In order to operate, Classic Architecture needs to gather, store and use certain forms of information about individuals.
These include employees, contractors, suppliers, business contacts, clients and other people that we have a relationship with or regularly need to contact.
This policy explains how this data is collected, stored and used in order to meet Classic Architecture’s data protection standards and comply with the law as set down by the GDPR.
Why is this policy important?
This policy ensures that Classic Architecture:
- Protects the rights of our employees, contractors, suppliers, and clients
- Complies with data protection law and follows good practice
- Protects the company from the risks of a data breach
Who and what does this policy apply to?
This applies to all those handling data on behalf of Classic Architecture:
- Contractors/3rd-party suppliers
It applies to all data that Classic Architecture holds relating to individuals, including:
- Email addresses
- Postal addresses
- Phone numbers
- Any other personal information held (e.g. financial)
Roles and responsibilities
Everyone who has access to data as part of Classic Architecture has a responsibility to ensure that they adhere to this policy.
Data Compliance Officer
The Data Compliance Officer for Classic Architecture is Chelsea Borchert. She is responsible for why data is collected and how it will be used. Any questions relating to the collection or use of data should be directed to the Data Compliance Officer. She can be contacted via [email protected]
Data protection principles
We fairly and lawfully process personal data. We will only collect data where lawful and where it is necessary for the legitimate purposes of the group.
- A client’s name and contact details will be collected initially in order to conduct business with them. Other data may also subsequently be collected in relation to their ongoing business relationship including payment information.
- The name and contact details of employees and contractors will be collected when they take up a position, and will be used to contact them regarding group administration related to their role. Further information, including personal financial information and criminal records Information may also be collected in specific circumstances where lawful and necessary e.g in order to process payment to the person.
- An individual’s name and contact details will be collected when they complete a form on our website. This will be used to contact them about their enquiry.
- An individual’s name, contact details and other details may be collected at any time, with their consent, in order for Classic Architecture to communicate with them about business activities, and/or for Direct Marketing. See ‘Direct Marketing’ below.
We only collect and use personal data for specified and lawful purposes
When collecting data, Classic Architecture will always explain to the subject why the data is required and what it will be used for, e.g.
Email address and telephone numbers – we need this so we can communicate with you.
We will never use data for any purpose other than that stated or that can be considered reasonably to be related to it. For example, we will never pass on personal data to third parties without the explicit consent of the subject.
We ensure any data collected is relevant and not excessive
Classic Architecture will not collect or store more data than the minimum information required for its intended purpose.
E.g. we need to collect email addresses from clients in order to be able to contact them, but data on their marital status or sexuality will not be collected, since it is unnecessary and excessive for the purposes of company administration.
We ensure data is accurate and up-to-date
Classic Architecture will ask staff and contractors to check and update their data on an annual basis.
Any individual will be able to update their data at any point by contacting the Data Controller.
We ensure data is not kept longer than necessary
Classic Architecture will keep data on individuals for no longer than 12 months after our involvement with the individual has stopped, unless there is a legal requirement to keep records.
We process data in accordance with individuals’ rights
The following requests can be made in writing to the Data Controller:
- Clients, staff and contractors can request to see any data stored about them. Any such request will be actioned within 14 days of the request being made.
- Clients, staff and contractors can request that any inaccurate data held on them is updated. Any such request will be actioned within 30 days of the request being received.
- Clients can request to stop receiving any marketing communications. Any such request will be actioned within 14 days of the request being made.
- Clients can object to any storage or use of their data that might cause them substantial distress of damage or any automated decisions made based on their data. Any such objection will be considered by the company management, and a decision communicated within 60 days of the request being made.
We keep personal data secure
Classic Architecture will ensure that data held by us is kept secure:
- Electronically-held data will be held within a password-protected and secure environment
- Passwords for electronic data files will be reset each time an individual with data access leaves their role/position
- Physically-held data will be stored securely
- Access to data will only be given to relevant employees/contractors where it is clearly necessary for the running of the group. The Data Controller will decide in what situations this is applicable and will keep a master list of who has access to data
- Classic Architecture will not transfer data to countries outside the European Economic Area (EEA), unless the country has adequate protection for the individual (e.g. USA)
Classic Architecture does not participate in Direct Marketing.
Cookies on the website
Cookies are small text files that are placed on your computer by websites that you visit. These pieces of information are used to make the website work or improve services for you through, for example
- enabling a service to recognise your device so you don’t have to give the same information several times during one task
- recognising that you may already have given a username and password so you don’t need to do it for every web page requested
- measuring how many people are using services, so they can be made easier to use and there’s enough capacity to ensure they are fast
We sometimes embed photos and video content from websites such as YouTube and Flickr. As a result, when you visit a page with content embedded from, for example, YouTube or Flickr, you may be presented with cookies from these websites. We do not control the dissemination of these cookies. You should check the relevant third party website for more information about these.
Can I control or delete cookies?
All recent versions of popular browsers (such as Internet Explorer, Google Chrome or Mozilla Firefox) allow you to control cookies. Typically, you can set your browser to accept or reject all, or certain cookies. You might, for example, be happy to accept a cookie that allows you to log in to a website, but prefer to reject any which are used to build a profile of your internet usage. You should also be able to set your browser to prompt you each time a cookie is offered.
Please be aware that restricting cookies may impact on the functionality of this website.
For more detailed instructions on how to control or delete cookies on different browsers, please visit www.aboutcookies.org
Third party cookies
We use several suppliers who also set cookies on our website in order to deliver the services they are providing. If you would like more information about the cookies used by these suppliers, as well as information on how to opt-out, please see their individual privacy policies listed below.
This is a web analytics service provided by Google. We use this service to measure how many people are using services, so they can be made easier to use and there’s enough capacity to ensure they are fast.