We take your privacy seriously. This Privacy Policy should help you work out what date we collect, what we collect it for and how we protect it for you. If you have any questions at all, please email paul.twivy@purpose-done-right.com.

In a nutshell

Most of the data we collect and hold about you – if you are a current or past client – is for the purpose of fulfilling our contractual commitments to you / the company you represent. We also use data to market our products and services better, and to help us raise Purpose Done Right’s profile with both current and prospective clients. We collect data as well to improve our website.

We gather information about you so we can complete the work you / the company you represent commission(s) with Purpose Done Right. For example, we may hold your name, title, email address, phone number and office address, and the sector in which your business operates.

Where necessary, we share this with Associates and Collaborators working on your project.

To market our products and services we may from time to time send you information about things we think will interest you. This may include marketing communications, articles and invitations to events.

To improve our website we collect data on how you use our website. We track things like where you click on our site and what features you use. This lets us learn what's working well and what we could improve.

We may share this data in an aggregated form with agencies or partners that are helping us.

Information that we collect & why

CLIENTS / PROSPECTS

We will collect details including your name, title, email address, phone number, and office address.

Whenever you get in touch by phone, email, or chat, we may keep a record of that correspondence.

We will use this information to comply with our contractual obligations, to provide the best possible product / service delivery to you / the company you represent, and so we can show evidence of transactions or events.

We may from time to time let you know about products and services that may be of interest to you. We may contact you by post, telephone or e-mail. You will always have the option to stop receiving these communications from us. However, please note that this will not affect us contacting you relating to on-going contracted work.

In order to perform our contract with you / the company you represent, we may also need to share personal data with third parties to assist in the delivery of the contracted work.

We may also advertise your feedback on our website and marketing materials (subject to obtaining your prior consent where necessary).

We will retain your information as long as we require this to perform our contract with you / the company you represent, and for a period of 6 years.

SUPPLIERS & SUB-CONTRACTORS

We will collect details such as name, title, email address, phone number, and home / office address, as well as contract and bank details in order to contact you about goods or services we require from you, to request further goods / services and to pay you for the goods and / or services supplied. We will keep the personal data for 6 years.

VISITORS TO OUR WEBSITE

We may collect and process personal data about you in the following circumstances:

  • When you complete forms on our website, for example our Newsletter sign-up

  • Details of your visits to our website including, but not limited to, traffic data, location data, weblogs and other communication data, and the resources that you access; and whenever you disclose your information to us, or we collect information from you in any other way, through our website

  • We may collect information about your device, including your Internet Protocol address. We may also collect information about your device’s operating system and browser type, for system administration. This is statistical data about our users' browsing actions and patterns, and does not identify any individual

  • Our website uses cookies to distinguish you from other users of our Website. This helps us to provide you with a better website experience and also allows us to improve our website

LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA

We will only use your personal data where the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • For performance of a contract we enter into with you / the company you represent;

  • Where necessary for compliance with a legal or regulatory obligation we are subject to; and

  • For our legitimate interests (as described within this policy) where your interests and fundamental rights do not override these interests.

If you have questions about the lawful basis on which we collect and use your information, you can email us at paul.twivy@purpose-done-right.com.

SHARING YOUR INFORMATION

We may disclose your information to third parties for our legitimate interests as follows:

  • With colleagues, including Associates and Collaborators, in order to facilitate the delivery of products / services to you / the company you represent;

  • Software providers that host our website and store data on our behalf;

  • Marketing organisations that assist us on the distribution of marketing correspondence;

  • Professional advisers including consultants, lawyers, bankers and insurers who provide us with consultancy, banking, legal, insurance and accounting services;

  • HM Revenue and Customs, regulators and other authorities who require reporting of processing activities in certain circumstances; and

  • Third parties who we may choose to sell, transfer or merge parts of our business or assets. Alternatively, we may seek to acquire other business or merge with them. If a change happens to our business then the new owners may use your personal data in the same way as set out in this privacy policy.

Furthermore, we may disclose personal data to the police, regulatory bodies, legal advisors or similar third parties where we are under a legal duty to disclose or share personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions; or to protect our rights, property, or safety of our clients, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

We never sell or distribute personal data to other organisations.

YOU’RE IN CONTROL

If we collect or handle your personal data, you have rights as an individual that you can exercise in relation to the information we hold about you. Email us at paul.twivy@purpose-done-right.com to:

  • Correct or update your personal information

  • Delete your personal information. We will delete any information that we no longer need to hold, but we won't always be required to do this. For example, we may need to hold your information to deliver work we’ve contracted for with you / your organisation. If this is the case, we'll explain why

  • Ask us to restrict processing of your personal information or transfer your personal information to a different organisation

  • Confirm if we are using your personal information or get access to all your personal information that we hold, in an easy to understand, portable and secure format, use subject line "Subject Access Request" in your email

  • Object to the processing of your personal information

  • Withdraw consent to process your data

  • Opt-out of marketing communications

Once we receive a request from you, we will respond within at most 1 month, but usually much more quickly. Before actioning these requests, we will need to positively identify you.

If you’re unhappy with how we’ve handled or processed your personal information - or you want further information about your rights - you have the right to contact the Information Commissioner's’ Office, the supervisory body that regulates handling of personal information in the UK.

KEEPING YOUR INFORMATION SECURE

We will do our best to protect your personal data, however we cannot guarantee the security of your information transmitted over the Internet.

Information you provide to us is shared on our secure servers. We have implemented appropriate physical, technical and organisational measures designed to secure your information against accidental loss and unauthorised access, use, alteration or disclosure.

In addition, we limit access to personal data to those Colleagues, Associates, Collaborators, and other third parties that have a legitimate business need for such access and take reasonable steps to ensure that third party business partners to whom we transfer any personal data will provide sufficient protection of that personal data.

RETAINING AND HOLDING YOUR INFORMATION

We keep the personal information we collect for no longer than is necessary for the purposes for which we collected it.

The length of time depends on the purposes for which we use it, or otherwise to meet our legal obligations.

We will delete any information as soon as we no longer have a valid reason to hold it. If this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

ABOUT THIS POLICY

For the purposes of this Policy, "we", "us", "our" and "Purpose Done Right" means Core Purpose Ltd.

This Policy applies to how we use your information in relation to our products and services generally.

This Policy doesn't apply to other companies' sites that you get to through our website or social media pages. So make sure you've read their policy before putting your personal information on their site.

We may change this Policy at any time. If we make any changes, we'll post them on this page. If they're substantive changes, we'll also have a more prominent notice letting you know. You can also email or write to us for a physical copy.

Your continued use of our services will mean that you accept and agree to any changes to the Privacy Policy.

Last updated: The Policy was last updated on 25th May 2018.