PRIVACY AND COOKIES POLICY

This is the privacy notice for http://itsprettygreen.com/ (the “website”).

PrettyGreen is the “controller” of personal data which is collected from you when you visit and use this Website for the purposes of the General Data Protection Regulation (GDPR).

Our corporate information is as follows:

Registered company number:  06594155

Registered address: PrettyGreen, 1 Old Street Yard, London, EC1Y 8AF

Privacy is very important to us and therefore we have created this privacy notice to tell you what personal data we collect from you when you visit and use this Website or communicate with us, including how we use your data, how we share it with others and how you can manage it.

If you have any questions about this privacy notice, then we would be glad to answer them; our contact information is set out below:

Post – Pretty Green, 1 Old Street Yard, London, EC1Y 8AF

Email – hello@itsprettygreen.com

Tel – +44 (0)20 7490 3449

Please read this privacy notice before you start using our Website, as it will apply to your use of the Website. By using the Website, you confirm that you accept the terms of this privacy notice. You should also read this privacy notice if you have entered into communications with us, as it applies to any personal data that we collect from you during our communications.

This privacy notice should be read together with any other privacy notices which are brought to your attention on other pages of this Website which, when relevant, will apply to certain uses of the Website in addition to this privacy notice.

This privacy notice may change from time to time, so please periodically review this page to ensure that you are still content with its terms and to continue to share your personal data with us.

This version the privacy notice is live from 26/06/18

Our Website may contain links to other websites, but please note that such websites are our out of this control and are not covered by this privacy notice. Should you visit other websites, then the owners of such websites may collect and use your personal data, so you should familiarise yourself with any privacy policies which they publish which we cannot accept any liability for.

What is “personal data”?

Under the GDPR “personal data” is defined as:

“any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.

As a result, “personal data” includes, amongst many other things, your name, address, phone number, email address and any other information that could be used to identify you, either by itself, or together with other information. It can also include other less obvious identifiers, such as your IP address and cookie data.

What personal data of mine will PrettyGreen collect when I use this Website?

By using this Website:

• we may collect personal data that you provide to us by completing forms on this Website. These may include things such as your name (including title), address, phone number, date of birth, email address, job title and company details. The precise personal data that we collect from you will be clear to you as you complete the relevant form, as we will only collect the personal data that you submit to us and which will be specifically requested (i.e. you will be specifically invited to enter your name, email address etc.). In certain circumstances, certain data fields will be marked with an asterisk (i.e. *), which means that we require this personal data to be provided. To the extent that fields are not marked with an asterisk, then we do not require this personal data, but should you submit it to us then we will automatically collect it;
• we may collect personal data that may be included in CVs, covering letters or other materials sent to us via our email address on our Website;
• you will automatically download a ‘cookie’ (you can read more about “cookies” below); and
• we will automatically collect your IP address.

Why does PrettyGreen collect and use my personal data?

There are a number of ways that we may use your personal data. These are set out below:

Consent

On occasion, we may use your personal data because you have consented to us doing so, which will be in the context of:

1. providing certain material to you, such as a newsletter, white paper or report;
2. considering you for a permanent or temporary position with us.

Whenever you have provided consent, we will use your personal data only for the purpose that we specify to you when you provide consent.

In any event, you will always have the option of withdrawing your consent at any time. In order to do so, please contact us by post, email or telephone, as set out above, or, as relevant, follow the unsubscription instructions that are contained within our communication (for instance, an unsubscribe link). Please note that our actions are guided by your consent, so if, for instance, we are using your email address to send you a newsletter, if you withdraw your consent then you will no longer be able to receive this newsletter.

Legitimate Interest

We may use your personal data as set out below where have a legitimate
interest, which will be in the context of:

1. responding to correspondence that you send to us from time to time and fulfilling any requests that you make of us from time to time (including things such as general business enquiries or enforcing your rights (as set out below));
2. engaging with you in the course of our business, for instance, as an actual or potential client, supplier or partner, in the absence of a contractual relationship or obligation;
3. contacting you with relevant marketing information after we have provided a particular service or product to you, or you have attended one of our events. We will only ever contact you about our own products or service, or events that we are involved in;
4. contacting you from time to time for business development purposes if we have obtained your business contact details either personally, through our business network, from a public directory or because you have signed up to one of our mailing lists or downloaded one of our reports;
5. informing you of updates to our terms and conditions and policies;
6. contacting you about permanent or temporary positions with us where you have previously applied for a position; and
7. protecting ourselves, our Website and our IT systems against damage.

In any event, you always have the right to object against us using your personal data for legitimate interests. In order to do so, please contact us by post, email or telephone, as set out above.

Contractual performance

We may use your personal data in order to perform a contract with you, for instance, to provide services to you as a client or engage with you as a supplier.

Legal obligation

We may use your personal data in order to comply legal requirements that apply to us as a company (for instance, towards HM Revenue & Customs).

What about ‘cookies’?

Cookies are small files which are sent to your computer, smartphone or other device automatically from a web server whenever you visit a particular website. Our Website uses cookies, much like most others but, specifically, we use Google Analytics which, via cookies, helps us to analyse how visitors use our Website.

All devices can block or delete cookies, which can be done by activating certain settings on your browser, however exactly how you do this will depend on your device and what browser you use.

If you would like to read more information on cookies, including on how to block or delete them, then you can do so by visiting:

www.allaboutcookies.org

www.youronlinechoices.eu

www.google.co.uk/policies/technologies/cookies

Who do you share my personal data with?

We would never share your personal data with third parties for their own marketing or business purposes without your cosent, without it being required as part of a contractual obligation between us or without us being subject to a legal obligation to do so, however we use third party service providers in the course of our business for, amongst other things, web hosting, web security, web analytics, data storage, data back-up services, recruitment services and email services.

We take steps to ensure that any third parties service providers who handle your personal data comply with relevant data protection laws and protect your personal data and in any event, these third parties are limited in their ability to use your personal data for reasons other than providing services to us. Due to the nature of these services providers, which often operate in the ‘cloud’, your personal data may be used or stored outside of the EU. Whenever we transfer your personal data outside of the EU, it will only ever be to a country that has been deemed by the European Commission to provide an adequate level of data protection or, otherwise, using standard data protection clauses. Should you have any queries in relation to international transfers, please contact us by post, email or telephone, as set out above and we would be glad to confirm whether a transfer has been made on the basis of a European Commission decision or standard data protection clauses and, in the latter case, provide a copy of such clauses.

How long will you keep my personal data for?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.

In some circumstances you can ask us to delete your data.

How can I manage my personal data?

At any point while we are in possession of or using your personal data, you have the following rights:

1. Right of access – you have the right to request a copy of personal data that we hold about you;
2. Right of rectification – you have a right to correct the personal data that we hold about you that is inaccurate or incomplete;
3. Right to be forgotten – in certain circumstances, you can ask for the personal data that we hold about you to be erased from our records;
4. Right to restriction of processing – in certain circumstances, you have a right to restrict our use of your personal data;
5. Right of portability – in certain circumstances, you have the right to have the personal data we hold about you transferred to another organisation;
6. Right to object – you have the right to object to certain ways that we use your personal data, such as direct marketing; and
7. Right to object to automated processing, including profiling – you have the right not to be subject to a decision based solely on automated processing, including profiling.

Reasonable identification will be required from you if you exercise any of your rights above. In order to exercise any of your rights, please contact us by post, email or telephone, as set out above.

Please note that you have the right to lodge a complaint at any time about us and the manner in which we collect and use your personal data with any supervisory authority of the EU member state in which (a) you work, (b) you live or (c) an alleged infringement has taken place. The supervisory authority in the UK is the Information Commissioner’s Office, the contact details of which are set out below:

Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Telephone: 0303 123 1113

Email: casework@ico.org.uk