Privacy Policy

Privacy policy last updated: 4 April 2023 (v1.2)

Armadillo Associates Ltd is committed to protecting the privacy and security of your personal information. This privacy policy details how we collect, use, store and disclose the data that you supply to us and your rights about data that we hold about you.

If you have any questions about this privacy policy or how we handle your personal information please contact us on privacypolicy@armadillocrm.com. 

THE INFORMATION WE MAY COLLECT FROM YOU

Personal information means any information about an individual from which that person can be identified.

The types of data collected depend on the nature of your relationship with Armadillo, such as an employee, a contractor or a visitor, and may include, but is not limited to:

  • Personal contact details such as name, title, addresses, telephone numbers, personal email addresses, date of birth, gender.
  • Next of kin and emergency contact information.
  • Bank account details, payroll records, travel logs and expenses and tax status information, salary, annual leave, pension and benefits information.
  • Location of employment or workplace.
  • Recruitment information (including copies of right to work documentation, passport, references and other information included in a CV or cover letter or as part of the application process).
  • Employment records (including job titles, work history, working hours, training records and professional memberships).
  • CCTV footage and other onsite information such as entry card records.
  • Information about your use of our IT systems including emails, messages or files you may send to us.
  • Photographs because you attended one of our events or an event we attended.

HOW WE USE YOUR PERSONAL INFORMATION

  • We use the data you submit to us in order to fulfil our business interests or to enable us to comply with legal obligations (provided your interests and fundamental rights do not override those interests).
  • This may include, but are not limited to: performing our role as an agency servicing our clients, performing our duties as an employer, managing office security, handling job applications or fulfilling our financial or contractual obligations.

OUR APPROACH TO DATA RETENTION

  • We only store and/or process personal data for the purpose for which it was collected, and will only store and/or process it for as long as it is necessary to do so, such as for business purposes (e.g. to contact you should you apply for a job) or for legal reasons (e.g. details of employees for HMRC). 
  • We follow the procedures outlined in our data retention policy and frequently review the data we hold. If data is no longer needed we will securely destroy the data.

DATA DISCLOSURE AND DATA SHARING

  • We may share your data with third parties, including third-party service providers (including contractors and designated agents); other entities in the group; in the context of a sale of the business; or with a regulator or to otherwise comply with the law; our insurers and/or professional advisers to manage legal disputes.
  • We do this where required by law; where it is necessary to administer the working relationship with you; or where we have another legitimate interest in doing so.
  • We require third parties to respect the security of your data and to treat it in accordance with the law.

TRANSFERS OF DATA OUTSIDE OF THE UK AND EU

  • Where possible Armadillo seeks to host and store all of its servers and services within the UK and EU. 
  • However, depending on the location and nature of third-parties we choose to work with and share your data with, we may transfer the personal information we collect about you outside of the UK and EU. 
  • This may include, but is not limited to, servers and services for emails, files, video or audio calls, messaging, HR, accounting, recruitment and marketing. 
  • If data is transferred outside of the UK and EU, we ensure that the host country is recognised by the EU as ‘adequate’ and that ‘appropriate safeguards’ required by GDPR are in place by entering into contractual agreements with the third party.

YOUR RIGHTS

This is a non-exhaustive summary of your rights in connection with personal information. For more information please visit the Information Commissioner’s Office’s (ICO) website. If any of the below conflicts with the guidance published by the ICO, we will defer to the guidance published by the ICO to resolve errata or complaints.

Please contact us on privacypolicy@armadillocrm.com to request any of the below, along with any other privacy rights protected by law.

Under certain circumstances, by law you have the right to:

  • Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it. 
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to the processing of your personal information at any time. You have an absolute right to object to the processing of your data for direct marketing, including any profiling of data related to direct marketing. You can also object to where we process data for a ‘public task’ (either for the performance of a task carried out in the public interest, or for the exercise of official authority vested in us) or for a ‘legitimate interest’, such as an employer. FRequest the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party.
  • Right to withdraw consent. In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time.

Please contact us on privacypolicy@armadillocrm.com to request any of the above, along with any other privacy rights protected by law.

QUESTIONS AND COMPLAINTS

If you have any questions about this privacy policy or how we handle your personal information, please contact us on privacypolicy@armadillocrm.com.

If you are not satisfied by our response you also have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection.

CHANGES TO THIS PRIVACY POLICY

We reserve the right to update this privacy policy at any time, and we will provide you with a new privacy policy when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.

Privacy policy last updated: 4 April 2023 (v1.2)