E-Step Ltd Privacy Policy

1. Your Right to Information
Our business, supplying the products and services described on our websites, is based on strong and trusting relationships. Your trust in us as a professional organisation that you are comfortable working with is paramount. 
We value your rights to understand how we store and use any of your data, including its origin and recipients. 
We will never sell your personal data to any third-party organisation for any purpose.
This privacy notice sets out information regarding how and what personal data is collected and processed, who it is shared with, the lawful basis for processing and our retention strategy.
You may contact us with any questions or concerns you may have regarding the information within this notice or, more generally, any aspect of our processing of your personal data, using the address below:

Company Secretary
E-Step Ltd 
Connaught House
Riverside Business Park
Benarth Road
Conwy
LL328UB
UK
Tel. No: +44 (0) 1492 555415
Email: admin@estepltd.com
If you do not feel that we adequately answer your questions or remedy your concerns, you have the right to make a complaint to an appropriate supervisory body. Within the UK, you can contact the Information Commissioner’s Office at ico.org.uk/concerns/

2. How We Obtain Your Personal Data
We may receive or collect your personal data through various means:
• You emailing, phoning or posting social media messages to us directly with an enquiry or question.
• You registering for and/or attending our events, including webinars, seminars and training courses.
• You visiting our website.
• You opening or acting on our direct marketing communications.
• You exchanging business cards.
• You providing feedback on our products and services
• Us contacting you by phone, email or social media.
• Us receiving information on you from suppliers, marketers, advertisers, analytics providers, internet search engines, social media,   websites and other third parties.
• Us holding conversations with you at meetings, conferences, exhibitions, trade shows and other events.

3. Data You Give Us or We Collect
We endeavour to always collect, use and store the minimum personal data necessary during our normal business.

• For activities related to products and services we offer or may purchase from you, this data may include name, address, email addresses, links to profiles on social media, phone numbers, job & professional titles, department, product & service interests, contact preferences and miscellaneous information shared during the engagement.

• If we enter into a contract with you, we record enough data to undertake our contract with you. This includes project correspondence, technical support history, feedback to client surveys and attendance at any events and courses we are involved in organising or marketing. We may request enough financial information to undertake the transaction, including credit card payments or an introduction to a third-party financing organisation. This information will be further minimised once the purchase has been made unless you request otherwise.

• If you are interested in working for us as an employee, contractor or associate, we process additional personal data regarding your qualifications, experience, references, nationality, ethnicity and other selected demographic and special category information as required.

• During your visits to our websites, we may also automatically collect, for the computer you are using, IP address, platform, operating system, internet browser profile and clickstream history, such as how you got to our site and how long you spent on each page. However, we do not cross-reference this data against your other personal information, such as name and address, and therefore it cannot be used to identify who you are.

• When you respond to our direct marketing email communications, we record whether you open or delete the message and whether you click on an embedded link to our or third-party websites.

4. How We Use Your Data and its Lawful Basis
We may use your data in several ways to:

• Fulfil any obligations regarding contracts we have entered, or intend to enter, into with you.
• Manage our relationship with you including any administration.
• Provide our suppliers and associates with enough information to fulfil any contracts or offers that we have discussed with you.
• Keep you informed of products and services that you have previously purchased from us or enquired about.
• Provide you with related information to the above that we believe is of interest and may benefit your organisation.
• Notify you of any changes to our organisation, products or services.
• Improve the design of our website
• Improve the quality, relevance and performance of our email and other communications, including personalised, targeted and location-based content.
• Undertake research and market analysis to inform our company strategies.
• Assess the accuracy of the data we hold on you and verify using third parties.
• Identify and assess any activity that may potentially be illegal, unlawful or harmful.
• Enforce our Privacy Policy and any Terms of Business.
• Manage our recruitment processes.

Our lawful basis for processing your personal data will typically be our Legitimate Business Interests although we may alternatively rely on Contract, Legal Obligation or Consent for specific data and uses.

4.1 Legitimate Business Interests
Our Legitimate Business Interests for collecting, retaining and using your data are as follows:

• To successfully maintain and grow our business
We will endeavour to maintain our existing relationship with you by keeping you informed of our business offerings through direct marketing until you indicate otherwise. You can ask us to stop sending technical and marketing communications at any time by contacting us as described in Section 1.

• To provide the best possible response to your enquiries
We will collect and use your personal data to help understand your requirements and maintain communication when answering your requests for product or service information, commercial proposals or technical support.

• To analyse our targeted industries and company engagements
We may use your personal data in aggregate to inform our marketing strategies and further develop our products and services.

• To retain a suppression record

In the event of you exercising your Right to Erasure or objecting to our direct marketing, we may keep a record of your wishes, based upon the minimum necessary personal data, to ensure we continue to comply. We periodically assess and review the justification for relying upon our Legitimate Interests through a formal internal assessment process.

4.2 Contract
Our lawful basis will be Contract when we have entered an agreement, or are in discussion with you regarding an agreement, with your organisation, or with you personally, to supply or receive products and services. This basis will continue while we have obligations or professional duties to keep you informed of any variations, revisions or other changes that may have implications for the contract.

4.3 Legal Obligation
Our lawful basis will be Legal Obligation when we are legally required to process or retain your personal data to fulfil our obligations.

4.4 Consent
Our lawful basis will be Consent when this is the most appropriate basis for our engagement. This will include prior to direct marketing if we have not previously sent you marketing communications or when we are in contact with you regarding our products and services as an individual rather than as a representative of an organisation.
If we are using Consent as our basis for processing some or all of your personal data, you can withdraw your consent at any time, and we will delete the respective data in respect of your Right to Erasure.

5. Who May Use Your Data
Outside of our company, we may disclose your personal data to authorities as required to comply with our legal obligations, laws and if it is in the public interest.
We may also share your data with suppliers, partners, associates and contractors inside or outside of the European Union for the strict purpose of our legitimate interests or fulfilment of contracts with you. The lawful basis for their processing will be their own legitimate interests or contractual or legal obligations as a data processor.
If part or all our company is ever sold, your data may be transferred to the new owner as a business asset.

6. Storage and Retention of Data
We segregate any data we collect to store as appropriate within our Customer Relationship Management (CRM) system, mailboxes and server-based and local file systems. Segregation is based upon considerations of its use and purpose and our legal and contractual obligations. We periodically archive data in order to fulfil such obligations while no longer required or accessible for current use.
The duration your data will be stored depends on the nature and purpose for which it was collected, considering any legal or contractual obligations or the interest you may have shown in our products and services. We periodically review our data to ensure it is still lawful and appropriate to retain. If it fails this assessment, we will delete it if practically possible.
We endeavour to ensure our data is accurate through the information you supply, providing you with access via our email marketing to update your records directly and by regularly reviewing your engagement with us.
Please contact at the address in Section 1 if you would like further details on our data retention policies.

7. Security
We undertake our very best endeavours to ensure your personal data is secure once received, restricting access as appropriate.
We have in place strict security measures and procedures to try to protect any information collected and stored from any unauthorised access from within or outside of our company.

8. Website Plug-Ins, Cookies and Tracking
Our website is based on the WordPress platform, using Event Espresso plug-in for event management and other miscellaneous plug-ins to improve performance.
We use “Cookies” which are small text files that are put on your computer when you visit our website. These Cookies enable your device to be recognised and information to be collected about your actions when on our website. More general information on Cookies can be found at aboutcookies.org

First-Party Cookies are those set by the website while Third-Party Cookies are set by alternative domain or website. We include both first-party and third-party Cookies to enable us to improve our services to you, including:

• Measuring how many are using the services we provide, so we can make them easier and faster for you to use
• Analysing data, anonymously, to help us understand how you use our website.
• Providing live chat and social sharing services

For more information about how to remove Cookies from your device, or how to block individual Cookies from being received, please see the guidance and instructions at ico.org.uk/for-the-public/online/cookies/

By continuing to use our website without changing your browser settings, you are agreeing to our use of Cookies.

8.1 Third-Party Cookies
We use Google Analytics (a web analytics service provided by Google, Inc.) to help us understand how visitors use our site and how we can improve the experience in the future. Information obtained through Cookies on how you use our website (including your IP address) is captured and stored by Google on their servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. Please refer to Google’s privacy policies at policies.google.com/privacy for more details.

By continuing to use our website, you are consenting to the processing of data about you by Google in the manner and for the purposes set out above.

We provide convenient access to LinkedIn via sharing buttons which involves use of cookies. Please refer to LinkedIn’s cookie policy at linkedin.com/legal/cookie-policy.

We provide convenient access to Facebook via sharing buttons which involves use of cookies. Please refer to Facebook’s cookie policy at facebook.com/policies/cookies

We provide convenient access to Twitter via sharing buttons which involves use of cookies. Please refer to Twitter’s cookie policy at help.twitter.com/en/rules-and-policies/twitter-cookies.

9. Social Sharing Links
Our website, email and other electronic communications may include social sharing capabilities developed by third parties and connected to sites of social networking providers, such as LinkedIn and Facebook. For the avoidance of doubt, we cannot guarantee your browser will not submit any personal data to those providers which would thereby extend the processing of your data beyond our company.

If you have any questions or concerns regarding this activity, please refer to the privacy policies (See Section 8.1) of any social sharing plug-in and networking providers accessible via our communications before selecting a social sharing button or link. Their policies should inform you of your rights regarding the processing of your data and any options you can apply to your browser to protect your privacy.

10. Links to Third Party Websites
Within our website, email and communications, we may include links to third-party websites, including suppliers, partners, online card payment and other relevant organisations, that you may choose to visit. We cannot control or provide any assurance regarding the content or privacy protection within such websites and recommend you consult their own privacy policies.

11. International Transfer of Personal Data
We may transfer your personal data outside of the European Union (EU) to our non-EU based suppliers when processing your order or requiring communications about you to adequately provide a service.
We will never transfer your personal data to any third parties, inside or outside of the EU, specifically for marketing or commercial purposes.

12. Your Additional Rights
In addition to honouring your Right to be Informed, we will also diligently and promptly comply with your additional rights below.

12.1 Right to Access
We respect your right to understand and view the personal data we hold on you, including the lawful basis we are applying to justify its processing.
You can obtain access by submitting a Subject Access Request (SAR) in writing to our Data Protection Officer. Please select the link below for more details on how to make a SAR and a convenient form you may wish to use.
We will respond as soon as practically possible and, at the latest, within one month of receipt unless the request is deemed highly complex or we have received multiple requests from you. In such cases, we may request an extension from you for an additional two months. No fee will normally apply although we reserve the right to cover our administration costs with a reasonable fee if the request is considered unfairly repetitive, unfounded or excessive.

12.2 Right to Rectification
We encourage you to exercise your right to correct any incomplete or inaccurate information we hold on you by contacting us by email or post using the details in Section 1.
We will respond as soon as practically possible and, at the latest, within one month of receipt unless the request is deemed highly complex or we have received multiple requests from you. In such cases, we may request an extension from you for an additional two months. No fee will normally apply although we reserve the right to cover our administration costs with a reasonable fee if the request is considered unfairly repetitive, unfounded or excessive.

12.3 Right to Restrict Processing
You can request that we suspend the use of your personal data while we work with you to establish its accuracy, purpose and reason for processing. Please contact us using the details Section 1.
During the suspension period, apart from storage, we will not process your data further without your consent unless we are obliged to for legal or public interest reasons.
We will respond as soon as practically possible and, at the latest, within one month of receipt unless the request is deemed highly complex or we have received multiple requests from you. In such cases, we may request an extension from you for an additional two months. No fee will normally apply although we reserve the right to cover our administration costs with a reasonable fee if the request is considered unfairly repetitive, unfounded or excessive.

12.4 Right to Object
You can object to our processing of your data if our justification is based on Legitimate Interests, including direct marketing. Please contact us using the details Section 1 to raise and discuss your objection.
We respect that if you are objecting to direct marketing, we will cease the activity forthwith and update your personal data accordingly.
12.5 Right to Erasure (to be Forgotten)
We will always delete personal data that does not pass our periodic assessments in terms of lawful basis or accuracy.
However, you can explicitly ask us to delete your personal data by simply contacting us in writing using the details in Section 1.
We will agree to your request entirely unless by doing so we are compromising any contractual or legal obligations. If we agree, we will endeavour to permanently erase all personal data that we can reasonably locate and retrieve. As permitted, minimum details may be retained within a suppression file in order that we can keep a record of your wishes and avoid any resurrection of your data at a future time.
We will respond as soon as practically possible and, at the latest, within one month of receipt unless the request is deemed highly complex or we have received multiple requests from you. In such cases, we may request an extension from you for an additional two months. No fee will normally apply although we reserve the right to cover our administration costs with a reasonable fee if the request is considered unfairly repetitive, unfounded or excessive.

12.6 Right to Data Portability
You can ask us to move, copy or transfer any personal data you have specifically given to us if our processing is automated, based upon the lawful basis of Contract or Consent and does not include any third-party information that may prejudice the rights of other individuals. Please contact us using the details in Section 1.
If electronically stored, we will supply this data free of charge in a common, open format such as CSV.
We will respond as soon as practically possible and, at the latest, within one month of receipt unless the request is deemed highly complex or we have received multiple requests from you. In such cases, we may request an extension from you for an additional two months.

12.7 Right to Complain
If we are unable to comply with any of your requests discussed in Section 13, you have the right to complain or appeal to the appropriate authorities. Within the UK, you should make a complaint to the Information Commissioner’s Office (ICO). Details can be found at ico.org.uk/concerns

By continuing to use the site, you agree to the use of cookies. More Information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close