1. Website Details
Our website address is https://www.agilestrategy.co.uk
This website is served by Leading Change Limited of 53, Davies Street, London, W1K 5JH, United Kingdom and Art of Action Limited of York House, 1 Seagrave Road, London, SW6 1RP, United Kingdom for the purposes of marketing Agile Strategy to clients, practitioners and website users. In this policy statement, we refer to Leading Change Limited and Art of Action Limited as ‘AS’.
This policy explains what personal data AS collects from you through your interactions with us and how we use that data. This policy applies to all AS’s interactions with you and any products, services or solutions offered by AS to customers or practitioners.
This policy explains how we comply with current regulations including the GDPR (General Data Protection Regulation). Its intent is to explain areas of this website that may affect your privacy, how we process, collect, manage and store your personal details and how we adhere to your rights.
4. Compliance with the GDPR
We and this website comply with the DPA (Data Protection Act 1998) and the GDPR (General Data Protection Regulation) which came into effect from May 2018. We will update this policy the UK completes exit from the European Union. Until further UK regulations are applicable we intend to maintain compliance with GDPR. Under GDPR you have rights relating to any personal data that is being stored by us, these are:
- The right of access;
- The right to rectification;
- The right to erasure (also known as the ‘right to be forgotten’);
- The right to restrict processing;
- The right to data portability;
- The right to object;
- Rights with respect to automated decision-making and profiling.
If you’d like to know more about how we apply these rights please request our Data Protection Policy. If you’d like to exercise any of your rights please contact us at firstname.lastname@example.org
5. What personal data do we collect?
When you interact with us, for example by making an enquiry by our website contact form, by email or telephone, or registering to receive our email newsletters, we collect the personal data you submit, such as your name, address, email address and telephone number. We may also collect information from you provided freely by you on business social networks such as LinkedIn. We will use personal data provided by you for the administration and delivery of our business services in which you expressed an interest by joining our professional network.
6. How we use your personal data
We collect and store data provided freely by you for the sole purpose of enabling delivery of our business services to you and we use selected third-party partners to assist us to deliver these business services. The personal information you submit freely through our contact forms will be used to answer your specific enquiry, administer your account and to provide products or services you have requested from us. If you register for our email newsletters or have agreed to receive marketing information from us in another way which complies with GDPR consent rules, you will receive occasional emails to let you know about hints, tips, news, updates and offers.
Other information we collect is used to enable the delivery of our business services, which includes the use of third-party partners. We may also send out information by email if it complies with legitimate interest rules. Whereby we send information to clients who have not opted in to receive email marketing, but who need to be kept up to date with important news about products and services they have with us.
7. How we store your personal data
For our business purposes, we hold your records on desktop and cloud-based services including Microsoft Office 365 and its productivity applications (Outlook 2016 and Excel 2016). We use Trello for collaborative working with our third-party marketing partners. Data for other services, such as email marketing, are hosted by our 3rd party partners.
8. What processes do we have to keep your data secure?
We take the security and privacy of our clients’ data very seriously and can confirm that our internal processes are GDPR compliant, including:
- Mobile devices including, but not limited to telephones, tablets and laptops are at a minimum password protected and where available have biometric access control;
- We never share any personal data with third parties other than the minimum data required to deliver our services to you via our partners;
- We ensure devices are password protected with strong passwords and limit access to only those personnel who need access;
- This website and all personal data transferred between us and any of our partners’ uses the standard security technology for establishing an encrypted link.
9. Third-Party Partners
We use third-party partners to support us with marketing services, who are all committed to GDPR compliance. For enterprise email, we use Office 365 and for Client Relationship Management (CRM), including email marketing services (EMS), we use market-leading applications on a subscription basis. Our EMS will only use third party suppliers that comply with all relevant data protection requirements.
This website uses use Google Analytics tracking software to monitor visitors and improve the user experience while visiting the website. Cookies are small files saved to your (the user’s) computer hard drive that collect anonymised data to track, save and store information about your interactions with and usage of our website, as well as your computer’s IP address if available. Whilst cookies will improve your user experience of our site, you can disable cookies on this site and on others. The most effective way to do this is via the security settings in your web browser or use the cookie control system on stalled on this site, allowing the user to give explicit permission or to deny the use or saving of cookies on their computer/device.
11. External Links
This website contains no sponsored (paid) links or third-party adverts. We do operate a referral programme with trusted partners that offer high quality, safe, relevant complementary services and we may publish external links to their websites or material in our web content from time to time. Clicking on any such links will send you to the partner’s website. Our chosen partners may have detailed security policies of their own but we cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should therefore note they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links published on this website.
12. Downloads & Media Files
This website makes downloadable documents, files and media available to users and this content is provided to you (the users) at your own risk. While all precautions have been undertaken to ensure only genuine downloads are available and in every case have been loaded onto this website by AS, users are advised to verify the authenticity of anything they download using third party anti-virus software or similar applications. We accept no responsibility for third party downloads and downloads provided by external websites and advise users to verify their authenticity using third party anti-virus software or similar applications.
13. Contact with AS
Users contacting AS through this website do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use. We will only ever request that you share basic contact information (first name, last name, company, email address and telephone number). By providing this information you have given your express permission for AS to send you newsletters, case studies, articles and product or services information through our email marketing programme. This is done in accordance with the regulations governing this policy.
10. Email & Marketing Lists
We operate an automated email marketing service. This programme is used to inform subscribers about products, services and/or news we supply/publish. Users can subscribe through an online automated process where they have given explicit permission or where we have a legitimate interest. Subscriber personal details are collected, processed, managed and stored to enable marketing automation in accordance with the regulations governing this policy. Email marketing messages may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data. You can unsubscribe at any time through an automated online service, or if not available, other means as detailed in the footer of email marketing messages.
11. Social Media Policy & Usage
We adopt a Social Media Policy to ensure our business and our staff conduct themselves accordingly online. While we may have official profiles on social media platforms users are advised to verify the authenticity of such profiles before engaging with, or sharing information with such profiles. We will never ask for user passwords or personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.
Our website features social sharing buttons, which help share web content directly from web pages to the respective social media platforms. You use social sharing buttons at your own discretion and accept that doing so may publish content to your social media profile feed or page. You can find further information about some social media privacy and usage policies in the resources section below.
12. Changes to this privacy statement
We may change this statement at any time by posting revisions on our site. Each time you enter this site, you agree that the privacy statement current at that time shall apply to all data which we hold about you.
By using our site, you consent to our use of your personal data in the manner set out in this privacy statement.
14. Resources & Further Information
Overview of the GDPR – General Data Protection Regulation
The Data Protection Act (DPA 1998)
Privacy and Electronic Communications (EC Directive) Regulations (PECR 2003)
ICO Guide to Privacy and Electronic Communications Regulations