Privacy Policy

Introduction

At Digital Six Ltd, we are committed to protecting the privacy and confidentiality of the personal data we collect and process. This Privacy Notice explains how we collect, use, store, and protect personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This document outlines the rights of individuals regarding their personal data and how we ensure the protection and proper management of such data throughout our operations.

Scope

This Privacy Notice applies to all individuals whose personal data is processed by Digital Six Ltd, including clients, prospective clients, website visitors, contractors, and employees. It covers all personal data processing activities, whether conducted online or offline.

Purpose

The purpose of this Privacy Notice is to:

  • Inform individuals about how their personal data is collected, processed, stored, and shared.
  • Ensure transparency in how personal data is handled in accordance with GDPR.
  • Describe the rights individuals have regarding their personal data.
  • Provide information on how to contact us regarding personal data concerns or requests.

Data We Collect

Digital Six Ltd may collect the following categories of personal data:

1. Contact Information:

  • Name, email address, phone number, postal address.

2. Professional Information:

  • Job title, company name, and business contact details.

3. Technical Information:

  • IP address, browser type, device information, operating system, and cookies collected from website usage.

4. Financial Information:

  • Payment information such as billing address and transaction details when you use our services.

5. Communications:

  • Any messages, emails, or inquiries sent through our communication platforms, including client support interactions.

6. Other Information:

  • Additional information you provide when interacting with us, such as feedback or preferences.

How We Use Personal Data

We use personal data for the following purposes:

1. Service Delivery:

  • To provide and manage the services requested by clients, including project management, billing, and customer support.

2. Communications:

  • To communicate with clients and potential clients regarding inquiries, support requests, and service updates.

3. Marketing:

  • To send promotional content, newsletters, or invitations to events (subject to your consent, where required). You can withdraw your consent to marketing communications at any time.

4. Technical Improvements:

  • To monitor website performance, improve user experience, and ensure our digital platforms are secure.

5. Compliance and Legal Obligations:

  • To comply with legal obligations, such as financial reporting, tax laws, and data protection regulations, including responding to legal requests from authorities.

6. Security:

  • To protect our systems and data from fraud, cyberattacks, and other security threats.

Legal Basis for Processing Personal Data

We process personal data based on the following legal grounds:

1. Performance of a Contract:

  • Processing is necessary to deliver the services requested by clients or to take steps at the request of the data subject before entering into a contract.

2. Legitimate Interests:

  • We may process personal data based on our legitimate interests, provided that these interests are not overridden by the data subject's rights. For example, using client information to improve our services or maintain security.

3. Consent:

  • Where necessary, we seek consent to process personal data for specific purposes, such as sending marketing communications.

4. Legal Obligation:

  • In some cases, we are legally required to process personal data, such as for tax and financial reporting.

Data Sharing and Disclosure

We do not share personal data with third parties unless it is necessary to provide our services, comply with legal obligations, or you have provided consent. Where data is shared, we ensure that appropriate safeguards are in place to protect your privacy. We may share personal data with:

1. Service Providers:

  • Third-party vendors that provide services such as payment processing, IT support, and marketing services. These vendors are required to comply with GDPR and our data protection standards.

2. Legal and Regulatory Authorities:

  • Where required by law, we may share personal data with government authorities or regulators.

3. Business Partners:

  • In cases where we collaborate with other organisations to provide services, data may be shared with trusted partners.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined in this Privacy Notice or to comply with legal obligations. Retention periods depend on the nature of the data and the purposes for which it was collected.

1. Client Data:

○ Contractual data will be retained for the duration of the client relationship and for a period of up to 6 years after the contract ends for legal or operational purposes. Upon contract termination, client data, including platform and website records, project documentation, and any data stored within our systems, will be retained for no longer than two months to facilitate transitions or client requests. After this period, data will be securely deleted or anonymised unless otherwise

required by law or contractual obligations.

2. Marketing Data:

  • Retained until you withdraw your consent or unsubscribe from our communications.

3. Support Records:

  • Retained while a client is under a support contract and for 2 years after the contract ends.

4. Financial Data:

  • Retained for 7 years to comply with financial and tax obligations.

Once the retention period has expired, personal data will be securely deleted or anonymised.

Data Security

We take appropriate technical and organisational measures to protect personal data from unauthorised access, disclosure, or alteration. These measures include:

1. Encryption:

  • All personal data classified as Confidential is encrypted at rest and in transit.

2. Access Controls:

  • Access to personal data is restricted to authorised personnel only.

3. Regular Security Audits:

  • We regularly review our systems and processes to ensure compliance with our data protection obligations.

4. Secure Disposal

  • All drives that have contained personal information will be securely deleted or destroyed to prevent recovery.

In some cases, your personal data may be transferred outside the European Economic Area (EEA). We will ensure that appropriate safeguards, such as Standard Contractual Clauses (SCCs), are in place to protect your data.

Your Rights

Under GDPR, individuals have the following rights regarding their personal data:

1. Right to Access:

  • You can request a copy of the personal data we hold about you.

2. Right to Rectification:

  • You can request that we correct any inaccurate or incomplete personal data.

3. Right to Erasure:

  • You can request that we delete your personal data, subject to certain legal limitations.

4. Right to Restriction of Processing:

  • You can request that we restrict the processing of your personal data in certain circumstances.

5. Right to Data Portability:

  • You can request that we provide your personal data in a structured, commonly used, and machine-readable format.

6. Right to Object:

  • You can object to the processing of your personal data in certain circumstances, such as for marketing purposes.

To exercise any of these rights, please contact our Data Protection Officer (DPO) using the contact information provided below.

Contact Us

If you have any questions about this Privacy Notice or wish to exercise your data protection rights, please contact our Data Protection Officer (DPO):

Data Protection Officer

Digital Six Ltd

14 Albany Street, Edinburgh, EH1 3QB

Email: info@digitalsix.co.uk

Phone:0131 668 0800

Data Breaches

In the event of a data breach involving personal data, we notify tje affected individuals and relevant authorities within 72 hours if required by GDPR.

Updates to this Privacy Notice

We may update this Privacy Notice from time to time to reflect changes in our data processing practices or legal requirements. Any changes will be posted on our website.

Last Updated: August 2024

Stay in the loop

Sign up to the Digital Six newsletter

Digital Six Ltd

14 Albany Street

Edinburgh

EH1 3QB


0131 668 0800

info@digitalsix.co.uk

© 2024 Digital Six®