Our Policies

Last Updated: February 10^th, 2024

This Privacy Policy describes the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.

When we refer to “D|OPS Digital” (“We” or “us”), within this Privacy Policy, we are referring to the company DOPS Digital Limited of registered address The Station House, 15 Station Road, St. Ives, PE27 5BH, United Kingdom; plus the associated websites, and any associated services or features which may be made available to you from this website.

Data Protection Regulation Framework

D|OPS Digital is based within the United Kingdom, and as such have aligned our Privacy Policy with the EU General Data Protection Regulation (GDPR) which came into effect on 25th May 2018, under the supervision of the ICO within the UK.

ICO Registration Reference ZB617930.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

Relevant Legislation

Along with our business and internal computer systems, this website is designed to comply with the following national and international legislation with regards to data protection and user privacy:

– UK Data Protection Act 2018 (DPA)

– EU Data Protection Directive 2016/680 (DPD)​

– UK General Data Protection Regulation (GDPR)​

– Privacy and Electronic Communications Regulations 2003​

This site’s compliance with the above legislation, all of which are stringent in nature, means that this site is likely compliant with the data protection and user privacy legislation set out by many other countries and territories as well. If you are unsure about whether this site is compliant with your own country of residences’ specific data protection and user privacy legislation you should contact our data protection owner (details of whom can be found in section 17) for clarification.

What Data Do We Process

We collect data (“Personal Information”) about you to carry out our core business and ancillary activities.

You may decide to send us your Personal Information via this website if you are seeking more information, requesting to attend one of our events, if you apply for a job with us or for other similar purposes. Your decision to disclose your personal data is entirely voluntary, and by doing so, you are providing us with specific consent to use your personal data only for the purposes for which you have disclosed it to us.

D|OPS Digital may access and use your Personal Information only for the purposes for which you have submitted it to us to

• when you register online or make an inquiry regarding our products and services or provide us with comments or feedback. We will capture Personal Information about you so we can communicate effectively with you and address your requests regarding our products or services. We will hold information about your name, the company you work for, address, phone and fax numbers, e-mail address and line of business, etc. We will use this information to help manage your requests.
• if you visit our websites, we will collect Personal Information from your device, such as IP address and other online identifiers (i.e. online data collected from user’s devices and protocols which leave traces which may be used to identify users). We use this to optimise your experience and help us to improve our websites and the ways we communicate with you.
• if you attend one of our events: We collect Personal Information if you attend our D|OPS Digital corporate events. This information may include your photos, identifying data (e.g. email, name, etc.) and any other information which may be collected by us in connection with our events.
• if you apply for a job with us: we will collect Personal Information about you if you contact us about an employment opportunity at D|OPS Digital. We will collect and use personal information to help assess your skills and your suitability to the relevant job position. We may also use such data to contact you if we believe a specific job position may interest you. Such information may include your name, email address, CV, telephone number, profile photo, job history and other relevant information.

D|OPS Digital does not gather any of your sensitive Personal Information, such as your race, ethnicity, religion, health metrics, political association and any other sensitive data.

How we Use the Data we Collect

We use and share Personal Information as described in this Privacy Policy and for the following purposes:

1. To identify and authenticate your access;
2. To conduct analytics in order to improve and customize our websites and the ways we communicate with you;
3. To present you and your company business opportunities regarding our services;
4. To send you marketing communications, updates and newsletters and present personalized content (see below under “Marketing”);
5. To manage your application for a job position at D|OPS Digital (as applicable);
6. To support and troubleshoot our services, to respond to your queries and communicate with you;
7. To investigate violations and enforce our policies, and as required by law, regulation, or other governmental authority, or to comply with a subpoena or similar legal process or respond to a government request.

 

Legal Basis for Using Your Data

We will only collect, use and share your Personal Information where we are satisfied that we have an appropriate legal basis to do this. This may be because:

1. we need to use your Personal Information to perform a contract or take steps to enter into a contract with you. For example, when you provide your information with us in order to apply to a job position in D|OPS Digital.
2. we need to use your Personal Information for our legitimate interest as a commercial organization. For example, we may collect your Personal Information in order to communicate with you and present you marketing materials and opportunities regarding our services.
3. we need to use your Personal Information to comply with a relevant legal or regulatory obligation that we have; or
4. we have your consent to use your Personal Information for a particular activity.

With Whom we Share the Data we Collect

We may share your Personal Information in the manner and for the purposes described below:

1. with third parties and service providers who help our business (e.g. for data analytics purposes, communicating promotional and informational materials, etc.). These third parties have agreed to confidentiality restrictions and use any Personal Information we share with them or which they collect on our behalf for the purpose of providing the contracted service to us.

We may also disclose Personal Information, or any information you submitted us, if we have a good faith belief that disclosure of such information is helpful or reasonably necessary to: (i) comply with any applicable law, regulation, legal process or governmental request; (ii) enforce our policies, including investigations of potential violations thereof; (iii) investigate, detect, prevent, or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues; (iv) to establish or exercise our rights to defend against legal claims; (v) prevent harm to the rights, property or safety of us, our users, yourself or any third party; or (vi) for the purpose of collaborating with law enforcement agencies or in case we find it necessary in order to enforce intellectual property or other legal rights.

Marketing

We may use Personal Information to let you know about our services that we believe will be of interest to your company. We may contact you by email, post, or telephone or through other communication channels that we think you may find helpful. In all cases, we will respect your preferences for how you would like us to manage marketing activity with you.

To protect your privacy and to ensure you have control over how we manage marketing activities with you:

 

1. we will take steps to limit direct marketing to a reasonable and proportionate level and only send you communications which we believe may be of interest or relevance to you.
2. you can ask us to stop direct marketing at any time you can ask us to stop sending email marketing, by following the “unsubscribe” link you will find on all the email marketing messages we send you.

Security of your Data

We take security very seriously. We have implemented and maintain appropriate technical and organisational security measures, policies and procedures designed to reduce the risk of accidental destruction or loss, or the unauthorised disclosure or access to such information appropriate to the nature of the information concerned. Measures we take include, for example:

1. placing confidentiality requirements on our staff members and service providers;
2. destroying or permanently anonymising Personal Information if it is no longer needed for the purposes for which it was collected; and
3. applying security controls in the storage and disclosure of your Personal Information to prevent unauthorised access to it.

Storing your Data

We will store your Personal Information for as long as is reasonably necessary for the purposes for which it was collected, as explained in this Privacy Policy. Where your information is no longer needed, we will ensure that it is disposed of in a secure manner. In some circumstances we may store your Personal Information for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, accounting requirements.

In specific circumstances we may store your Personal Information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your Personal Information or dealings.

Transferring your Data Globally

D|OPS Digital is headquartered in the United Kingdom and much of the data we process will be transferred or processed in the United Kingdom. We also store and process Personal Information in: (i) any country where we have active employees, and (ii) any country in which we engage service providers. As a result, we may transfer, access, or store Personal Information in countries outside of Europe that are subject to different standards of data protection.

We will take appropriate steps to ensure that transfers of Personal Information are made in accordance with applicable law and carefully managed to protect your privacy rights and interests, and limited to countries which are recognized as providing an adequate level of legal protection or where we can be satisfied that alternative arrangement are in place to protect your privacy rights. To this end:

1. we ensure all data transfers will adhere to applicable privacy and data protection laws and that such transfers ensure a consistent level of protection;
2. where we transfer your Personal Information outside of D|OPS Digital to third parties who provide us services, we obtain contractual commitments from them to protect your Personal Information; or
3. where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any Personal Information is disclosed.
4. We use email and/secure data transfer mechanisms. The mechanism is decided by the requester.

Length of Time Data is Retained

We may retain your Personal Information only for as long as is necessary for the purpose set out in this Privacy Policy. We will retain and use your Personal Information to the extend necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

Legal Rights Available to Help Manage Your Privacy

Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you may have, under certain applicable laws, some or all of the following rights in respect to your Personal Information:

• Right to access your own data;
• Accuracy and right of rectification and erasure; and
• Right to object to processing of Personal Information.
• Specific rights for EU data subjects

Under applicable EU data protection laws and regulations, EU data subjects have the following rights in respect to their Personal Information:

Right to access

You have a right to request access to or obtain a copy of your Personal Information. You have the right to be informed of a number of details concerning the processing of your Personal Information, and this Privacy Policy attempts to provide you with this information.

Process for Data Subject Rights Requests

Submission of Requests

Data subjects may exercise their rights by submitting a written request to D|OPS Digital via email to the Data Protection Officer (DPO) at gdpr@dopsdigital.com. The request should include the following information:

• Full name of the data subject.
• Contact details for communication (email address, phone number, etc.).
• Description of the right(s) being exercised.
• Any relevant details or context regarding the request.

Verification of Identity

To ensure the security and confidentiality of personal data, D|OPS Digital will verify the identity of the data subject before processing any requests. Verification may involve requesting additional information or documentation from the data subject to confirm their identity.

Response Timeframe

D|OPS Digital will respond to data subject rights requests without undue delay and within one month of receiving the request. This timeframe may be extended by an additional two months for complex or numerous requests, in which case the data subject will be notified of the extension and the reasons for it within one month of receiving the request.

Response to Requests

Upon verification of the data subject’s identity, D|OPS Digital will process the request in accordance with applicable data protection laws. This may involve providing access to personal data, rectifying inaccuracies, erasing data, restricting processing, or fulfilling other requests as appropriate.

Denial of Requests

If D|OPS Digital is unable to fulfill a data subject rights request, we will provide the data subject with a justification for the denial and inform them of their right to lodge a complaint with the Information Commissioner’s Office (ICO) or seek judicial remedy.

Record-Keeping

D|OPS Digital will maintain records of all data subject rights requests received, including details of the request, actions taken, and any communications with the data subject regarding the request. These records will be retained in accordance with our data retention policy.

Review and Update

This procedure for handling data subject rights requests will be reviewed and updated as necessary to ensure compliance with applicable data protection laws and regulations.

Contact Information

For any questions or concerns regarding data subject rights requests or the handling of personal data, please contact the Data Protection Officer (DPO) at gdpr@dopsdigital.com.

Right of rectification and erasure

You have a right to request that we rectify inaccurate Personal Information. We may seek to verify the accuracy of the Personal Information before rectifying it. You can also request that we erase your Personal Information in limited circumstances where: (i) it is no longer needed for the purposes for which it was collected; (ii) you have withdrawn your consent (where the data processing was based on consent); (iii) following a successful right to object (see right to object); (iv) it has been processed unlawfully. We are not required to comply with your request to erase Personal Information if the processing of your Personal Information is necessary for compliance with a legal obligation or for the establishment, exercise or defense of legal claims.

Right to restrict the processing of your Personal Information

Where we rely upon legitimate interest to process your Personal Information, then you have the right to object that processing if you believe your fundamental rights and freedoms outweigh our legitimate interests. If you raise an objection, we have an opportunity to demonstrate that we have legitimate interests which override your rights and freedoms.

Please note that you also have the right to withdraw consent, in cases where we rely on your consent to collect and process your Personal Information.

Right to data portability

You can ask us to provide you with your Personal Information that you provided to us, in a structured, commonly used, machine readable format, or you can ask to have it transferred directly to another data controller, but in each case only where: (i) the processing is based on your consent or on the performance of a contract with you; and (ii) the processing is carried out by automated means.

Right to object to the processing of your Personal Information

You can object to any processing of your Personal Information which has our legitimate interests as its legal basis, if you believe your fundamental rights and freedoms outweigh our legitimate interests. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.

Right to file a complaint with the supervisory authority

You have a right to lodge a complaint with your local supervisory authority if you have concerns about how we are processing your Personal Information. We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority.

If you wish to access any of the above-mentioned rights, we may ask you for additional information to confirm your identity and for security purposes, in particular before disclosing Personal Information to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive. You can exercise your rights by contacting us.

Subject to legal and other permissible considerations, we will make every reasonable effort to honour your request promptly or inform you if we require further information in order to fulfil your request. We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.

Data Breaches

We will report any relevant data breach to any of our third party data processors, data subjects and relevant authorities within 72 hours of becoming aware of the breach, where feasible.

The processor shall notify the controller without undue delay after becoming aware of a personal data breach and shall take the following actions.

1. describe the nature of the personal data breach including where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned;
2. communicate the name and contact details of the data protection officer or other contact point where more information can be obtained;
3. describe the likely consequences of the personal data breach;
4. describe the measures taken or proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.

Minors

The website is not directed nor targeted to children under the age of 16. D|OPS Digital will not knowingly collect information from children. If you are under 16, you may not submit information about yourself to us. In the event that we become aware that a User is under the age of 16 has shared any Personal Information, we will use reasonable efforts to discard such information. If you have any reason to believe that a minor has shared Personal Information with us, please contact us.

Third-Party Data Sub-Processors

We use a small number of third partes to process Personal Information on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set in section “Relevant Legislation”. All of these third parties are certified to the EU-US Privacy Shield (2016) Framework.

• Google (for website analytics) – https://policies.google.com/privacy?hl=en-GB
• LinkedIn (social media) – https://www.linkedin.com/legal/privacy-policy
• Microsoft 365 (email service provider and CRM) – https://privacy.microsoft.com/en-ca/privacystatement

Cookies

A “cookie” is a small piece of data that is stored on your computer’s hard drive. They are used by nearly all websites and do not harm your system. We can use the information from cookies to ensure we present you with options tailored to your preferences on your visit to our website. We can also use cookies to analyse traffic and for advertising purposes.

If you want to check or change what types of cookies you accept, this can usually be altered within your browser settings.

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site.

If you don’t want to receive cookies that are not strictly necessary to perform basic features of our site, you may choose to opt-out by changing your browser settings.

For more information generally on cookies, including how to disable them, please refer to aboutcookies.org. You will also find details on how to delete cookies from your computer.

 

 

Updates to this Privacy Policy

Any changes we make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our Privacy Policy.

Contact

Questions, comments, and requests regarding this Privacy Policy are welcomed and should be addressed to gdpr@dopsdigital.com