Privacy Policy

Privacy Statement

Governance Publishing and Information Services Ltd Privacy Policy

This policy covers

  1. What this is for
    2. Who we are
    3. Who this policy is for
    4. Valuing your privacy
    5. What information we collect from you
    6. How we store information we collect
    7. What we do with the information we collect
    8. Sharing your information
    9. What we do to keep your information private and secure
    10. Changes to the policy
    11. Access to information
    12. How to complain
    13. Responsibility for your information at Governance Publishing and Information Services Ltd

What this is for

We are very conscious of the need to ensure that data is managed in line with the General Data Protection Regulations (GDPR) and the Data Protection Act (1998). This policy (along with any other documents we refer to here) explains how we collect and process any personal data that you give us and how we look after it. The aim of this notice is to make it clear how we do that in simple language and aims to make a complex set of regulations practical and simple to understand.

You have the right to complain to the Information Commissioner’s Office (ICO) if you have a concern about how we process your personal data and you can do this via ICO Concerns.

Who we are

‘We’ or ‘us’ or ‘GPIS’ means Governance Publishing and Information Services Ltd, whose registered company address is 4 King’s Square, Bridgwater, Somerset, TA6 3YF. We are registered as a company in England & Wales, number 4004666. Our trading address is The Old Stables, Market Street, Highbridge, Somerset, TA9 3BP

If you need to contact us, please e-mail or call 01278 793300.

By contacting us, using our services, or visiting our website (our “site”), you are accepting and consenting to the practices described in this policy unless you inform us otherwise and we agree in writing to a variation of the Policy.

Who this policy is for

This policy applies to both Service Users and Web Visitors except as otherwise stated for interpretation.

What do these mean?

‘Web visitors’ are anyone visiting our site, ‘Service Users’ can be any recipient of our services, and it doesn’t matter if they are directly provided by us or indirectly through a third party with whom we work. ‘Services’ just means any assistance we provide to you, including hosting, website development, technical support, management, advice, etc.

Valuing your privacy

We value your privacy as much as we do our own, so we’re committed to keeping your personal and business information safe. We don’t believe in capturing personal data for the sake of it, so we ask for only the bare minimum from our customers. We’ll never use your personal information for any reason other than why you gave it, and we’ll never share it with anyone else unless we’re required to by law.

What information we collect from you

  • If you contact us through our website enquiry forms [or through live chat] or by email then we may collect your name, email address, phone number and maybe your company name as well as any other information you give us, such as your website project or background information.
  • Should you sign up to receive an email newsletter from us then we will collect your email address and your name.
  • If you do business with us then we’ll collect your business name, bank details (if you pay by direct debit) and your accounts email address(es). We’ll also keep records of invoices we raise and any contracts that you agree with us.
  • When you visit our website, we will ask you to accept our use of cookies to enable us to make the website work better and to collect information about how people use our website through the use of Google Analytics. Google Analytics has a comprehensive policy on data privacy and security. This gives us control over areas including customisable cookie settings, privacy controls, data sharing settings, data deletion on account termination. We will always act to minimise data collection, processing and storage. Google Analytics has set out best practice guidelines to avoid sending Personally Identifiable Information (PII) and we are satisfied that in following these we are minimising risks related to PII of people visiting our website being held by Google Analytics. Google Analytics has introduced data retention controls and this gives us control over how long user and event data for our website is held on Google Analytics’ servers for the reasonable requirements of our business. From May 2018 we have set the data retention at the minimum period of 26 months for our website data in Google Analytics.

We collect the following information for Web Visitors and Service Users:

  • technical information, including the Internet Protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
  • information about your visit, including the full Uniform Resource Locators (URL) you used, through and from our site (including date and time); pages you viewed page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.

How we store the information we collect

When you contact us through our website then we process and store that information in our Customer Relationship Management (CRM) system. If you sign up to receive our email newsletter then your data is stored in Mailchimp. If you buy a product or service from us then your information is held in our accounting system, Quickbooks.

We use these systems because they have a good track record on security and we’ve made sure that they conform to the latest regulations.

Any information that you give us is stored on drives or on secure servers operated by a third party. Any passwords that you use are your responsibility and you are required to keep it confidential and to use a secure password. We also expect that you won’t share your passwords with anyone.

What we do with the information we collect

We may occasionally use your contact information to send you details of our products and services. You have the option to unsubscribe from these communications at any time and we will make sure that we won’t send them to you again. We might also email or phone you about our products and services, but if you tell us not to, we won’t get in touch again.

If you are a service user then we will use your information to send you contracts, invoices, statements, or reminders.

You may need to provide us with additional information which will help us provide services for you or to fix a problem you are having. If you do, then we will only use that information for the purpose for which you provide it and we won’t retain it for any other purpose.

Sharing your information

Where we store your personal information on our systems then it’s only accessible by the people who need to have access to it. As a rule, our senior management team will have access to everything you have provided but individual employees will only have access to what they need to undertake their work.

We don’t share personal information with third parties except for:

  • Shared Service Users, where we may need to share your information with suppliers and sub-contractors so that we can fulfil any contract we enter into with them so we can provide a service for you. In those cases, they will be required to manage your data in accordance with the General Data Protection Regulations (GDPR) and the Data Protection Act (1998).
  • Web visitors, where we may share information with analytics and search engine providers to help us improve our website and get a better understanding of how it’s used.
  • Service users to provide our services
  • If we sell the business or assets or we buy another business or assets then we may need to disclose or share your personal data with any prospective buyer or seller.
  • If we are required by law to disclose or share your personal data.
  • If we need to enforce our terms of use or terms and conditions or for the purposes of fraud protection or to reduce credit risk

Where we capture anonymous information through analytics then we may share that but we will always make sure that you can’t be identified as an individual from the data we disclose.

Unfortunately, the transmission of data and information through the internet is never completely secure. We will do our best to protect your personal data through encryption through Secure Sockets Layer certification (SSLs) but we can’t 100% guarantee the security of your data which is transmitted to our site, so any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

What we do to keep your information private and secure

Where we store your information in third-party services, we restrict access only to people who need it. We store passwords in LastPass, use a different, randomly generated password for each service, and never use the same password twice. Where practical, we also make use of 2 Factor Authentication (2FA) for access to your data.

Changes to the policy

If we change the contents of this policy, they will be posted on this page and those changes will become effective the moment we publish them on our website. Please check the date on this page to see when we last updated the policy.

Access to information

You have the right to request and be given any personal information that we hold about you. This right can be exercised in accordance with the Data Protection Act (1998) or any equivalent legislation. There’s no fee required for us to provide this information and you can request this by writing to us at the address below.

How to complain

We hope you’ll never feel the need to complain but if you do then we take complaints very seriously. If you have any complaints about the ways we handle your privacy then you can contact us by email at or by phone on +44 (0) 1278 793300. If you prefer post then send it to

Lesley Stephenson

Governance Publishing and Information Services Ltd

The Old Stables

Market Street





Responsibility for your information at Governance Publishing and Information Services Ltd

Lesley Stephenson, our Publisher,  is responsible for the security of your personal information. You can contact her by email at or by phone on 01278 793300 if you have any concerns about the information we store.

Last updated: May 2019