Last Updated: 16th April 2019
Evalian (“we”, “our”) is an information assurance business. We provide consultancy and support services to other businesses to help them manage risk, meet their compliance obligations and improve their information security.
Your privacy is very important to us. Data protection is what we do for a living and we believe in the importance of protecting your privacy. We don’t do anything with your personal data that you wouldn’t expect, and we process it as we would expect others to process our personal data.
We keep the personal information we collect to a minimum and we protect it. You have rights you can exercise, explained below, and you can contact us to ask about the personal information we hold about you or to exercise your rights.
If we are making decisions about the purposes for which we process your personal information, and the means of doing so, we are acting as a data controller. In this case, the data controller is Evalian Limited. Our ICO registration reference number is ZA444797.
If we are processing your personal information on the instructions of one of our customers (such as your employer, for example), it is likely we are working with it as a data processor in line with a written contract. In this case, the data controller will be our customer and your personal data will be processed as set out in their privacy notice.
If you contact us using our website, by email or through social media, we collect the personal information you provide to us. This typically includes your name, job title, employer business address, business email and any additional information you include in your message.
We use the personal information you provide to us to respond to your enquiry. It is in our legitimate interests to communicate with you in response to your message.
We provide a newsletter to clients and other individuals who have signed up to receive it. We use your name and email address to send the newsletter. We send our newsletter to you with your consent.
You can withdraw your consent or object to us sending it to you at any time by unsubscribing using the link in the email or by contacting us using the details below.
Where we provide services to your organisation, we are likely to process your personal data for one of two purposes:
Firstly, we will collect and process your name, job title, employer business address and business email if you are a key contact for the service we provide. It is in our legitimate interests to collect and process personal information about individuals working at client organisations for the purpose of providing them with services, communicating about requirements, promoting our services and taking instructions.
Secondly, we will collect and process your name, job title, employer business address and business email if we need to communicate with you in relation to a service we are providing to your employer, such as where we are acting as a data protection officer or consultant. In this case we will be collecting your personal information as a data processor, and acting in accordance with written instructions issued by our client.
You can manage and delete cookies through your web browser settings, as set out in our Cookies Notice.
We share your personal data with our cloud service provider, Microsoft, whose Office 365 services we use for file storage and email. Our Microsoft hosting is located in the UK.
We may also share your personal information with our professional advisers including our lawyers and auditors where it is strictly necessary. It is possible that we may be required to share your data to comply with applicable laws or with valid legal processes, such as in response to a court order.
We retain your personal information for as long as it is reasonably necessary for the purpose of our relationship, for as long as we are legally obliged or until you object to us processing your data or withdraw your consent to us doing so.
You have the following rights in respect of your personal data:
If you wish to exercise your rights, please contact us at firstname.lastname@example.org
You can also lodge a complaint with the Information Commissioner’s Office. They can be contacted using the information provided at: https://ico.org.uk/concerns/
If you have any questions, or wish to exercise any of your rights, then you can write to:
6 Shedfield Grange Business Park
Alternatively, you can email us at email@example.com. You can also call us on 03330 500 111.
We may update this Privacy Notice from time to time in response to changes in applicable laws and regulations, to our processing practices and to services we offer. When changes are made, we will update the ‘Last Updated’ date at the top of this page. Please review this Privacy Notice periodically to check for updates.