This policy covers
- What this is for
2. Who we are
3. Who this policy is for
4. Valuing your privacy
5. What information we collect from you
6. How we store information we collect
7. What we do with the information we collect
8. Sharing your information
9. What we do to keep your information private and secure
10. Changes to the policy
11. Access to information
12. How to complain
13. Responsibility for your information at Governance Publishing and Information Services Ltd
What this is for
We are very conscious of the need to ensure that data is managed in line with the General Data Protection Regulations (GDPR) and the Data Protection Act (1998). This policy (along with any other documents we refer to here) explains how we collect and process any personal data that you give us and how we look after it. The aim of this notice is to make it clear how we do that in simple language and aims to make a complex set of regulations practical and simple to understand.
You have the right to complain to the Information Commissioner’s Office (ICO) if you have a concern about how we process your personal data and you can do this via ICO Concerns.
Who we are
‘We’ or ‘us’ or ‘GPIS’ means Governance Publishing and Information Services Ltd, whose registered company address is 4 King’s Square, Bridgwater, Somerset, TA6 3YF. We are registered as a company in England & Wales, number 4004666. Our trading address is The Old Stables, Market Street, Highbridge, Somerset, TA9 3BP
If you need to contact us, please e-mail firstname.lastname@example.org or call 01278 793300.
By contacting us, using our services, or visiting our website (our “site”), you are accepting and consenting to the practices described in this policy unless you inform us otherwise and we agree in writing to a variation of the Policy.
Who this policy is for
This policy applies to both Service Users and Web Visitors except as otherwise stated for interpretation.
What do these mean?
‘Web visitors’ are anyone visiting our site, ‘Service Users’ can be any recipient of our services, and it doesn’t matter if they are directly provided by us or indirectly through a third party with whom we work. ‘Services’ just means any assistance we provide to you, including hosting, website development, technical support, management, advice, etc.
Valuing your privacy
We value your privacy as much as we do our own, so we’re committed to keeping your personal and business information safe. We don’t believe in capturing personal data for the sake of it, so we ask for only the bare minimum from our customers. We’ll never use your personal information for any reason other than why you gave it, and we’ll never share it with anyone else unless we’re required to by law.
What information we collect from you
- If you contact us through our website enquiry forms [or through live chat] or by email then we may collect your name, email address, phone number and maybe your company name as well as any other information you give us, such as your website project or background information.
- Should you sign up to receive an email newsletter from us then we will collect your email address and your name.
- If you do business with us then we’ll collect your business name, bank details (if you pay by direct debit) and your accounts email address(es). We’ll also keep records of invoices we raise and any contracts that you agree with us.
We collect the following information for Web Visitors and Service Users:
- technical information, including the Internet Protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- information about your visit, including the full Uniform Resource Locators (URL) you used, through and from our site (including date and time); pages you viewed page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
How we store the information we collect
When you contact us through our website then we process and store that information in our Customer Relationship Management (CRM) system. If you sign up to receive our email newsletter then your data is stored in Mailchimp. If you buy a product or service from us then your information is held in our accounting system, Quickbooks.
We use these systems because they have a good track record on security and we’ve made sure that they conform to the latest regulations.
Any information that you give us is stored on drives or on secure servers operated by a third party. Any passwords that you use are your responsibility and you are required to keep it confidential and to use a secure password. We also expect that you won’t share your passwords with anyone.
What we do with the information we collect
We may occasionally use your contact information to send you details of our products and services. You have the option to unsubscribe from these communications at any time and we will make sure that we won’t send them to you again. We might also email or phone you about our products and services, but if you tell us not to, we won’t get in touch again.
If you are a service user then we will use your information to send you contracts, invoices, statements, or reminders.
You may need to provide us with additional information which will help us provide services for you or to fix a problem you are having. If you do, then we will only use that information for the purpose for which you provide it and we won’t retain it for any other purpose.
Sharing your information
Where we store your personal information on our systems then it’s only accessible by the people who need to have access to it. As a rule, our senior management team will have access to everything you have provided but individual employees will only have access to what they need to undertake their work.
We don’t share personal information with third parties except for:
- Shared Service Users, where we may need to share your information with suppliers and sub-contractors so that we can fulfil any contract we enter into with them so we can provide a service for you. In those cases, they will be required to manage your data in accordance with the General Data Protection Regulations (GDPR) and the Data Protection Act (1998).
- Web visitors, where we may share information with analytics and search engine providers to help us improve our website and get a better understanding of how it’s used.
- Service users to provide our services
- If we sell the business or assets or we buy another business or assets then we may need to disclose or share your personal data with any prospective buyer or seller.
- If we are required by law to disclose or share your personal data.
Where we capture anonymous information through analytics then we may share that but we will always make sure that you can’t be identified as an individual from the data we disclose.
Unfortunately, the transmission of data and information through the internet is never completely secure. We will do our best to protect your personal data through encryption through Secure Sockets Layer certification (SSLs) but we can’t 100% guarantee the security of your data which is transmitted to our site, so any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
What we do to keep your information private and secure
Where we store your information in third-party services, we restrict access only to people who need it. We store passwords in LastPass, use a different, randomly generated password for each service, and never use the same password twice. Where practical, we also make use of 2 Factor Authentication (2FA) for access to your data.
Changes to the policy
If we change the contents of this policy, they will be posted on this page and those changes will become effective the moment we publish them on our website. Please check the date on this page to see when we last updated the policy.
Access to information
You have the right to request and be given any personal information that we hold about you. This right can be exercised in accordance with the Data Protection Act (1998) or any equivalent legislation. There’s no fee required for us to provide this information and you can request this by writing to us at the address below.
How to complain
We hope you’ll never feel the need to complain but if you do then we take complaints very seriously. If you have any complaints about the ways we handle your privacy then you can contact us by email at email@example.com or by phone on +44 (0) 1278 793300. If you prefer post then send it to
Governance Publishing and Information Services Ltd
The Old Stables
Responsibility for your information at Governance Publishing and Information Services Ltd
Lesley Stephenson, our Publisher, is responsible for the security of your personal information. You can contact her by email at Lesley@governance.co.uk or by phone on 01278 793300 if you have any concerns about the information we store.
Last updated: May 2019