Submission of your information, requested, from our website is held on our secure platform. This is protected by all methods necessary. Only the required personnel have access to this information. Your information will only be used for the stated intended purpose and will not be shared outside of Spot2Spot without your express consent. Your consent to share your information will be sought at the time of you submitting your data.
Spot2Spot collect information from various sources for marketing purposes. This information can be from social media forums, industry forums to name but a few. We retain this information for a period of no more than 18 months, or the duration of the marketing campaign only.
Spot2Spot are aware that sometimes information with regards to suppliers is personal in nature. This information is protected to the full extent as any other information within our environment. This information is not shared unless express permission is granted by the individual.
Job applicants and our current and former employees.
When Spot2Spot receive job applications we hold these in a secure manner. The application forms are deleted or, in the instance of hard copies, shredded after the selection period is completed. This information is not shared outside our organisation and is only shared internally with designated personnel. Where information of an applicant is to be retained for future use only the contact information will be retained. Consent from the applicant will be sought prior to the retention of any personal contact information.
All personal information held by Spot2Spot on current employees is managed and maintained in a secure manner, the same as any other information we hold. All employees have the right to view the data we hold on them at any time. A formal request is required to be made for this information through their line manager.
Former employees
All personal information held by Spot2Spot on former employees is managed and maintained in a secure manner, the same as any other information we hold. Should a former employee wish to view the data that we hold on them the steps for requesting information (detailed above) are followed. Information held on personnel is retained for a period no longer than 3 years after the cessation of employment, in line with current UK legislation. After this period of time, all information on the former employee is deleted. If requested, a confirmation of this will be communicated to the person.
Spot2Spot report all major data breaches, of data we have control over and are responsible for, to the Information Commissioners Office, our customers and/or suppliers. All potential data breaches are fully investigated as per our Information Security Incident Policy.
When a data breach is detected, and the severity ascertained, this will be reported to the ICO within 72 hours.
Security and Protection
Spot2Spot take the security of all information seriously, we hold certification to the following scheme: –
ISO27001:2013 Information Security Standard
As such, our management system is audited and verified on an annual basis.
Data Protection Officer
Spot2Spot has designated the Systems and Process Manager as their Data Protection Officer (DPO). To contact the DPO please email: gdpr@spot2spot.co.uk
When someone visits our website, we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way that does not identify anyone. We do not make, nor allow Google to make any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be upfront about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. The table below explains the cookies we use and why.
How do I change my cookie settings?
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.
To opt-out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.
We are planning to enhance our cookie tool to allow users to more easily change their cookie settings after their initial choice.
Spot2Spot do not share any information of a personal nature outside our organisation. All information is utilised for internal operations and commercial purposes only. The exception to this criteria is the sharing of information with UK authorities for investigatory purposes as per current legislation on finance and personnel.
Spot2Spot may share information with the following external organisations for commercial purposes: –
HMRC
External solicitors for legal purposes
External Accountant for auditing purposes and payroll
Employee Engagement Solutions
Customers
Spot2Spot processes information provided by our clients for operational purposes only.
Information is shared with organisations in the UK only.
The exception to this criteria is the sharing of information with UK authorities for investigatory purposes as per current legislation on finance and personnel.
Should you wish to make a complaint our complaints process is available upon request. All information received during the course of a complaint is handled with the same level of security protection on the need for privacy as any other information we collect.
Information is required for commercial purposes for providing our services to our customers.
Spot2Spot use the information provided by yourself to provide our services and products to our customers. This data is only used for its intended and stated purpose. This includes financial information for the production of invoices and receiving of payments for services provided.
In order to protect your information, we have in place the following methods of protection: –
Monitored Firewall protection
Malware protection on all platforms
Encryption on data at rest and at point of use
Ongoing backups
Auditing for data integrity on an ongoing basis
Information Backups
Spot2Spot has a backup policy in place. We retain backups for a maximum of six months. Upon receiving a request to remove data of a personal nature, this will be completed by removing all references and data from the production environment. The full deletion of this data will be achieved after the retention period stated above has been reached. Were data backups are indefinitely retained then we have a methodology in place to remove data from the backup medium.
We will respond to requests for the information we hold on you within the required 30-day period. Initial requests will not be charged. However, should more than 2 requests be made within a 3-month period of time, subsequent requests will be charged at £10 per request.
All information will be provided in the format of a PDF document.