IT Focus Privacy Notice
IT Focus are a B2B only IT specialist direct marketing agency. We engage with a select number of technology clients to help them promote their products and services to other businesses (never consumers). These services bring value to the wider business audience by helping them to increase productivity and reduce cost by the adoption of new and updated technologies. The focus is always on the business entity, and any personal contact/processing is purely on the basis of the individual being a decision maker within said business.
IT Focus is committed to ensuring the protection and privacy of your personal data you share with us. For the data you share with us, IT Focus will act as the data controller, processing your data on the basis of Legitimate Interests.
What data do we collect?
We will collect standard business contact information: your name, business name, role/job title, business address, business email(s), telephone numbers. In addition, in order to better understand and profile your business we may collect non-personal data about your business sector, turnover, number of employees, website, technology solutions and interests, etc.
How long will we keep the data?
We will only keep your personal data for as long as we feel it usefully fulfil its purpose.
- Personal data held on live databases and our customer relationship management (CRM) tool will be held for a maximum of 2 months after the end of marketing activity
- Call recordings will be held for a maximum retention period of 24 months after the end of marketing activity
After this point, personal data will be retained as part of our prospect database. However, if at any time you would like your details to be removed from our database just let us know at email@example.com.
Under what circumstances will we disclose your personal data?
There are certain, limited circumstances in which we will disclose your personal information to a third party, these include:
- IT Focus’s client partners – but only if you have expressed interest in our client partners’ products and services
- If we are legally required to by a regulatory or governmental body
How do we analyse and enhance your data?
We carry out very limited analysis or enhancement of personal data. We are interested in establishing the fullest and most accurate view of your company, not you as an individual. From time to time we may utilise third party data to complete the limited data we seek to hold (see ‘What data do we collect?’ above). We may also use other sources of public realm data to enhance the information we hold about your business, but this will not be personal data about you as an individual.
We will never share or sell your personal data to any third parties, with the exception of IT Focus’s client partners – when you have expressed interest in their products and services.
Automated Decision Making
Our use of automated decision making based on personal data is very limited. We may use your job title as part of automated selection criteria, in combination with data which clearly non-personal such as business location, size, sector, etc. If you are not happy with this, or any other aspect of our processing of your data, please let us know firstname.lastname@example.org.
Know Your Rights:
The 2018 Data Protection Act (2018 DPA) offers individuals more rights in accessing and using the personal data that organisations hold on them than ever before. We fully support this regulation change and have highlighted your rights below. To see more information on 2018 DPA and your rights, please click on the link at the bottom of the page.
The right to be informed: The right to be informed encompasses our obligation to provide ‘fair processing information’. This emphasizes the need for us to be transparent about how your personal data is used. We aim to do so in this Privacy Notice
The right of access: You have the right to obtain:
– confirmation that your data is being processed;
– access to your personal data; and
– other supplementary information – this largely corresponds to the information that is provided in our privacy notice.
The right to rectification: You are entitled to have personal data rectified if it is inaccurate or incomplete.
The right to erasure: The right to erasure is also known as ‘the right to be forgotten’. The broad principle underpinning this right is to enable you to request the deletion or removal of personal data where there is no compelling reason for its continued processing.
The right to restrict processing: You have the right to ‘block’ or suppress processing of personal data. When processing is restricted, we are permitted to store the personal data, but not further process it. Retaining just enough information about you to ensure that the restriction is respected in future is permitted.
The right to data portability: The right to data portability allows you to obtain and reuse your personal data for your own purposes across different services. It allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.
The right to object: You have the right to object to:
– processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
– direct marketing (including profiling); and
– processing for purposes of scientific/historical research and statistics.
Rights in relation to automated decision making and profiling: The 2018 DPA provides safeguards for you against the risk that a potentially damaging decision is taken without human intervention.
More detailed information on each of the rights can be found here: https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/individuals-rights/.