Who we are
Your Personal Data – What is It?
Personal data relates to a living individual who can be identified by the data provided to us. Identification can be by means of the information supplied or in conjunction with other information in the data controller’s possession, or likely to come into their possession. The processing is governed by the General Data Protection Regulation 2016/2017 (abbreviated to “GDPR”).
Who decides how your information is processed?
Our data controller is Tom Leigh, whose contact details are available on our website. This person decides how your personal data is processed within our organisation.
What data do we collect?
We receive, collect and store any information you enter on our website or provide us in any other way. In addition, we collect the Internet protocol (IP) address used to connect your computer to the Internet. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, email, communications); comments, feedback, and personal profile.
How do we process the information you provide?
We comply with all obligations under GDPR by keeping your personal data safe, secure and up to date. This includes policies concerning storing, destroying, or retaining data. Social8 Ltd is also responsible for preventing loss, misuse, unauthorised access or disclosure, and for ensuring that appropriate technical measures are in place to make sure your information is secure.
For what purpose will your data be processed?
We will use your data to enable us to supply our services to you during our normal business activity. In addition, we collect such Non-personal and Personal Information for the following purposes:
To provide our clients and website visitors with on-going information and communications;
To be able to contact enquirers with general or personalised service-related notices and messages;
To create aggregated statistical data and other aggregated and/or inferred Non-personal Information, which we or our business partners may use to provide and improve our respective services;
To comply with any applicable laws and regulations.
What is the legal basis for processing your personal data?
We have a lawful basis for processing data under Article 6(1)(b) of the GDPR regulation. This includes where processing is necessary for the performance of a contract to which the data subject is party, or in order to take steps at the request of the data subject prior to entering into a contract.
Where you, the client or website visitor, have requested a quotation for services, we need to obtain personal data to provide you with the information requested.
We may share your information with other parties in fulfilment of a contract, internal processes or normal business activities for a marketing agency. This may include one or all of the following organisations: Google and other related products; Facebook and other related products; Mailchimp; WordPress; Quickbooks; and other data controllers that we engage with. We are able to provide a full list upon enquiry. Privacy notices are available on the website of each of these organisations.
We may also be required to share the personal data you supply us with other data controllers to comply with a common law or statutory obligation.
We will not sell or share your personal data with other companies.
Your rights under GDPR
You have the right to request a copy of the personal data Bedrock HR Ltd holds about you.
The right to correct any inaccurate personal information;
The right to request erasure of personal information where it is no longer necessary to retain the information for statutory contractual purposes;
The right to withdraw your consent for processing at any time if consent is relied upon as a processing condition;
The right to request that the data controller provide the data subject with his/her personal data and, where possible, to transmit that data directly to another data controller (known as the right to data portability) [this only applies where processing is based on consent or is necessary for the performance of a contract with the data subject and in either case the data controller processes the data by automated process.]
The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction be placed on further processing
The right to object to the processing of personal data (only applies where processing is based on legitimate interests)
The right to lodge a complaint with the Information communication Office