Privacy and Data Protection
This Privacy Notice was last updated on 21st February 2023 and will be reviewed annually. Poteris reserves the right to update our Privacy and Data Protection Policy. If users have any questions or concerns relating to this Privacy and Data Protection Notice, they are encouraged to get in touch using our contact form.
Poteris’ role in processing data
Poteris acts as a Data Controller when website users give us their personal details directly, such as when submitting the contact form with an enquiry.
Legal Basis for Processing Personal Data
The basis for processing user data is consent, contractual and/or legitimate interest.
Without the personal data which our users and partners consent for us to use, Poteris would be unable to deliver its services effectively.
We process the personal data of our website visitors for the purpose of responding to enquiries and offering services, when they complete the enquiry form.
This is where Poteris has a legitimate reason to process personal data provided that it is reasonable and does not go against what users would reasonably expect from us. Where Poteris relies on legitimate interest to process personal data, our legitimate interest is:
- Maintaining records on partners we are working with, to deliver our services.
- To respond to queries, e.g. through the website.
- Contacting partners to seek consent where needed.
- For contacting potential partners where we have closely aligned objectives.
Data Collection and Processing
- Users may give their personal details to Poteris directly, such as when enquiring on the site, via our website or engaging with us via social media
- We may collect information from another source such as a partner organisation
- We collect information from users’ use of our website. Like all organisations we are able to see what browser users are using, IP addresses and what computer operating systems are being used. We may use this information to improve the services we offer. Please also refer to our Cookies information below.
Using Collected Data
We store the minimal amount of data for us to run our services effectively. In order to provide the best service to our partners, we use data in the following ways:
- To administer and deliver our services
- To evaluate, improve and personalise our services
- To allow us to communicate with partners and respond to enquiries
- To undertake due diligence and manage risks
Keeping data secure
We store information about partners and visitors who have expressed interest in our services in documents and emails, and on systems we use internally where this is necessary for the processing that is expected for delivering our service (e.g. for responding to emails). This may include in spreadsheets and word processing documents as well as subprocessing via the services listed here. All systems are password protected and restricted to relevant users, and staff laptops are encrypted so that loss would not be expected to result in loss of user data. We operate in a generally paperless environment and do not print documents containing personally identifiable information.
Poteris will only store user data for as long as is necessary and in line with the original purpose that it was collected.
Poteris will keep personal information confidential and not sell or disclose information to advertisers or external parties, except where users have explicitly given permission to do so.
There are some unlikely circumstances in which we would be required to share data without requesting explicit permission from the user. These include if we believe in good faith that we are required to in order to comply with a regulator or court in order to comply with law, regulation, legal process and court order. We may also share information in order to enforce terms of the contract.
Rights of the Data Subject
The Right to be Forgotten
We will remove or anonymise personal data within 30 days of any request to be removed.
Anonymising data means that any information that is not deleted can no longer be traced back to the person it came from.
Poteris will retain personal data only for as long as is necessary for the purpose we collect it.
Changes to this Policy
We will inform users prominently on our website when this Privacy and Data Protection notice changes and provide a jargon-free summary of the changes.
Right of Access to Data
We will provide users with a copy of their personal data stored by Poteris within 30 days of any request.
Restriction of Processing
We will document, process and respond to any restriction of process request users make.
We will ensure user’s data is available in a portable format.
Any data breach will be reported to appropriate authorities within 72 hours of the breach being found, and Poteris will liaise fully with appropriate authorities to respond to the breach.
Cross Border Data Transfer
Our primary structured data systems that users access are located in the UK. Unstructured data storage is either in the EU or covered by Privacy Shield.
Complaints or Queries
We will always encourage all users to contact us if they have any questions about personal data.
Cookies are small text files that are placed onto a device when users first visit a website which monitors interactions with the site.
- Recognise you when you return.
- Embed content hosted by third parties.
- Improve your experience on our website through monitoring content and feature usage.
There are three categories of cookies we set:
- Necessary cookies – these cookies are necessary for the website to function properly. Some of the following actions can be performed by using these cookies: keeping you logged in; serving video content we host with third parties; storing your cookie consent preferences.
- Performance cookies – these cookies are used to gather statistical information about the use of our websites, also called analytics cookies. We use this data for performance and website optimisation.
- Functional cookies – These cookies enable more functionality for our website visitors, and can be set by our external service providers or our own website.
We set the following cookies on our website:
If you have any questions or queries about our data privacy, please get in touch here.