GDPR Privacy Statement
This statement also explains how we protect any personal data we obtain directly or passively from you or which we obtain indirectly from other sources.
We reserve the right to change our privacy statement from time to time. We therefore ask you to check it occasionally to ensure that you are aware of the most recent version.
We are committed to keeping your personal data safe and to ensuring the integrity and security of any personal data we may process.
You should read this privacy notice very carefully as it contains important information on the way in which we will process your personal data, in particular:
- The personal information we collect about you
- Our legal bases for processing your personal information
- What we do with your personal information
- Who your personal information may be shared with
- Your rights as a data subject under the Data Protection regulation (as per the Data Protection Act 2018).
Who are we?
BCM Public Relations Ltd (referred to as BCM), a company incorporated and registered in England with company number 7755020. BCM is the Controller of personal data relating to individuals within its client firms, for the purposes of relationship management, marketing and business development. BCM is also a Processor of data for the purposes of offering PR, marketing and communication services on behalf of its clients.
Personal information we collect or obtain about you
Information gained directly from you
We will collect personal data, such as your name, business address, business and mobile telephone number and business email address via: Meetings, telephone calls and conversations, from business cards, when registering for services, and when using our website.
We may also collect your personal work-related data, which is gained indirectly or passively, such as:
- Service data – personal data that are provided in the course of the use of our services
- Enquiry data – information contained in any enquiry you submit to us regarding our services
- Correspondence data – information contained in or relating to any communication that we have with you
- Third party data – publicly available sources such as social media sites where you have a publicly accessible profile, such as LinkedIn or your company website
This data may include:
- Job title
- Email address
- Phone Number
- Company Address
We protect the data obtained from third parties according to the practices described in this statement.
Cookies and similar technology
Cookies are small files which are sent to your web browser and stored on your computer’s hard drive.
This website uses ‘session cookies’ – temporary cookies that remain in your browser until you leave the website. These allow you to carry information across our site without having to re-enter it; it also enables us to analyse web traffic and improve our online services.
They can not be used to identify you. You may set your web browser to notify you of cookie placement requests or to decline cookies completely. You can delete the files that contain cookies; those files are stored as part of your internet browser.
Our legal basis for processing your personal data
We may rely on a number of legal bases for collecting and further processing your personal data, which are:
- Contractual Necessity
- Legal Obligation
- Legitimate Interest
We collect personal information about you when you request our services. We will ask you to provide some information about yourself for security, identification and verification purposes.
We will also collect personal data for the purposes of the performance of a contract with you, such as:
- Providing access and use of our services
- Administering accounts with us
- Communicating with you about our services
We may also process your personal information to allow us to comply with certain legal obligations to which we are subject. We will also work co-operatively with the national data protection authority, and the ICO, in relation to any data protection matters.
We may use your personal data for our legitimate business interests, whilst carefully considering and balancing any potential impact on you and your rights as a data subject under the relevant data protection regulation.
This may include processing your personal data to allow us to provide the best services and customer experience and to ensure our service remains relevant and tailored to your needs.
We will always ensure that our legitimate interests will never override your rights and freedoms under the data protection regulation.
As an example, we may rely on our legitimate interest to process your personal data for the following purposes:
- For Direct Marketing, relating to products and services that are compatible with the original purpose for which we originally gained the information
- To communicate with you, including newsletters and marketing materials
- To communicate important updates about our business or services, which we think may be of interest to you
- For evidential purposes to effectively manage and maintain records of our relationships/communications with you
- For business development related activity such as contacting you by telephone or email to arrange meetings with our experts in relation to work or knowledge sharing
- To enhance, modify, personalise or otherwise improve our services and communications for the benefit of you
- To better understand how you interact with our website and content in order to enhance your customer experience
- To process payments from or to you
- To comply with applicable law
In addition, we may use its legitimate interests to perform statistical and other analysis on the personal data we collect, to help us understand and improve on how people use our products or services.
We are required to gain your explicit consent prior to processing any sensitive information about you, or where we are processing your personal data for any other purpose, other than the original purpose for which it was gained.
Where we require such consent, we will provide you with sufficient information to allow you to make an informed decision. We will ensure that we only gain consent via a clear and affirmative act, freely given by you that indicates your consent to specific purposes.
Your communication preferences
We strive to provide you with relevant and useful information related to our products and services. You can update your communication preference at any time by emailing email@example.com.
How we use your personal data
We will only process your data where have a legal basis for doing so. We use data collected to communicate with you and to offer you our services. We may use your data to improve or maintain the services we offer to you. We will never share your data with any other third party, other than those stated in this policy, nor use your data for any other purpose, unless we firstly gain your explicit consent to do so.
We categorise the use of your personal information for in different ways, namely:
|Category of Personal Data
|Legal Basis for Processing
|Personally Identifiable Information
|This is personal information, such as name, address or email
|Enabling you to access and use our services
|We hold invoice information relating to clients and the company accounting information, nothing personal
Who we share your data with
We may disclose your personal data to third parties from time to time under the following circumstances:
- You request or authorise the disclosure of your personal data to a third party
- Your personal data is disclosed as permitted by applicable law for example, a court order
- Your personal data is provided to our agents who perform functions on our behalf. We require that our third-party service providers only use your personal data as necessary to provide requested services to us.
We do not sell your personal data or other information to any third-party.
Security and confidentiality
We are committed to transparency, ensuring that your privacy is protected and that your data is used and retained fairly, transparently and in accordance with the GDPR.
We will make sure that we have appropriate technical and organisational measures in place to keep your personal data secure and to protect against accidental or unlawful destruction, loss alteration, disclosure or access. We will provide a level of security appropriate to the risk presented by the nature of the processing we do. Your personal data will be held securely in our systems so that we can manage your relationship with us.
We will only keep your personal data for as long as necessary for the purposes for which it was gained. Personal data will be retained for the purposes of direct marketing, relationship management and business development, or where we have another legal basis for processing (such as consent).
We will review the personal data we hold in line with our retention policy, to check for accuracy and relevancy and to ensure that we continue to have a legal basis for processing. If the personal data is no longer necessary, or where we no longer have the legal basis for processing we will delete or fully anonymise the data we hold on you, in line with our Data Protection Policy. If your data becomes inaccurate, we will update it accordingly.
Parents and children
We do not knowingly collect personal information from children under the age of 13. Parents have the right to terminate the registration of a child under the age of 13 by contacting us using the information listed at the bottom of this policy.
Subject access/User rights
As a data subject, you have the following rights:
- The right to be informed about how we use your Personal Data.
- The right of access to your Personal Data and the right to have your data corrected or erased (which must be balanced with other rights and obligations).
- The right to restrict processing of your Personal Data.
- The right to not be subject to any decision based solely on automated processing of your Personal Data.
We will be more than happy to help should you have any complaints about the processing of your personal data. You have the right to lodge a complaint with the Supervisory Authority, ICO, who are the national authority responsible for the protection of personal data. A complaint can be made to the ICO via their website ico.org.uk.
If you have any queries or requests concerning your personal information or how we process it, please contact us at BCM Public Relations Ltd, 8 Saint James’s Square, London, SW1Y 5JU, United Kingdom, +44 (0) 2034 095090 or email firstname.lastname@example.org.