The scope of this Privacy Notice concerns all data subjects whose personal data is processed in line with the Data Protection Act 2018 and the General Data Protection Regulations (GDPR UK). Personal data relates to a living individual (data subjects) who can be identified from that data.
Onepoint Consulting Ltd is responsible as Data Controller for ensuring compliance with the General Data Protection Regulations and the Data Protection Act 2018.
3. Who we are
Onepoint is a boutique, values-driven, business-oriented technology consultancy.
Onepoint was established in 2005 in London to specialise in enterprise architecture consulting and open source solutions. Today we equip our clients to achieve transformational business outcomes powered by digital advances by applying world-class technology, data, and analytics expertise.
Onepoint is registered as a Data Controller with the Information Commissioner’s Office under registration reference:
Onepoint Consulting Ltd
Alpha House, Unit 14
100 Villiers Road
London NW2 5PJ
4. What is Personal data?
Under Data Protection Regulations, personal data can be defined as follows:
“Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
5. Why does Onepoint Consulting process personal data?
In order for us to provide you with information about business services such as Data Management, Digital Transformation, Big Data and Data Science, Data Strategy, Data Governance, Data Analytics, Workshops, we may process your personal data.
We are committed to ensuring that any personal information we collect and process is appropriate for these purposes, and does not constitute an invasion of your privacy.
Onepoint Consulting will process the personal information you provide in a manner compatible with the UK’s General Data Protection Regulations. We will not share your personal data with any third parties unless required by law.
6. Your rights as a data subject
Under data protection law, you have rights including:
Your right of access – You have the right to ask us for copies of your personal information.
Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing – You have the right to object to the processing of your personal information in certain circumstances.
Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at [email protected] if you wish to make a request.
7. Our legal basis for processing personal data
The lawful basis for processing personal data are set out in Article 6 of the GDPR. Onepoint Consulting’s legal basis can be one of the following:
(a) Consent: you, the data subject, has given clear consent for us to process your personal data for a specific purpose.
(b) Contract: the processing is necessary for a contract you have with Onepoint Consulting Ltd, or because you have asked us to take specific steps before entering into a contract.
(c) Legal obligation: the processing is necessary for us to comply with the law (this excludes contractual obligations).
(d) Vital interests: the processing is necessary to protect someone’s life.
(e) Public task: the processing is necessary for us to perform a task in the public interest or for our official functions, and the task or function has a clear basis in law.
(f) Legitimate interests: the processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.
8. Categories of Personal Data
We currently collect and process the following information: personal identifiers, contacts and characteristics: business contact details such as name, company, email and phone number.
In the event that you wish to make a complaint about how your personal data is being processed, please contact us by email [email protected]. All complaints will be treated in a confidential manner.
Should you feel unsatisfied with our handling of your data, or about any complaint that you have made to us about our handling of your data, you are entitled to escalate your complaint to the supervisory authority in the UK, which is the ICO (Information Commissioner’s Office), https://ico.org.uk/make-a-complaint/