This policy was last updated on 18 May 2018
For the avoidance of doubt our website includes our Home Page, www.indigostrategic.co.uk, employer portal and employee self-service portal via BrightPay Connect.
We are committed to safeguarding the privacy of your information. By ‘your information’ we mean any information about you that you or third parties provide to us.
- We will only collect and use your information where we have lawful grounds and legitimate business reasons to do so
- We will be transparent in our dealings with you and will tell you about how we will collect and use your information
- If we have collected your information for a particular purpose, we will not use it for anything else unless you have been informed and, where relevant, your permission obtained
- We will not ask for more information than we need for the purposes for which we are collecting it
- We will update our records when you inform us that your details have changed
- We will continue to review and assess the quality of our information
- We will implement and adhere to information retention policies relating to your information, and will ensure that your information is securely disposed of at the end of the appropriate retention period
- We will observe the rights granted to you under applicable privacy and data protection laws, and will ensure that queries relating to privacy issues are promptly and transparently dealt with
- We will train our staff on their privacy obligations
- We will ensure we have appropriate physical and technological security measures to protect your information regardless of where it’s held
- We will ensure that when we outsource any processes, the supplier has appropriate security measures in place and will contractually require them to comply with these Privacy Principles
- We will ensure that suitable safeguards are in place before personal information is transferred to other countries
Collection of personal data
Any personal data gathered is volunteered by the data subjects when requesting information regarding our products and services.
Any personal data gathered is volunteered. When you are asked to provide personal information, you may decline. If you choose not to provide the information, you may not be able to use the products or services we offer.
The types of information we collect
You may provide us with certain information in connection with a product or service we offer, or in your interactions with our websites. Any personal data gathered via the website is volunteered by visitors to the public or interactive areas of our website. We receive personal data about our website visitors if they, submit an enquiry or application form online.
Any personal data gathered is volunteered by the public via telephone, email, post or fax enquiries, live support or any via 3rd party channels such as website hosted advertisements lead generations and referrals.
Personal data about the customers is received if they, or their representatives, provide such information within the interactive areas, or any other method of communication open to them.
When you are asked to provide personal information, you may decline. If you choose not to provide the information, you may not be able to use the products or services we offer.
Personal data is data relating to a living individual who can be identified from that information or from that data and other information in our possession (for example: name, address, employer, telephone number, date of birth, gender, nationality NI Number, town and country of birth.
Use and disclosure of personal data
Personally identifiable information collected by us is not used for purposes unrelated to the purpose for which the information was originally collected.
We are legally obliged to share, transfer or otherwise disclose your Personal Information as appropriate. For the avoidance of doubt this means that personal information will still be shared and used to comply with relevant legislation and regulatory requirements. This includes to statutory bodies, and other such entities and services to enable us to perform our administration of your incentives contract.
Finally, we may disclose Personal Information when required to do so under applicable law, including but not limited to complying with a legal requirement, judicial proceeding court order or legal process served on us; to investigate a possible crime, such as fraud or identity theft; or when we believe it is appropriate to do so to protect the rights, property, or safety of our company or other persons.
You may at any time tell us you would like to review, update or have your Personal Information deleted from our Database, please refer to the “Reviewing or Updating Your Personal Information” Section.
Where you have provided consent we may store, process and use your Personal Information for marketing, promotion, advertising activities, research and development. If you would like to opt-out of receiving marketing, promotion, advertising activities, research and development from us, please refer to “Opting Out” Section.
Telephone calls may be recorded or monitored for training, security and quality management purposes.
Recording conversations allows organisations to assess satisfaction, train and develop staff, review call quality, and have access to a verbal record of what is said in the event of a subsequent complaint.
How will call recordings be used?
Quality Monitoring – Written records only provide partial information. A call recording provides a more rounded view and allows us to identify any improvement areas.
Training and Development – Listening to a sample number of calls, allows managers to identify training needs.
Complaints and disputes – Some calls are verbally resolved. Where information is entered onto an electronic system this becomes the established record. In the event of a complaint or dispute, a call recording (if available), may provide additional information to help us investigate any allegations.
All recordings will be kept in accordance with the Data Protection Act. You can request a copy of your conversation using one of the methods described in the “Contact Us” section.
Links on our websites
The website of Indio Strategic does not enable visitors to communicate with other visitors or to post information to be accessed by others.
Our website does not contain links to third party ad servers or allow them to place tracking devices on our website.
Our website may contain links to third party websites for users’ convenience and information. If a visitor clicks on these links they will move to another website. We are not responsible for the data policies or procedures, or the content of third party websites linked to our website.
What is a cookie?
When you enter a site your computer will automatically be issued with a cookie. Cookies are text files that identify your computer to our server. Cookies in themselves do not identify the individual user, just the computer used. Many sites do this whenever a user visits their site in order to track traffic flows.
Cookies themselves only record those areas of the site that have been visited by the computer in question, and for how long. Users have the opportunity to set their computers to accept all cookies, to notify them when a cookie is issued, or not to receive cookies at any time. The last of these, of course, means that certain personalised services cannot then be provided to that user.
For more information, please see our cookies page.
Security and integrity of personal data
We will endeavour to protect the data from unauthorised access or disclosure; to maintain data accuracy and completeness; and to ensure the appropriate use of information.
Security measures – including firewalls, encryption and intrusion detection technology, back up procedures and external audits – are employed by us to reduce vulnerabilities to security and privacy threats.
All members of staff are subject to strict confidentiality clauses in their contracts of employment. Access to personal or sensitive data is restricted to authorised employees.
Access to personally identifiable information
Under applicable Data Protection Laws, data subjects may have the right to access the personal data held by us in relation to them and to request that inaccuracies be amended or updated.
Individuals who wish to exercise such rights should contact us. Any requests to access or amend personally identifiable information will be subject to rigorous ‘Know Your Client’ procedures.
These rights are known as Subject Access Request and must be made to us in writing, detailing the information that you require; please refer to the “Contact Us” section.
Reviewing or updating your personal information
If your Personal Information has changed at any point you are obliged to provide updated information using the following methods:
- By contacting us on 0800 0248 976
- Alternatively you can request any changes in writing to:
Indigo Strategic Limited, Administration Centre, Ramsey, UK, IM8 1GB.
If you would like to remove your Personal Information from our database please contact us using the “Contact Us” details below. Please note that your Personal Information including but not limited to, name, address, telephone number, email address, and incentive payment records will need to be kept for statutory reasons.
Right to be forgotten
If you would like to remove your Personal Information from our database please contact us using the “Contact Us” details below. Please note that your Personal Information is required to be kept by law for 7 years following the end of the relationship.
Right to data portability
You can request your Personal Data that you have provided to be transferred to another data controller by providing the data controllers details by contacting us through one of the methods described in the “Contact Us” section.
Please note that such requests may take up to one (1) month. We will provide the personal data in a structured, commonly used and machine readable form, such as csv and will transfer using a secure method.
Personal Data that you have provided will not be transferred overseas without your consent unless the overseas country has equivalent legislation to protect your data. For the avoidance of doubt your data is stored, and processed in the Isle of Man and UK.
If you prefer not to receive marketing materials from us, you can either:
- Unsubscribe from all marketing materials by contacting us through one of the methods described in the “Contact Us” section;
- Unsubscribe from our marketing material by clicking the unsubscribe link on any subsequent email.
Please note this does not include receiving information regarding the product and services that a contractor using your company has signed up to receive.
Please note that such requests may take up to one (1) month to become effective.
Phone: 0800 0248 976
Data Protection Officer
Indigo Strategic Limited