STIS Group is committed to meeting our legal requirements with respect to Privacy for all who access and use our website and services. Under the General Data Protection Regulation and Data Protection Act 2018, we must comply with certain requirements that are designed to ensure that any personal data you provide to us is processed with due care and attention, and that you as an individual are aware of and know how to exercise your rights with respect to any personal data you trust us with.
What data do we collect and why?
STIS Group collects the personal details that you provide when you enter your details into the Contact Us form, we will also receive some personal information if you email us directly or using email@example.com.
On the contact form we collect the following details:
- Name – so we know who to get back to
- Email address – so we know how to email you
- Phone number – which is optional, if you want us to call you
- Subject (usually no personal information)
- Message – the message you provide so we can address your request
Contact via Email:
We have no control over what you might put in a message, we will however, have at least the email address you mailed us from and what you put into the message. We recommend that you keep any personal details sent to us to an absolute minimum.
How we use your information
This privacy notice tells you what to expect when STIS Group collects personal information. It applies to information we collect about:
- visitors to our websites;
- people who enquire about or use our services;
- people who email us.
Visitors to our websites
When someone visits www.stisgroup.com we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone.
We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
People who purchase or contract with us for a service
If you enter into an agreement with us for services, we collect enough information to enable us to process your order and provide you with the services your require. We collect and process this information using the ‘performance of a contract legal basis’ so that we may provide the service to you.
Unless you have specifically opted in to receive information about products and services from STIS Group during the contract negotiation and sign off process we will not send you any communication other than what is required for the supply of the service.
We keep this data for as long as we are providing the service to you, after you have stopped using the service(s) we keep the data for 12 months, then we anonymise it removing any personal information.
Any data classified as financial that we are required to keep will be retained according to UK HMRC rules, currently 6 years plus current year.
People who email us
Any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with office policy. Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.
If we consider the contents of an email to contain personal data we have not requested or more detail than we need then we will delete some or all of it immediately and request another with less personal details, or no personal details.
By submitting personal data to us by way of an email or an enquiry you necessarily consent to us using that information to contact you in return to complete that enquiry. We do not use that data for any other purpose. For the avoidance of doubt the legal basis for processing your enquiry is ‘consent’.
If you agree to allow us to send you information about STIS Group Products and Services by opting in to that service, you do that on the basis of ‘consent’.
Who we Share Information With
Your information may be shared with any of our consultants, associate consultants, or Member Companies, for the provision of services only. STIS Group remains the controller of the information. We do not share your information with anyone else. If for some reason we did need to share your information further we would seek your permission to do so and inform you of your rights relating to that further processing.
STIS Group DO NOT and WILL NOT transfer the information you provide to countries outside the UK and European Economic Area (“EEA”).
Notification of Changes
Any policy changes, either due to business reasons or future changes in legislation will be posted on this page and, if material, may be promoted on the Website or through e-mail notification.
Your rights as an individual in respect of the data we hold
We respect the rights and freedoms of individuals and as such we would like to make you aware of the following.
You have the right to:
- Request access to your data
- Request rectification of your data where there are errors or inaccuracies, or the data is not current
- Request that the data we hold is removed entirely from our systems (the right to have data removed is only applicable where it does not conflict with our legal and regulatory requirements to keep certain records according to the data retention period)
- Request us to restrict processing of your data
- Object to our processing of your data
- Request your data in a format that is commonly used/accepted
- Send your data to another controller
- Withdraw consent already provided – at any time
You also have the right to complain to this organisation as detailed within the ‘Complaints or Queries’ section of this Policy,
To exercise your rights above please contact STIS Group using any of the methods described under How to Contact us.
You also have the right to lodge a complaint with a supervisory authority, see Complaints or Queries below.
Complaints or Queries
STIS Group tries to meet the highest standards when collecting and using personal information and take any complaints we receive about this very seriously.
We encourage people to bring to our attention, if they think that our collection or use of information is unfair, misleading, or inappropriate.
If you wish to complain about this policy or any of the procedures set out in it please contact: firstname.lastname@example.org.
If for any reason you believe that STIS Group is not in full compliance with the GDPR or Data Protection Act 2018 or that a request or complaint has not been properly dealt with you have the right to lodge a complaint with the relevant supervisory authority, in the UK this is the ICO.
https://ico.org.uk/concerns/handling/ or call the ICO on 0303 123 1113.
9 Percy Street,
T: +44 (0) 7767 374864