Privacy Policy
Arcus is a company registered in England & Wales. Company Registeration No: OC304735 Registered Office: 3rd Floor, Dalton House, Dane Road, Sale, M33 7AR.
How and on what basis do we collect, hold, use and/or process personal information?
We will only collect, hold, use and/or process (together “process”) your personal information where we are legally allowed to do so.
We will ensure that your personal information is:
- processed lawfully, fairly and transparently
- collected for specific, explicit and legitimate purposes
- adequate, relevant and limited to what is necessary for the purpose of the processing
- kept accurate and up to date
- only kept for as long as is necessary
- processed securely using appropriate technical and organisational measures to ensure integrity and confidentiality
For us, the lawful basis which we rely on will fall into one of the following:
Consent: where we rely solely on your consent to process your personal information. There may be circumstances where we need to, or are required to obtain and/or rely upon your consent to process your personal information. If this is the case we will give you:
- the reason for needing your consent, including details as to how we will process your information
- the choice as to whether to provide consent
- information to enable you to withdraw your consent
Contractual performance: where we process your personal information for contractual performance. This includes enabling us to take steps you request prior to entering into a contract; and then once we have entered into a contract, to enable us and our third parties to perform the contract and to provide you with the products and services. We will process your personal information in accordance with the contract.
Legitimate interests: where we process your personal information for our legitimate interests. We are a commercial organisation engaged in the provision of project and programme management systems and associated services. We have an interest in promoting, marketing, selling and supporting products and our services. Where we process your personal information for our interests we will do so only where we have carefully considered both our and your interests. We will not process your personal information if our interests are overridden by your interests or fundamental rights and freedoms.
Why do we process personal information and how do we process it?
We process your personal information for a number of reasons. Primarily this will be to enable you to use our services, our training, or to send you, or allow you to access, our marketing material. We only process your personal information in accordance with the law, including the EU General Data Protection Regulation, as set out in this privacy notice.
Further information on these is set out below:
Example | Lawful Basis for processing |
---|---|
You are a customer | We will have entered into a contract with you in order to provide you with services, content or training |
You use our website | To help inform you of our services, recent case studies, news items and legislation. Where we process your information, we will do so with your consent |
You attend one of our events | To provide you details of the event. Where we process your information, we will do so with your consent. |
You visit our office | The legitimate interests for processing information when you visit our offices is to ensure our and your security and safety during the visit |
You contact us | The legitimate interests for processing information you provide us when you contact us on a specific enquiry is to enable us to address your query |
If you are a supplier | We will have entered into a contract with you in order for you to supply us with products or services |
How do we process personal information? Example | Where is the personal information captured |
---|---|
Where you are a customer | In pre-contract discussion and correspondence; in contractual documents; when registering, using or receiving our services; where we provide you with support and assistance in the use of services |
If you use our website | Via specific forms on our website, e.g. when you download case studies or other such documentation; via cookies or our website analytics tools |
When you attend one of our events | Typically, via a website provided by us or by a company working on our behalf to organise the event |
What personal information do we process?
Depending on the circumstances for processing, we will process the following personal information:
Title/salutation; name; address; country or location; employer; e-mail addresses; telephone numbers.
We may also process other personal information about you when needed to provide services or other information that you requested. We will make you aware of what personal information we are processing at the time of when we obtain it.
We do not process any sensitive personal information about you. You should not provide us with any sensitive personal information. Any sensitive personal information provided to us will be deleted.
Who do we share your personal data with?
We will never sell your information to a third party.
We will only share your information with a third party or transfer your data outside of the UK / EU if we need to. Where we do this we will comply with all of our legal obligations and we ensure that there are adequate protections in place to protect your information.
If we need your consent we will:
- explain why we need to share your personal information
- explain the purpose for which we will be sharing it
- provide you with details of the third party
- obtain your explicit consent for such.
You will be able to easily withdraw your consent in the same way in which you gave it.
Organisations with whom we may share your personal information with include:
- Those acting on our behalf for conferences, events or webinars, for the purpose of providing the facilities, to enable the conference, event or webinar to take place, and where applicable to ensure your safety.
- Venues used to deliver our external training courses, for the purpose of enabling the delivery of the training and to ensure your safety when onsite at that venue.
How long do we keep your personal information?
In all cases we will only keep your personal information for as long as we have a lawful basis for processing it.
- Where you enter into a contract, we will keep your information for the duration of the contract, and thereafter for such period as we are permitted by law (to comply with financial legislation and insurance cover requirements), or for as long as is necessary for the establishment, exercise or defence of legal claims.
- Where you have made a general or specific enquiry but have not entered into a contract or placed an order with us, we will keep your information until that enquiry is resolved.
- Where you have expressly consented to and/or subscribed to marketing, newsletters, events information or to any other form of communication, we will keep your information only whilst your consent and/or subscription is valid.
- Where we no longer need your information and no longer have a basis for keeping it, we will delete it within 12 months.
How do we secure your personal data?
We place a great deal of importance on the security of all personal information. We have in place appropriate technical and security measures which are reviewed routinely. Arcus is Cyber Essentials Accredited No: 5514740895257695 and is registered with The Information Commissioners Office No: Z846508X.
Your rights; including your right to object and right to withdraw consent
We respect and place significant importance on your rights. Your rights include the right to:
- Basic information (such as our identity, or that of the controller if not us, the reason and basis on which we process your personal data, together with as much information to ensure fairness and transparency) and to be informed
- Object: to object to processing of personal data where such is done by us in certain circumstances, for example for our legitimate interests or direct marketing
- Withdraw consent: to withdraw your previously given consent
- Access: to be aware of and verify the lawfulness of the processing
- Rectification: to correct personal data if it is inaccurate or incomplete
- Erasure: to request the removal or deletion of personal data
- Restrict processing: to restrict the processing of personal data
- Data portability: to obtain and reuse personal data
- Be aware of any automated decision making or profiling, and to request such is restricted
If you wish to object or to withdraw consent, you may contact us though one of the methods detailed below in the ‘Contact us’ section. In addition, where we have sent you a marketing email, we will have provided an ‘unsubscribe’ link which you can use to stop any future marketing communications.
Concerns or complaint?
If you have a concern or complaint about our processing of your personal information, then you may contact us though one of the methods detailed below. We will endeavour to resolve or address your concern or complaint. If we are not able to do so you may be entitled to complain to the supervisory authority and/or seek a remedy through the courts.
Please contact us by one of the following means:
- E-mail us at: j.reynolds@arcus.uk.com
- Telephone us at: +44 (0) 161 905 3222
- Write to us at: Arcus Consulting LLP, 3rd Floor, Dalton House, Dane Road, Sale, M33 7AR