Privacy notice (GDPR compliant)
Coterie Marketing Ltd, also known as coterie, is aware of its obligations under the General Data Protection Regulation (GDPR) and is committed to processing your data securely and transparently. This privacy notice sets out, in line with GDPR, the types of data that we hold on you. It also sets out how we use that information, how long we keep it for and other relevant information about your data.
This notice applies to:
Data controller details
Coterie Marketing Ltd is a Data Controller, meaning that it determines the processes to be used when using your personal data. Our contact details are as follows:
5 Carrwood Park
Data protection principles
In relation to your personal data, we will:
process it fairly, lawfully and in a clear, transparent way
collect your data only for reasons that we find proper for the course of business
only use it in the way that we have told you about
ensure it is correct and up to date
keep your data for only as long as we need it
process it in a way that ensures it will not be used for anything that you are not aware of or have consented to (as appropriate), lost or destroyed
Types of data we process
We hold limited data about you, including;
your personal details including your name, job title, business and home addresses, business email address and contact phone numbers
your personal details including your name, job title, business address, business email and contact phone numbers
your personal details including your name, job title, business address, business email address and contact phone numbers
your email address
How we collect your data
We collect data about you usually;
when you express an interest in becoming a client, we ask you for your contact details
when we take you on as a client we collect your information for the purposes of contracts and initial set up/implementation from you directly
when we engage you as a supplier to carry out services for Coterie Marketing Ltd
when you sign up for our newsletter via our website www.coterie.global
Personal data is kept securely within;
Outlook email contacts
a secured access-controlled cloud drive (Huddle)
Mailchimp for distribution
Xero, our accounting software for invoicing
Why we process your data
Under GDPR, where we are the Data Controller we must have a lawful basis for processing all personal data. GDPR sets out the where processing of personal data can be undertaken legally;
As a current customer or supplier, the law on data protection allows us to process your data in order to perform the contract that we are party, in that;
we can communicate with you with regard the services
we can issue invoicing
we can send you information relating to our services, changes in our organisation and events as part of the contract services
Communicate with you as a Vendor in your supply and performance of services to us
As a prospective customer or website user, the law on data protection allows us to process your data for legitimate interests, in that;
We can communicate with you regard future contracts
We can issue the newsletter you registered for on our website
Sharing your data
Your data is not shared outside Coterie Marketing Ltd or its contracted Associates.
Contract Associates are employed by Coterie Marketing Ltd to deliver contract services to our clients.
Your data is only shared where it is necessary for them to undertake their duties. This includes;
Delivery of contract services
We do not share your data with bodies outside of the European Economic Area.
Protecting your data
We are aware of the requirement to ensure your data is protected against accidental loss or disclosure, destruction and abuse. We have implemented processes to guard against such.
Data is predominantly secured by password and access control
Data held is minimal and relates predominantly to contact information only and where possible limited to business information.
How long we keep your data for
In line with data protection principles, we only keep your data for as long as we need it for, which will be at least for the duration of your contract with us though in most cases we will keep your data for a period after the contract has ended to enable transition to be managed smoothly.
Coterie Marketing Ltd will retain your personal data where we have an ongoing legitimate need to do so, for example to engage in long term relationships with our customers and prospective customers.
Where there is no legitimate basis or there has been no engagement with you for a period of seven years, we will either delete or anonymise your personal data.
Your rights in relation to your data
The law on data protection gives you certain rights in relation to the data we hold on you. These are:
the right to be informed. This means that we must tell you how we use your data, and this is the purpose of this privacy notice.
the right of access. You have the right to access the data that we hold on you. To do so, you should make a subject access request.
the right for any inaccuracies to be corrected. If any data that we hold about you is incomplete or inaccurate, you are able to require us to correct it.
the right to have information deleted. If you would like us to stop processing your data, you have the right to ask us to delete it from our systems where you believe there is no reason for us to continue processing it.
the right to restrict the processing of the data. For example, if you believe the data we hold is incorrect, we will stop processing the data (whilst still holding it) until we have ensured that the data is correct.
the right to portability. You may transfer the data that we hold on you for your own purposes.
the right to object to the inclusion of any information. You have the right to object to the way we use your data where we are using it for our legitimate interests.
the right to regulate any automated decision-making and profiling of personal data. You have a right not to be subject to automated decision making in way that adversely affects your legal rights.
Where you have provided consent to our use of your data, you also have the unrestricted right to withdraw that consent at any time. Withdrawing your consent means that we will stop processing the data that you had previously given us consent to use. There will be no consequences for withdrawing your consent. However, in some cases, we may continue to use the data where so permitted by having a legitimate reason for doing so.
If you wish to exercise any of the rights explained above, please contact the Data Controller as detailed above.
Making a complaint
The supervisory authority in the UK for data protection matters is the Information Commissioner (ICO). If you think your data protection rights have been breached in any way by us, you are able to make a complaint to the ICO.
APPENDIX 1 – Website Privacy Notice
The DPA & GDPR May 2018
We and this website comply to the DPA (Data Protection Act 1998) and already comply to the GDPR (General Data Protection Regulation) which comes into effect from May 2018. We will update this policy accordingly after the completion of the UK’s exit from the European Union.
What are cookies?
Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors or use the cookie control system if available upon their first visit.
Website visitor tracking
This website uses tracking software to monitor its visitors to better understand how they use it. The software will save a cookie to your computer’s hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information.
Downloads & media files
Any downloadable documents, files or media made available on this website are provided to users at their own risk.
While all precautions have been undertaken to ensure only genuine downloads are available users are advised to verify their authenticity using third party anti-virus software or similar applications.
We accept no responsibility for third party downloads and downloads provided by external third-party websites and advise users to verify their authenticity using third party anti-virus software or similar applications.
Contact & communication with us
Users contacting us through this website do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use.
Where we have clearly stated and made you aware of the fact, and where you have given your express permission, we may use your details to send you products/services information through a mailing list system. This is done in accordance with the regulations named in ‘The policy’ above.
Email mailing list & marketing messages
We operate an email mailing list program, used to inform subscribers about products, services and/or news we supply/publish. Users can subscribe through an online automated process where they have given their explicit permission. Subscriber personal details are collected, processed, managed and stored in accordance with the regulations named in ‘The policy’ above. Subscribers can unsubscribe at any time through an automated online service, or if not available, other means as detailed in the footer of sent marketing messages (or unsubscribe from all our Mailchimp lists). The type and content of marketing messages subscribers receive, and if it may contain third party content, is clearly outlined at the point of subscription.
Email marketing messages may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data.
External website links & third parties
Although we only look to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text / banner / image links to other websites, similar to; LinkedIn, LinkedIn or www.LinkedIn.com.)
Shortened URL’s; URL shortening is a technique used on the web to shorten URL’s (Uniform Resource Locators) to something substantially shorter. This technique is especially used in social media and looks similar to this (example: http://bit.ly/zyVUBo). Users should take caution before clicking on shortened URL links and verify their authenticity before proceeding.
We cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should therefore note they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Social media policy & usage
We adopt a Social Media Policy to ensure our business and our staff conduct themselves accordingly online. While we may have official profiles on social media platforms users are advised to verify authenticity of such profiles before engaging with or sharing information with such profiles. We will never ask for user passwords or personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.
There may be instances where our website features social sharing buttons, which help share web content directly from web pages to the respective social media platforms. You use social sharing buttons at your own discretion and accept that doing so may publish content to your social media profile feed or page. You can find further information about some social media privacy and usage policies in the resources section below.
Resources & further information
• Overview of the GDPR – General Data Protection Regulation
• Data Protection Act 1998
• Privacy and Electronic Communications Regulations 2003
• The Guide to the PECR 2003