PRIVACY POLICY
Our Site (https://www.diacle.com) understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone visits this Site . We ask that you read this privacy policy carefully and ensure that you understand it as it contains important information on who we are and how and why we collect, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact us. This Privacy Policy applies when you visit our Site. It also applies where we are in contact with you in other ways whether in your capacity as an individual or as a director, shareholder, partner, employee or other representative of a company or other organisation.
1. Definitions and Interpretation
In this Policy the following terms shall have the following meanings:
Account - means an account required to access and/or use certain areas and features of our Site;
Cookie - means a small text file placed on your computer or device by our Site when you visit certain parts of our Site and/or when you use certain features of our Site. Details of the Cookies used by our Site are set out in Part 17, below.
2. Who we are
Our Site is owned and operated by DIACLE LIMITED, a limited company, registered in England and Wales
with number 08597553.
Registered address: Suite 2, 1st Floor, 151 Rye Lane, London, SE15 4TL.
Email address: info@diacle.com
3. What Is Personal Data?
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
4. Data Protection Principles
Lawfulness, fairness and transparency - data must be processed lawfully, fairly and in a transparent manner.
Purpose limitation - data must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
Data minimisation - data must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
Accuracy - data must be accurate and, where necessary, kept up to date.
Storage limitation - data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
Integrity and confidentiality - data must be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage by using appropriate technical or organisational measures.
5. What Are My Rights?
Under the Data Protection Legislation, you have the following rights, which we will always work to uphold:
The right to be informed about our collection and use of your personal data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the details in Part 20.
The right to access the personal data we hold about you. Part 15 will tell you how to do this.
The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details in Part 20 to find out more.
The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we hold. Please contact us using the details in Part 20 to find out more.
The right to restrict (i.e. prevent) the processing of your personal data.
The right to object to us using your personal data for a particular purpose or purposes.
The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.
The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
Rights relating to automated decision-making and profiling. [We do not use your personal data in this way.]
For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Part 20.
It is important that your personal data is kept accurate and up-to-date. If any of the personal data we hold about you changes, please keep us informed as long as we have that data.
Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.
If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office. We would welcome the opportunity to resolve your concerns ourselves, however, so please contact us first, using the details in Part 20.
6. Information we collect
Depending upon your use of our Site, we may collect and hold some or all of the personal (and non-personal) data listed below. Please also see Part 17 for more information about our use of Cookies and similar technologies and our Cookie Policy.
Information you provide us
You may choose to provideus with personal data when you are introduced to us, when we meet you in person, or when we are in contact by phone, email, via our site or otherwise.
The categories of personal data you provide us may include:
first and last name;
job title and company name;
email address;
phone number;
postal address;
marketing and communications data includes your preferences in receiving marketing from us and your communication preferences
Information we collect from third parties
We collect most of this information from you directly. However, we also collect information about you:
from publicly accessible sources, e.g. Companies House;
from third party sources of information, e.g. client due diligence providers;
which you have made public on websites associated with you or your company or on social media platforms such as LinkedIn;
from a third party, e.g. a person who has introduced you to us or other professionals (such as accountants) you may engage.
Information we collect online
We collect, store and use information about your visits to our Site and about your computer, tablet, mobile or other device through which you access our Site. This includes the following:
technical information, including the Internet protocol (IP) address, browser type, internet service provider, device identifier, your login information, time zone setting, browser plug-in types and versions, operating system and platform, and geographical location;
information about your visits and use of the Site, including the full Uniform Resource Locators (URL), clickstream to, through and from our Site, pages you viewed and searched for, page response times, length of visits to certain pages, referral source/exit pages, page interaction information (such as scrolling, clicks and mouse-overs), and Site navigation and search terms used;
information collected by cookies on our Site (for more information on cookies, please see the section on cookies below).
Sensitive personal data
We do not generally seek to collect sensitive (or special categories of) personal data. Sensitive personal data is defined by data protection laws to include personal data revealing a person’s racial or ethnic origin, religious or philosophical beliefs, or data concerning health. If we do collect sensitive personal data, we will ask for your explicit consent to our proposed use of that information at the time of collection.
Children
Our Site is not intended for or directed at children under the age of 16 years and we do not knowingly collect data relating to children under this age.
7. Email marketing
For email marketing to an individual subscriber (that is, a non-corporate email address) with whom we have not previously engaged as a client, we need your consent to send you unsolicited email marketing.
Where you provide consent, you can withdraw your consent at any time, but without affecting the lawfulness of processing based on consent before its withdrawal.
You have the right to opt out of receiving email marketing communications from us at any time by:
contacting our Privacy Manager using the contact details set out in Part 20; or
using the “unsubscribe” link in emails.
8. How we use your information
Under the Data Protection Legislation, we must always have a lawful basis for using personal data. Where we rely on legitimate interests as a lawful basis, we will carry out a balancing test to ensure that your interests, rights and freedoms do not override our legitimate interests. If you want further information on the balancing test we have carried out, you can request this from our Privacy Manager.
The following table describes the purposes for which we will process your personal data, and the legal basis for doing so:
| Purpose for which we will process your personal data | Legal basis for processing personal data |
|---|---|
| To provide you with information and services that you request from us. | It is in our legitimate interests to respond to your queries and provide any information requested in order to generate and develop business. To ensure we offer a good and responsive service, we consider this use to be proportionate and will not be prejudicial or detrimental to you. |
| To enforce the terms and conditions and any contracts entered into with you. | It is in our legitimate interests to enforce our terms and conditions of service. We consider this use to be necessary for our legitimate interests and proportionate. |
| To send you alerts, newsletters, bulletins, announcements, and other communications concerning FW, legal developments or notifications we believe may be of interest to you. | It is in our legitimate interests to market our services. We consider this use to be proportionate and will not be prejudicial or detrimental to you. You can always opt-out of receiving direct marketing-related email communications or text messages by following the unsubscribe link. |
| To invite you to seminars, events, or other functions we believe may be of interest to you. | It is in our legitimate interests to market our services. We consider this use to be proportionate and will not be prejudicial or detrimental to you. You can always opt-out of receiving direct marketing-related email communications or text messages by following the unsubscribe link. |
| To send you information regarding changes to our policies, other terms and conditions and other administrative information. | It is in our legitimate interests to ensure that any changes to our policies and other terms are communicated to you and it will not be detrimental for you. |
| To administer our Site including troubleshooting, data analysis, testing, research, statistical and survey purposes; To improve our Site to ensure that consent is presented in the most effective manner for you and your computer, mobile device or other item of hardware through which you access our Site; and to keep our Site safe and secure. | It is in our legitimate interests to continually monitor and improve our services and your experience of our Site and to ensure network security and it will not be detrimental for you. |
9. Who we share your personal data with
We will not share any of your personal data with any third parties for any purposes, subject to the following exceptions:
we sell, transfer, or merge parts of our business or assets, your personal data may be transferred to a third party. Any new owner of our business may continue to use your personal data in the same way(s) that we have used it, as specified in this Privacy Policy.
in some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
if necessary to protect the vital interests of a person; and
to enforce or apply our terms and conditions or to establish, exercise or defend the rights of Diacle Limited, our staff, customers or others.
10. International transfers
We do not transfer your personal data outside the UK or the European Economic Area (EEA).
11. How can you control your personal data
In addition to your rights under the Data Protection Legislation, set out in Part 5, when you submit personal data via our Site, you may be given options to restrict our use of your personal data. In particular, we aim to give you strong controls on our use of your data for direct marketing purposes (including the ability to opt-out of receiving emails from us which you may do by unsubscribing using the links provided in our emails).
You may also wish to sign up to one or more of the preference services operating in the UK: The Telephone Preference Service (“the TPS”), the Corporate Telephone Preference Service (“the CTPS”), and the Mailing Preference Service (“the MPS”). These may help to prevent you receiving unsolicited marketing. Please note, however, that these services will not prevent you from receiving marketing communications that you have consented to receiving.
12. Where we store your data.
We retain personal information regarding you or your use of the Services for as long as your Account is active or for as long as needed to provide you or our Users with the Services. We also retain personal information for as long as necessary to achieve the purposes described in this Privacy Policy, for example, to comply with our legal obligations, to protect us in the event of disputes and to enforce our agreements and to protect our and others’ interests.
We will only store or transfer your personal data within the European Economic Area (the “EEA”). The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein. This means that your personal data will be fully protected under the Data Protection Legislation, GDPR, and/or to equivalent standards by law.
Please contact us using the details below in Part 20 for further information about the particular data protection mechanism used by us when transferring your personal data to a third country.
13. Security of your personal data
We use industry standard physical and procedural security measures to protect information from the point of collection to the point of destruction. This includes encryption, firewalls, access controls, policies and other procedures to protect information from unauthorised access.
Where data processing is carried out on our behalf by a third party, we take steps to ensure that appropriate security measures are in place to prevent unauthorised disclosure of personal data.
Despite these precautions, however, Diacle cannot guarantee the security of information transmitted over the Internet or that unauthorized persons will not obtain access to personal data. In the event of a data breach, Diacle have put in place procedures to deal with any suspected breach and will notify you and any applicable regulator of a breach where required to do so.
The security of your personal data is essential to us, and to protect your data, we take a number of important measures, including the following:
limiting access to your personal data to those employees, agents, contractors, and other third parties with a legitimate need to know and ensuring that they are subject to duties of confidentiality;
procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data) including notifying you and/or the Information Commissioner’s Office where we are legally required to do so.
14. How long we keep your personal data
Your personal data will not be kept for longer than is necessary for the purposes for which it was collected and processed and for the purposes of satisfying any legal, accounting, or reporting requirements.
The criteria we use for retaining different types of personal data, includes the following:
General queries - when you make an enquiry or contact us by email or telephone, we will retain your information for as long as necessary to respond to your queries. After this period, we will not hold your personal data for longer than one year if we have not had any active subsequent contact with you;
Direct marketing - where we hold your personal data on our database for direct marketing purposes, we will retain your information for no longer than two years if we have not had any active subsequent contact with you.
Legal and regulatory requirements - we may need to retain personal data for up 7 years after we cease providing services and products to you where necessary to comply with our legal obligations, resolve disputes or enforce our terms and conditions.
15. How you can control your personal data
In addition to your rights under the Data Protection Legislation, set out in Part 5, when you submit personal data via our Site, you may be given options according to the rights to:
Access - you have the right to access information which we hold about you. If you so request, we shall provide you with a copy of your personal data which we are processing (“data subject access request”). We may refuse to comply with a subject access request if the request is manifestly unfounded or excessive or repetitive in nature.
Data Portability - You may also have the right to receive personal data which you have provided to us in a structured and commonly used format so that it can be transferred to another data controller. The right to data portability only applies where your personal data is processed by us with your consent or for the performance of a contract and when processing is carried out by automated means.
Update - We want to make sure that your personal data is accurate and up to date. You have the right to have inaccurate personal data rectified, or completed if it is incomplete. You can update your details or change your privacy preferences by contacting us as provided in Part 20. We may refuse to comply with a request for rectification if the request is manifestly unfounded or excessive or repetitive
Object:
You have the right to object at any time to our processing of your personal data for direct marketing purposes.
You also have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on our legitimate interests. Where you object on this ground, we shall no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Be forgotten and restrict the processing - You also have the following rights under data protection laws to request that we rectify your personal data which is inaccurate or incomplete. Please note that the above rights are not absolute and we may be entitled to refuse requests, wholly or partly, where exceptions under the applicable law apply. We may refuse a request for erasure, for example, where the processing is necessary to comply with a legal obligation or necessary for the establishment, exercise or defence of legal claims. We may refuse to comply with a request for restriction if the request is manifestly unfounded or excessive or repetitive in nature.
16. Exercising your rights
If you have questions, comments or complaints about this Privacy Policy or our privacy practices or if you would like to exercise your rights and choices, please email us at info@diacle.com.
Save as described in this Privacy Policy or provided under data protection laws, there is no charge for the exercise of your legal rights. However, if your requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may either: (a) charge a reasonable fee taking into account the administrative costs of providing the information or taking the action requested; or (b) refuse to act on the request. Where we have reasonable doubts concerning the identity of the person making the request, we may request additional information necessary to confirm your identity.
17. Cookies
In order to improve our Site, we may use small files commonly known as “cookies”. A cookie is a small amount of data which often includes a unique identifier that is sent to your computer or mobile phone (your “device”) from our Site and is stored on your device’s browser or hard drive. The cookies we use on our Site won't collect personally identifiable information about you and we won't disclose information stored in cookies that we place on your device to third parties.
Our Site may place and access certain first-party Cookies on your computer or device. First-party Cookies are those placed directly by us and are used only by us. We use Cookies to facilitate and improve your experience of our Site and to provide and improve our services. We have carefully chosen these Cookies and have taken steps to ensure that your privacy and personal data is protected and respected at all times.
By using Our Site, you may also receive certain third-party Cookies on your computer or device. Third-party Cookies are those placed by websites, services, and/or parties other than us. For more details, please refer to the table below. These Cookies are not integral to the functioning of our Site and your use and experience of our Site will not be impaired by refusing consent to them.
All Cookies used by and on our Site are used in accordance with current Cookie Law.
If you don't want us to use cookies when you use our Site, you can set your internet browser not to accept cookies. However, if you block cookies some of the features on our Site may not function as a result.
Visitors to our Site can adjust their browsers to refuse cookies but if not adjusted, our Site will deliver the cookie as soon as our Site is visited. You can find more information about how to do manage cookies for all the commonly used internet browsers by visiting www.allaboutcookies.org. This Site will also explain how you can delete cookies which are already stored on your device.
By continuing to browse our Site, you are agreeing to our use of cookies.
This Site deploys the following cookies:
| Cookies | Description |
Durations |
|---|---|---|
| ss_cpvisit | Identifies unique visitors and tracks a visitor’s sessions on a site | 2years |
| ss_cid | Identifies unique visitors and tracks a visitor’s sessions on a site | 2years |
| ss_cvisit | Identifies unique visitors and tracks a visitor’s sessions on a site | 30minutes |
| ss_cvt | Identifies unique visitors and tracks a visitor’s sessions on a site | 30minutes |
| ss_cvr | Identifies unique visitors and tracks a visitor’s sessions on a site | 2years |
| crumb | Prevents cross-site request forgery (CSRF). CSRF is an attack vector that tricks a browser into taking unwanted action in an application when someone’s logged in. | Session |
18. Google Analytics
Diacle uses Google Analytics, a web analysis service provided by Google Inc. (“Google”), CA 94043, 1600 Amphitheatre Parkway, Mountain View, USA, for customising and optimising our website.
Google Analytics uses ‘cookies’, which are stored on your computer, to help the website analyse how users use the website.
As a rule, the information generated by the cookies about your use of this website will be transmitted to and stored by Google on servers in the United States. The information generated by the cookies includes:
browser type,
operating system,
the website from which this website was accessed (referrer URL),
IP address,
date and time of the server request.
This website uses Google Analytics with the IP anonymisation feature (“anonymizeIp”).
This means your IP address will be shortened beforehand by Google within member states of the European Union or in other signatory states of the Treaty on the European Economic Area. The full IP address will be transmitted to a Google Server in the USA and shortened there only on an exceptional basis.
On behalf of Diacle, Google will use this information for evaluating your use of the website, compiling reports on website activity for website operators and providing other services to Diacle relating to website activity for market research and tailoring the offer to suit market needs. Google will not associate the IP address transmitted under Google Analytics by your browser with other data held by Google.
You may prevent the storage of cookies by selecting the appropriate settings on your browser software. However, we must advise you that in this case, you might not be able to use all functions of this website to the full extent. You may prevent Google from recording the data generated by the cookie and pertaining to your use of the website (including your IP address), or processing these data by downloading and installing the following browser plug-in available through the following link: https://tools.google.com/dlpage/gaoptout?hl=en-GB.
The terms of service and privacy policy are available at https://www.google.com/analytics/terms/gb.html and https://policies.google.com/?hl=en-GB.
19. Links
Our Site may, from time to time, contain links to and from third-party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and Diacle does not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
20. Email Monitoring
Emails which you send to us or which we send to you may be monitored by Diacle Limited to ensure compliance with professional standards and our internal compliance policies.
Monitoring is not continuous or routine, but may be undertaken on the instruction of a partner where there are reasonable grounds for doing so. Occasional spot checks or audits may also be undertaken on the instruction or with the authority of a partner.
21. How you can contact us
To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details:
Email address: info@diacle.com
Postal Address: Suite 2, 1st Floor, 151 Rye Lane, London, SE15 4TL
22. Complaints
If you have any questions or complaints regarding our Privacy Policy or practices, please contact us as provided in Part 20 above. You have the right to make a complaint at any time with a supervisory authority, in particular in the EU (or EEA) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is ICO who can be contacted at https://ico.org.uk
or telephone on 0303 123 1113.
23. Changes to our Privacy Policy
We may change this Privacy Policy from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection. Any change will be immediately posted on our Site and you will be deemed to have accepted the terms of the Privacy Policy on our first use of the Site Following the alteration. We recommend that you check this page regulatory to keep up-to-date. This Privacy Policy was last updated on June 2019.
Updated and effective as of 3 June, 2019