Activist Group’s Privacy Policy

 

1. Activist Group (hereinafter referred to as “Activist” “us” “we” or “our”) is committed to
respecting your privacy and to complying with applicable data protection and privacy
laws.

2. If you do submit personal information – by contacting us, for example – you can be assured that we will use your personal information only for the original purpose for which it was provided or obtained.

3. We have provided this Privacy Policy to help you understand how we collect, use and protect your information when you visit our website and when you use our services. We wish to help you make informed decisions, so please take a few moments to read the sections below and learn how we may use your personal information.

4. You should read this notice in conjunction with our terms and conditions set out further below.

Background

5. This Privacy Policy is available on the Activist website. It provides detailed information on how we use and protect your personal information, and your rights in relation to this.

Our core beliefs regarding user privacy and data protection

  • User privacy and data protection are human rights.
  • We have a duty of care to the subjects within our data.
  • Data is a liability, it should only be collected and processed when absolutely necessary.
  • We will never sell, rent, share or otherwise distribute or make public personal or sensitive data.
  • We do not undertake profiling of any kind using the data we hold.

 

Relevant legislation

6. Activist comply with the following national and international legislation with regards to data protection and user privacy:

  • EU General Data Protection Regulation 2016 (GDPR)

 

Information security

7. Activist recognises that its customers expect companies to protect personal information from misuse and abuse. Activist is constantly reviewing and enhancing its technical, physical and managerial procedures and rules to protect your personal data from unauthorised access, accidental loss and/or destruction.

8. Please be aware that communications over the Internet, such as emails, are not secure unless they have been encrypted. Your communications may be routed through a number of countries before being delivered – this is the nature of the World Wide Web and Internet. Activist cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.

9. Monitoring or recording of your calls, emails, text messages and other communications may take place in accordance with UK law, and in particular for business purposes, such as for quality control and training, to prevent unauthorised use of the Activist website, to ensure effective system operations and in order to prevent or detect crime.

Personal information that we collect and why we collect it

10. We collect and use personal information for the following reasons.

Site visitation tracking

11. Like most websites, we use Google Analytics to track user interaction. We use this data to determine the number of people using our site; to better understand how they find and use our web pages; and to see their journey through the website. Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. Google is a third-party data processor. GA makes use of cookies, details of which can be found on Google’s developer guides. We understand that disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website.

12. Depending upon the type of browser you are using, you may be able to configure your browser so that: (i) you are prompted to accept or reject cookies on an individual basis or (ii) you may be able to prevent your browser from accepting any cookies at all. You should refer to the supplier or manufacturer of your web browser for specific details about cookie security.

Contact forms and email links

13. Should you choose to contact us using the contact form on our Contact Us page or an email link, none of the data that you supply will be stored by this website or passed to any third-party data processors

14. Our emails are sent from Microsoft Office 365 servers. Emails sent using Microsoft Office 365 are protected with S/MIME cryptography.

External client data

15. Due to the nature of our work, Activist staff and our associates are privileged to handle a data containing personal and sensitive information provided to us for a specific purpose and duration by our clients. 

16. We may use this data for a number of purposes which includes but is not limited to delivering services, products or information requested by our clients or responding to enquiries.

17. The data we store is hold is stored in our secure, access and password-restricted SharePoint site. Records of the data we hold is recorded and regularly reviewed on our Data Register (DR). This documents all the sensitive and personal data held by Activist in a centrally-held, access and password-restricted location also on our company SharePoint site. Only the Director, Data Controller and Data Protection Officer and their nominated support staff have editing control for the DR. Its key purpose is to ensure that, at a moment’s notice, we can tell what data we hold for a client and its location.

18. Examples of the personal and sensitive data that we handle on behalf of our clients include:

  • Staff in scope lists and salary details.
  • Contact addresses, email addresses and telephone numbers.
  • Identifiable personal opinions expressed in project meetings, interviews or document drafts.
  • Discussions of politically, commercially and organisationally sensitive topics.

Internal employee and associate data

19. The internal employee and associate data we store is held in our secure, access and password-restricted SharePoint site. Records of the data we hold is recorded and regularly reviewed using the Data Register (DR).

20. We may use this data for a number of purposes which includes but is not limited to delivering services, products or information requested by our employees and associates, responding to enquiries and our legal obligations to government agencies.

21. Examples of the personal and sensitive data that we handle on behalf of our employees and associates include:

  • Associate bank details.
  • Associate CVs with contact details.
  • Personal and business contact details.
  • Payroll information, which could include medical/fit notes.
  • Photographs.

The data we hold on you

22. If a data subject wishes to request information about the data we hold on them with a view to having it removed, we have a Subject Access Request Process (see Appendix ii).

23. This process provides a framework that will reassure the subject, and us as data controllers and data processors, that we are responding and handling the request in an appropriate and timely manner.

24. You can contact us at any time to have your details removed where we do not have a legal obligation to retain them, to obtain details of the personal information we may hold about you or to update your information – the choice is yours. We will take reasonable steps to confirm your identity before providing you with details of any personal information we may hold about you.

About our website’s server

25. Our website is hosted by 1and1 Internet within a secure green data centre located in Europe. More information can be found at https://about.1and1.co.uk/#page-content.

26. Our website is not encrypted as we do not use it to access customer data or manage transactions (other than enquiries via email).

Our third-party data processors

27. We occasionally use a number of third parties to process personal data on our behalf. We check for GDPR compliance before using any third-party sites.

Data breaches

28. All personal data breaches will be recorded in the Activist data breach register. Where required, they will also be reported to the data subject and the Information Commissioner. For full details, please refer to Our Data Breach Detection, Reporting and Investigation Procedure.

Data Controller

29. The data controller for Activist Group is: Eric Bohl (eric.bohl@activistgroup.co.uk). 

Whose postal address is: Activist Group PO Box 6969 Tadley RG24 4XJ United Kingdom

Data protection officer

30. The data protection officer for Activist Group is: Mike Wynn (mike.wynn@activistgroup.co.uk); contactable using the above postal address.

Changes to our privacy policy

31. This privacy policy may change from time to time in line with legislation or industry developments. We will not explicitly inform our clients or website users of these changes unless they directly affect our work for you. Instead, we recommend that you check our website occasionally for any policy changes. Specific policy changes and updates are mentioned in the change log below.

32. Activist reserves the right to amend or modify this Privacy Policy at any time and in response to changes in applicable data protection and privacy legislation.

33. If you have any enquiry about our data protection and privacy policy or practices, please write to: Eric Bohl, Director, Activist Group, at the postal address above or send an email to info@activistgroup.co.uk.

Our website – terms and conditions

You can read our full website terms and conditions in full overleaf.

Ready to get started?

Contact us now to schedule a free consultation or request a no-obligation quote.

Get in touch