NF Digital Ltd (BoodleBobs) GDPR PRIVACY POLICY



 

INTRODUCTION

In order to conduct its business activities, it is necessary for NF Digital (BoodleBobs)  to act as a data controller with respect to gathering and using the personal data of individuals.  These can include clients, suppliers and other people the company has a relationship with or may need to contact.  This policy sets out how we collect, use and protect any information you give us when you use this website and/or our services.  


We are committed to safeguarding your privacy.  Should we ask you to provide certain information, you can be assured that it will only be used in accordance with this policy.  We may be required to update this policy from time to time in order to remain legal and compliant. You should check this page periodically to ensure that you are happy with any changes.
 

WHY THIS POLICY EXISTS

This GDPR Privacy Policy ensures NF Digital:

 



WHAT WE COLLECT

We may collect the following information:

Clients & Prospective Clients



Suppliers

 


LAWFUL REASONS FOR PROCESSING 

Clients, Prospective Clients & Suppliers 


For Business to Business clients and contacts, our lawful reason for processing your personal information will usually in the first instance be “legitimate interests”.  Under this we can process your information if we have a genuine and legitimate business reason and we are not harming any of your rights and interests. Once you enter into a contract with us our lawful reason becomes “contractual obligation”.  This also includes steps taken at your request before entering into a contract. 


WHAT WE DO WITH THE INFORMATION WE COLLECT

Clients & Prospective Clients


We require this information to understand your needs and provide you with a better service and in particular, for the following reasons:
 



Suppliers 


We require this information for the following reasons:


RETENTION

We are required to keep documents, contracts etc. for the length of the contract as a minimum and for up to seven years afterwards as a maximum.  We will determine this on a case-by-case basis after taking into account the individual circumstances and will only keep data which is necessary for us to fulfil our contractual obligations.  Any personal data held by us for marketing updates will be kept by us until such time that you notify us you no longer wish to receive this information.


 

SECURITY

We are committed to ensuring that your information is secure and protected against unauthorised or unlawful processing, accidental loss, destruction and damage. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, technical and managerial procedures to safeguard and secure the information we collect.


SECURITY BREACHES

Despite all the controls we have put in place to address all the key GDPR principles, there is still always a risk a data breach may happen.  In the unlikely event of this, the breach will be notified to all data subjects affected without undue delay. If appropriate, this will also be reported to the ICO within 72 hours of us becoming aware.  The person who should be informed of any breaches is named at the bottom of this policy and is contactable by email at all times.


HOW WE USE COOKIES

A cookie is a small file which is placed on your computer's hard drive and helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

 

We use some unobtrusive cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to client needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
 

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
 

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website however.  You can find out more about cookies by visiting the All About Cookies resource website.
 


THIRD PARTY PROCESSING

 

Our work for you may occasionally require us to pass your information to our service providers and for the purpose of delivering our services to you.  Where we are entering into an engagement with a third party, we will seek to be satisfied that they have secure measures in place so your privacy rights continue to be protected as outlined in this policy.


We only disclose information that is necessary to deliver our services and we never allow your personal data to be used by any third party for any market research, marketing or other commercial purposes. Under GDPR law, we may be required to disclose your data for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.  We may also be required to disclose your personal data where such disclosure is necessary for the establishment or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

YOUR RIGHTS UNDER GDPR

Your principle rights under GDPR are:

 



This means you have the right to know what data we are holding for you at any time, the right to access this data, change it and/or have it removed from any further processing activity.
 

SUBJECT ACCESS REQUEST

If you would like to contact us with a subject access request, please use the email luke@newforest-dital.co.uk with ‘GDPR Subject Access Request’ in the subject line.  We will contact you within ten days of receiving this request.


If you are unhappy with the way your subject access request has been dealt with, you have the right to report a concern with a supervisory authority.  In the UK, this is the Information Commissioner’s Office www.ico.org.uk/concerns/.
 

Luke Kemp

88 Lower Buckland Rd

Lymington

SO41 9DW

 

Email: luke@newforest-digital.co.uk