The scope of this Privacy Notice concerns all data subjects whose personal data is processed in line with the General Data Protection Regulations (GDPR) which came into effect on 25 May 2018, replacing the Data Protection Act 1998.
Onepoint Consulting Ltd is responsible as Data Controller for ensuring compliance with the General Data Protection Regulations. This Privacy Notice is made available to data subjects prior to processing any personal data.
3. Who we are
Onepoint Consulting Ltd is registered as a Data Controller with the Information Commissioner’s Office under registration reference: ZA188351
Onepoint Consulting Ltd
Onepoint Consulting Ltd was established in 2005 to help companies’ transition into the digital world by enabling them to transform their digital infrastructures and assist them as they adapt for a world run on big data, ensure the integrity of their data pipelines and sources, and assure the reliability of the data they use.
Onepoint Consulting offers the following services: Data Management, Digital Transformation, Big Data and Data Science, Data Strategy, Data Governance, Data Analytics, Workshops.
4. What is Personal data?
Under the EU’s General Data Protection Regulation (GDPR) the European Commission has defined personal data as follows:
“Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
5. Why does Onepoint Consulting process personal data?
In order for us to provide you with information about business services such as Data Management, Digital Transformation, Big Data and Data Science, Data Strategy, Data Governance, Data Analytics, Workshops, we may process your personal data.
We are committed to ensuring that any personal information we collect and process is appropriate for these purposes, and does not constitute an invasion of your privacy.
Onepoint Consulting will process the personal information you provide in a manner compatible with the EU’s General Data Protection Regulations (GDPR).
6. Your rights as a data subject
Under the GDPR, data subjects have the following rights:
- Right to object: you have the right to object to processing of personal data for purposes such as direct marketing, automated processing including profiling
- Right of portability: you have the right to have the data we hold about you transferred to another organisation
- Right of access: you have the right to request a copy of the information that we hold about you by contacting us by email email@example.com. Before releasing the data in line with GDPR, Onepoint Consulting may require Identity verification.
- Right to be forgotten: you have the right to request deleting your data from our records
- Right of rectification: you have a right to request correcting any inaccurate or incomplete data that we hold about you
- Right to restriction of processing: you have a right to request restricting the processing
7. Our legal basis for processing personal data
The lawful basis for processing personal data are set out in Article 6 of the GDPR. Onepoint Consulting’s legal basis can be one of the following:
(a) Consent: you, the data subject, has given clear consent for us to process your personal data for a specific purpose.
(b) Contract: the processing is necessary for a contract you have with Onepoint Consulting Ltd, or because you have asked us to take specific steps before entering into a contract.
(c) Legal obligation: the processing is necessary for us to comply with the law (this excludes contractual obligations).
(d) Vital interests: the processing is necessary to protect someone’s life.
(e) Public task: the processing is necessary for us to perform a task in the public interest or for our official functions, and the task or function has a clear basis in law.
(f) Legitimate interests: the processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.
8. Retention period
Onepoint Consulting will endeavour to keep your personal information confidential, accurate and up to date. Personal information will only be kept as long as strictly needed, in line with legal requirements and with the General Data Protection Regulations.
9. Categories of Data
The following categories of data are processed: Name, Company, Email and phone number.
In the event that you wish to make a complaint about how your personal data is being processed, please contact us by email firstname.lastname@example.org. All complaints will be treated in a confidential manner.
Should you feel unsatisfied with our handling of your data, or about any complaint that you have made to us about our handling of your data, you are entitled to escalate your complaint to the supervisory authority in the UK, which is the ICO (Information Commissioner’s Office), https://ico.org.uk/make-a-complaint/