Privacy Notice
April 2020

Introduction

We respect your privacy and understand that privacy is important to you and that you care about how information about you is used, so this privacy notice sets out details about what data we collect and how we use it.

Visitors to our website

Where we collect personal data via our website, we will be upfront about it and it will be obvious to you that you’re providing personal data and how we will be using it.

Google Analytics

When someone visits our website www.octima.co.uk we make use of the Google Analytics service to collect standard information about visitors to the sites and their behaviour (e.g. what pages they viewed). The data provided by Google Analytics is anonymised and in no way enables us to identify individual visitors, however, Google Analytics will place a cookie on your device to enable the service. For more information about how Google Analytics cookies work on websites visit: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage

Other Cookies, tracking pixels or similar tools

We only make use of cookies that are necessary for the functioning of our website or of any third-party embedded content (for example the Mailchimp signup form). We are not using any privacy intrusive cookies and do not track your individual behaviour.

Hosting

The website www.octima.co.uk is hosted at IONOS by 1&1. This provider has a number of security measures in place including DDos protection and SiteLock malware protection. Backups of up to six days of data are automatically stored.

Security

No customer data submitted via the site’s web forms or online chat is stored on our hosting platform and is submitted directly into the customer relationship management (CRM) system, Hubspot. As our site uses SSL (https) the data you submit using the contact form will be encrypted once your press the “Submit” button

People who receive our newsletters

Anyone may register to receive marketing communications from Octima via our web forms. By default, this consent is not assumed, and users must proactively consent to opt-in to these communications. Octima uses MPZMail Ltd to manage its marketing communications and an option to unsubscribe is included on every communication.

People who contact us via email

Octima uses the G-Suite of products, including Gmail and Google Calendars. Emails sent to any email address on the Octima domain are accessible to the intended recipient and the company director only and are processed and stored according to the data protection policy of the third-party provider. This also includes spam filtering and flagging inappropriate content.

People who are our customers

Octima may collect personal data from its customers for the purposes of carrying out legitimate business activities. This is covered by a Data Processing Agreement for each customer.

People who are suppliers

Octima may collect personal data from its suppliers for the purposes of carrying out legitimate business activities.

Our use of social media

We run a number of social media channels, but do not collect or process any information outside of those channels.

Employee data

Octima may collect personal data from its employees in order to manage their employment with the business. This may include full name, address, email, phone number, national insurance number and any other information relevant to their employment. These are stored within the company’s accounting software and accessed only by the company director and an authorised external accountant. Octima will also collect a record of employee bank account details in order to process payroll. This is only stored in the Natwest online banking portal for the business and is only accessible to the company director.

Retention

Unless stated elsewhere in this document or in our terms of services we only store the data necessary to provide the services we provide to you. We will keep this data for as long as it is lawful for us to do so (this may be for as long as you are a customer or because of a legal obligation to retain the information, whichever is the longest).

Third party processors

We use a number of third-party cloud-based services for the purposes of effectively running our business and providing our services to you. We also use a number of third-party organisations, e.g. accountants, HR support, etc.

In all cases where we are using a third-party service or company, we will only provide the minimal amount of information for the purposes of delivering the service to us and to meet our requirements.

We always carry out due diligence against all our third-party suppliers for the purposes of ensuring their compliance with data protection, maintaining adequate security of your data and ensuring they apply adequate data protection principles to the processing of the data we supply.

Your rights

Under current data protection legislation in the UK, you have rights as an individual which you can exercise in relation to the data we store and process about you. You can find more information about your rights on the Information Commissioner’s website: https://ico.org.uk/for-the-public/

Complaints

If you want to make a compliant about the way we are processing your data, you can contact us, using the contact details below. You also have the right to complain to the Information Commissioner’s Office: https://ico.org.uk/concerns/

How to withdraw consent and object to processing

Where we are processing your data and needed to ask your permission to do so, you are able to withdraw your consent at any time. If you wish to stop receiving our marketing emails you can do so, by clicking on the “unsubscribe” link at the bottom of the email. Otherwise, you can contact us, using the contact details below.

If you wish to raise concerns about the way we are processing your data or would like to raise an objection, then please email us via sarah@octima.co.uk with your concerns.

Keeping your data up to date

It is important that any of your data that we process is kept up to date. We will from time to time ask you to verify your contact details but if you wish to update any information that we hold about you, please contact us using the contact details below.

Erasure of your data (the “right to be forgotten”)

Under some circumstances you may request us to delete your data from our systems. Where this is possible (e.g. we don’t have any legal purpose for continuing to process your data) we will erase it from our systems.

If you wish to exercise your right to be forgotten, please contact us via the contact details below.

Portability

Your right to portability allows you to request a machine-readable format of the data you supplied to us and associated service logs (where we store them). Please contact us, using the contact details below, if you wish to receive a CSV export of your data.

Access to your data

You have the right to ask us about what data we hold about you, how we process it and provide you with a copy of the information, free of charge and within one month of your request.

To make a request for any personal information we hold and process about you, we would prefer it if you could put it in writing or in an email to the addresses below. We will need to verify your identity before providing the information and where necessary may contact you further to ensure we understand what data you are requesting.

Disclosure of information

We do not share any personal data with any third parties unless it is lawful for us to do so, if required by law to do so or if you provide us with permission to do so.

More information

For more information about your data rights and privacy or data protection in general visit the Information Commissioner’s Office website: https://ico.org.uk

How to contact us

If you have any questions about how we collect and use your information not covered in this privacy notice, or if you wish to speak to someone about our approach to data protection and privacy, please contact:

Sarah Phillips
Octima Marketing Limited
Bayside Business Park
1 Sovereign Business Centre
Poole, Dorset, BH15 3TB
+44 1202 022 108
sarah@octima.co.uk

Changes to our privacy notice

We may change or update elements of this privacy notice from time to time or as required by law. The most current version of our privacy notice is available on our website at www.octima.co.uk/privacy