Trust Keith's Privacy Notice
Trust Keith's Privacy Notice

Trust Keith's Privacy Notice

❓ What is this notice all about?

We want to be completely transparent about how we collect and use your personal data and this privacy notice exists to tell you exactly how we do this.

This notice applies wherever we decide why and how we process personal data (and therefore act as a Data Controller under data protection law). It covers the personal data we process when you use our services.

Our privacy notice tells you the journey of your personal data from the moment it enters our systems up until it's time for us to say "goodbye 👋", as well as the various stops it makes along the way.

👇 The different ways we process personal data

When you sign up for one of our events
🗂️ What personal data do we collect, why do we collect it, and what legal basis do we rely on?
💡
Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.

When you send us an enquiry, book a call with us, or sign up to an event, we'll ask you for some some basic information about yourself, such as your name, contact details, company details, telephone number and any enquiry details so that we can answer your question. The data collected is necessary for our legitimate business interest to raise awareness of and grow our business.

The legal basis we rely on are Article 6(1)(f) of the GDPR - Legitimate Interests and Article 6(1)(b) of the GDPR - Contract.

🗺️ Where do we store it?

We make use of customer analytics platforms to collect data and transfer it to our Customer Relationship Management (CRM) platform. We use standard applications to process data such as email, word processing and other office cloud based software. We host live events using an event platform application. We may use call recording and note taking software during our meetings which we sometimes use for training purposes.

Most of the data we process is stored in the UK and EEA, including our CRM platform and office applications.

If any data is transferred to a third country such as the US, including the form functionality on our website and event platform application, then we make use of Standard Contractual Clauses along with the UK Addendum to secure the transfer of the data.

⏲️ How long do we keep it for?

We keep the personal data mentioned above in line with our retention schedule and business needs. When you unsubscribe, we will remove your data from our systems, but we will keep your email on an unsubscribe list with restricted access to ensure you won’t receive further emails from us.

When we raise awareness of our company
🗂️ What personal data do we collect, why do we collect it, and what legal basis do we rely on?
💡
Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.

When we raise awareness of our company, we may collect some information such as your name, company name, phone number, and work email address.

Often we find prospects are referred to us, or find us through one of our hosted events or our website. If you have attended one of our events, we may occasionally send you news and information about Trust Keith and our services to keep you up to date with what we're up to for as long as you wish to be kept informed.

Occasionally we make use of marketing lists to raise awareness of our business. In order to target companies that we believe will benefit from our offering, we use marketing databases to find name, company name, phone numbers and company email addresses. We screen this data against the Telephone Preference Service and our own ‘do not contact’ list before using it.

We may use call recording and note taking software during our meetings which we sometimes use for preparation and training purposes as well as to gain insights which inform marketing messaging.

We may collect your home or office address in order to send you a gift to show our appreciation. We will only use your address for this specific purpose.

The legal basis we rely on for this is Article 6(1)(f) of the GDPR - Legitimate Interest

🗺️ Where do we store it?

We make use of customer analytics platforms to collect data and transfer it to our Customer Relationship Management (CRM) platform. We use standard applications to process data such as email, word processing and other office cloud based software. We host live events using an event platform application.

Most of the data we process is stored in the UK and EEA, including our CRM platform and office applications.

If any data is transferred to a third country such as the US, including mailing lists and our event platform application, then we make use of Standard Contractual Clauses along with the UK Addendum to secure the transfer of the data.

⏲️ How long do we keep it for?

We'll retain your name, company name, phone number, and email address on a marketing list, in line with our retentions schedule unless you unsubscribe. Anyone else who does not wish to be contacted will be transferred to our ‘do not contact list’. We retain name, company, email, phone number so that we know not to contact you, and all supplementary information will be deleted.

We will only retain your home or work address for a maximum of 4 weeks after sending out any gifts, to ensure that they definitely arrive!

When your company starts working with us
🗂️ What personal data do we collect, why do we collect it, and what legal basis do we rely on?
💡
Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.

When you start working with us, we'll ask for the names of key contacts, contact details, company details, financial details, and any related information, as well as the email addresses of your team, so we can provide our service to you and your organisation.

The legal basis we rely on are Article 6(1)(f) of the GDPR - Legitimate Interests and Article 6(1)(b) of the GDPR - Contract.

🗺️ Where do we store it?

To deliver our service, we process and store data using cloud-based communication and collaboration softwares. We use standard applications to process data such as email, word processing and other office cloud-based software alongside a Customer Relationship Management (CRM) platform. We ask for you to sign a contract using a cloud-based application and we collect payment via a finance platform. We use project management software and provide our customers with a 24/7 breach hotline.

Occasionally we may use call recording and note taking software during our meetings which we make use of for product development and training.

We collaborate with trusted partners to deliver Security Awareness Training and Certifications. If you have signed up for these products, we will share your data with them for the specific projects while they are ongoing.

Most of the data we process is stored in the UK and EEA, including our CRM platform, financial and office applications.

If any data is transferred to a third country such as the US, including our Data Protection Handbook platform and our project management software, then we make use of Standard Contractual Clauses, along with the UK Addendum where necessary, to secure the transfer of the data.

⏲️ How long do we keep it for?

We will retain your personal data while you are a customer of Trust Keith and for 12 months after you leave, in line with our business needs.

We keep financial data for a minimum of 6 years, in line with UK law.

When you apply for a job with us
🗂️ What personal data do we collect, why do we collect it, and what legal basis do we rely on?
💡
Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.

When you apply for a job with us, we ask you for some information about yourself to manage your recruitment process, such as your CV, cover letter, case study and interview notes. The legal basis we rely on for this is Article 6(1)(f) of the GDPR - Legitimate Interests.

🗺️ Where do we store it?

All the information we collect during recruitment is stored on a recruitment platform which is hosted in the US.

Where data is transferred to a third country such as the US, then we make use of Standard Contractual Clauses, along with the UK Addendum where necessary, to secure the transfer of the data.

⏲️ How long do we keep it for?

If you're offered a job with us, we'll retain your data during your employment and remove it in line with our obligations under UK law. Otherwise we will keep your data during your the interview process and remove it after 12 months.

When you visit our website

Our website uses cookies and other similar technologies of which you should be aware.

🗂️ What cookies do we collect, why do we collect them, and what legal basis do we rely on?
💡
Cookies are text files placed on your hard drive by a web page server when you visit a website and are saved in your browser's history. They allow the website to recognise your device and store some information about your preferences or past actions. Cookies cannot be used to run programs or deliver viruses to your computer; they are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie.

When you use our website, the cookies can be stored on your device are either first party cookies, which are placed and read by us directly while you are using our website or third party cookies, which are set by other third parties we have partnered with.

Below is a list of the cookies we use and the purposes for which they are used:

Essential cookies
💡
These are essential to the operation of our website and are integral to the functioning of our Website, therefore they cannot be removed.
Name
Provider
Purpose
Expiry
intercom-id-q1q4zs0c
Intercom Messenger
Allows Intercom to identify you as a unique user. This allows us to know when you have messaged us more than once
9 months
intercom-session-q1q4zs0c
Intercom Messenger
Allows Intercom to recognise when you use a new browser session. This allows you to see previous conversations you’ve had with us during your browser session.
1 week

You can find out more about Intercom Cookies here

Non-essential cookies
💡
These cookies are additional to the the performance of our Website and help us improve the service we provide to you.
Name
Provider
Purpose
Expiry
_ga
Google 
Registers a unique ID that is used to generate statistical data on how the visitor uses the website.
2 Years
_gat
Google
Used by Google Analytics to throttle request rate
1 day
_gid
Google
Registers a unique ID that is used to generate statistical data on how the visitor uses the website.
1 day

You can find out more about Google Analytics cookies here

You can choose not to store Non-essential cookies on your computer when you visit our website, or you can adjust your browser settings to prevent cookies from being saved on your computer. You can find information about how to manage Cookies in the most commonly used browsers at the following addresses:

When you first visit our website, you will be prompted to customise your cookies selection and be provided with a link to this policy, where you can find more information about the cookies we use.

📜 What are your rights?

Your personal data is yours and you have rights in relation to it granted by the UK GDPR, which include:

📮 The right to be informed

You have the right to be informed about the collection and use of your personal data, the purposes for processing, retention periods for that personal data and who it will be shared with.

🗝️ The right of access

You have the right to ask us for copies of the data we hold about you.

The right to object

You have the right to ask us to stop processing your personal information in some circumstances, such as when we are relying on our own (or someone else’s) legitimate interests to process your personal information, when we are processing your personal information for direct marketing or when we are processing your personal information for research.

📝 The right to rectification

You have the right to ask us to rectify the personal information you think is inaccurate or to complete information you think is incomplete.

🧽 The right to erasure

You have the right to ask us to erase your personal information, in some circumstances.

🚫 The right to restrict processing

You have the right to ask us to restrict the processing of your personal information for a duration of time, in some circumstances.

✈️ The right to data portability

You have the right to ask that we transfer the personal information you gave us to another organisation, or to someone else, in some circumstances.

You don't have to pay anything in order to exercise your rights. Please contact us at rory@trustkeith.co, Trust Keith Ltd, 20-22 Wenlock Road, London, N1 7GU, if you wish to make a request under your rights. We have a calendar month to get back to you with a response.

💔 How you can complain

If you have any concerns about our use of your personal information, please let us know by writing to us at rory@trustkeith.co.

If you are not satisfied with our response or you are unhappy with how we have used your data, you can complain to the Information Commissioner's Office (ICO). You can find the ICO contact details below:

💡
ICO Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, Helpline number: 0303 123 1113.
💡

Last updated: 21/12/2022

icon
Powered By Trust Keith