longer than one year.
Navigation data about site viewers is automatically collected by our servers. If you do not wish to have this navigation data collected, we recommend that you do not use the Site. A visitor can also set their browser to block the recording of cookies on their hard drive to minimise the amount of data that may be collected about your navigating on the Site. The browser on a computer can be set to notify the user when a cookie is being recorded on their computer’s hard drive. Most browsers can also be set to keep cookies from being recorded on their computer. However, for optimal use of the Site, we recommend that visitors do not block the recording of cookies on their computer.
For more information about cookies, please see the Information Commissioner’s website home page or the Interactive Advertising Bureau.
Transfer of User Data outside the User Jurisdiction
The Internet is a global environment. In order to provide a Site that works well, we may need to transfer User Data to locations outside the jurisdiction in which a visitor is viewing the Site (the User Jurisdiction) and process User Data outside the User Jurisdiction. If the User Jurisdiction is within the European Economic Area (the EEA) please note that such transfers and processing of personal data may be in locations outside the EEA. Any data sent or uploaded by users may be accessible in jurisdictions outside the User Jurisdiction (including outside the EEA). The level of data protection offered in such jurisdictions may be less than that offered within the User Jurisdiction or (as the case may be) within the EEA.
As a policy, visitors are not required to register to gain access to this Site. Personally identifiable information provided to Poppleton & Appleby through this Site is provided voluntarily by visitors. Should visitors subsequently choose to unsubscribe from mailing lists or any registrations, we will provide instructions on the appropriate Website area or in communications to our visitors; or a visitor may contact us at: GDPR@poppletonandappleby.co.uk
Each visitor has the right of access to personal data they have submitted through this Site.
User updates of information should be handled by going back through the registration process. Enquiries about the accuracy of identifying information previously submitted, or requests to have information removed, should be directed to GDPR@poppletonandappleby.co.uk
All members of staff of Poppleton & Appleby are instructed to follow a firm-wide security policy. Only authorised personnel are provided access to personally-identifiable information and these employees are required to agree to ensure confidentiality of this information.
All documents, programmes, publications, designs, products, processes, software, technology, information, and ideas (Content) provided by or described in this Site are the property of Poppleton & Appleby and/or its affiliates or suppliers and are protected by U.K. and international copyright laws and other intellectual property laws, unless stated otherwise.
The Content is provided to users of this Site for informational purposes only. Except as expressly permitted below or by applicable law, users may not copy (except to the extent required in order to use the site in accordance with the Legal Notice), store in any medium (including in any other website), distribute, transmit, re-transmit, broadcast, modify, or otherwise make available or communicate to the public any part of the Site or systematically extract material from the Site or any document available through it or in any other way exploit commercially all or any part of the Site or any document available through it without our prior written permission.
Users may print or save one copy of any page of the Site and documents available through it (other than documents provided by third parties) for their own personal use.