Our GDPR policy
Overview
The new General Data Protection Regulation (GDPR) came into effect on 25th May 2018 and is the biggest change in data protection laws in 20 years. The legislation is intended to put the data subject (you and I) in control of their data and give you greater visibility and control over how your data is accessed and by whom.
Vital Trace takes its responsibilities towards data protection extremely seriously and sees the GDPR as a positive step forward in the fight against online cyber crime.
Our pledge to you, the consumer, is that we will always strive to protect your rights as the data owner and put measures in place to protect the data you entrust us with.
So, what have we done?
Our people
Our people are our greatest asset, and they help us ensure data is protected in a variety of ways. But it all starts with training and awareness. Therefore, we ensure all our staff understand the importance of good security, within their roles and actions they need to take should they have any security concerns.
Our premises
We have invested heavily in physical security controls, so that we know what records we hold, where they are held and who has access to them. By conducting ‘data audits’, we know where our records are and have put in place significant physical controls to protect them. These controls are sometimes very visible (e.g. security officers, gates, alarms) and other times less so.
Our processes
We have analysed our processes against the backdrop of the GDPR to ensure we are only processing data we have a legal reason to do so. This means understanding where data comes from, why we need it and how it is managed, and helps us put in place protective measures to keep this information safe. These measures are sometimes technical, and sometimes operational, but our overriding concern is always to ensure data is protected.
Our systems
Of course, Vital Trace relies heavily on its systems and understands the importance of confidentiality and integrity, in relation to the technical infrastructure we use to support your business.
Our pledge
We will continue to invest in technical and organisational measures to protect the data you have shared with us. This is because we know that the protection of data has never been more important, and, in fact, we believe GDPR simply means Giving Data Proper Respect. Something which we have always done, and we commit to continuing into the future.
Our privacy policy
About this privacy policy
This privacy policy explains what information we may collect about you, how we may use it, and the steps we take to ensure it is kept secure. We also explain your rights in respect of your personal data. GDPR
Please note that our website and other digital platforms may contain links to third-party websites/digital platforms which are provided for your convenience. We are only responsible for the privacy practices and security of our own digital platforms. We recommend you check the privacy and security policies and procedures of each and every other website/digital platform you visit.
How to contact us about your personal data or this privacy policy
If you have any questions about this privacy policy and how your information is handled you should, in the first instance, contact info@vitaltrace.com or alternatively write to Vital Trace UK Ltd, Hallmark House, Downham Road, Ramsden Heath, Billericay, Essex, CM11 1PU, UK.
You also have the right to complain to the Supervisory Authority (The Information Commissioner’s Office at www.ico.org.uk) about our data processing activities.
About us
This privacy policy applies to any personal information which you give to us (“personal data”) via the Vital Trace website located at www.vitaltrace.com The Vital Trace group of companies (“we”, “us”, “Vital Trace”) takes the privacy of all its customers and website users (“you”) very seriously and takes care with customer and user personal data. This privacy policy explains what information we collect about you, how we propose to use it and what steps we take to ensure it is kept secure. By using this website and entering your personal data, you consent to us collecting and using your personal data in accordance with this privacy policy.
What information do we collect?
When using the site, you will encounter areas such as contact, registration and newsletter sign-up forms. In order to use these services, you may be asked to enter personal data including (but not limited to) your name, address, email address and telephone number.
How we use the information you provide
Any personal data relating to you that we collect will be used and recorded by us in accordance with current data protection legislation and this privacy policy. We will use your personal data mainly for record-keeping purposes and in order to provide our services and products to you. This may involve us sending you information about us, our affiliates and associated companies and organisations including but not limited to promotional and/or marketing material about our products, services and offerings.
We may also create an individual profile for you so that we can inform you of services, products, events or special information that may be of interest to you. We may use your personal data to analyse customer/user behaviour and characteristics in order to measure interest in, and use of, the various areas of the site with a view to improving and/or altering the site. We may provide only aggregated (and therefore anonymous) data to third parties for this purpose (if applicable). In order to assist us in processing your personal data, we may engage with third-party companies who provide us with services that can assist us in doing so. Where your data is processed in this manner, you will see additional data protection notices accordingly.
Categories of personal data include: Name, Organisation, Email, Contact Number and details of your enquiry.
Who we share your information with
For the purpose of providing our services to you we may share your personally identifiable information with:
GDPR
When you provide personally identifiable information to us, we use it solely for the purposes for which it was provided, in accordance with this notice. Our policy is not to share personally identifiable information with third parties, unless required by law, as required to perform our obligations to you or as necessary as described.
The personal information you provide to us will be retained only for as long as necessary to fulfil the purposes for which the information was collected or as required by law.
Your rights
Under the General Data Protection Regulations, you have a number of ‘rights’, to ensure that your personal information is being managed appropriately. For example, you have the right to prevent marketing information being sent direct to you. If you prefer not to receive marketing information from us (or any other organisation to which we may disclose your personal data), you can opt out of further marketing by writing to us by mail or email (see below contact details).
Specifically, you have the right:
As stated above, you have the right to object to your data being used for Direct Marketing purposes, and you can be removed from our marketing database at any time by clicking ‘unsubscribe’ at the bottom of our e-bulletins. Please note, however, that if you do opt out we (and/or they) will be unable to keep you informed of new services, products, events or special information that may interest you.
How long we hold this information
Once you have provided this information to us, we will look to make contact with you and your information will be retained indefinitely, until such time that you wish to ‘unsubscribe’ or request for your information to be erased.
Security measures
At Vital Trace, we take information security extremely seriously and have invested in both technical and physical security controls. Whist we will ensure that appropriate technical and organisational security measures are put in place to protect the personal data you provide, you should remember that concerns still exist in relation to the general security of the internet. By using this site, you accept that we cannot be held responsible in the event of a breach of security unless this is due to our negligence or wilful neglect.
International transfers
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for one of our suppliers. Such staff may be engaged in the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy and with data protection regulations. In such circumstances, Vital Trace may seek additional advice and guidance from the UK Supervisory Authority, the ICO. GDPR
Where to make a complaint
If you have a complaint regarding any aspect of your personal data or this privacy policy, please write to us using the information provided at the start of this privacy policy. If you are still not satisfied with the outcome of your complaint, you may write to the Information Commissioner’s Office at the following address:
Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF
You can also contact the Information Commissioner’s Office using their online form: https://ico.org.uk/global/contact-us/email/