Privacy Policy 2018-09-14T16:05:15+00:00

Casu Consulto Ltd (‘the Company’) honours the rights of its clients and other contacts including website visitors’ right to privacy and data protection. The Company is fully committed to complying with the provisions of all applicable Data Protection legislation and regulations such as Data Protection Act and EU GDPR. The Company honours the rights of its clients, employees and other users to privacy and data protection.

This Privacy Policy (‘Policy’) describes how the Company collects, uses, shares, and retains personally identifiable information provided by users of this website and individuals engaging with the company. The policy is effective as of 25th May 2018. The policy will be continually assessed against new technologies, business practices, regulatory changes and the evolving needs of the Company. We are registered with the Information Commissioners Office, the UK’s Data Protection Authority.

Data Controller

The data controller for all personal data collected via this website is the Company’s designated Audit and Compliance Officer . This means that we are responsible for deciding what data we collect and how we hold and use your personal data. We will implement appropriate data security measures for protecting the data from unauthorised access and loss, as laid out in the Security section of this Policy.

Data Collection

The Company collects and maintains a variety of personal identifiable information including names, email addresses, phone numbers, and business addresses. The Company collects information directly from individuals or from the parent companies of the individuals. The information could be collected through emails, phone calls, and face to face meetings. The Company does not collect personal data about individuals except when there is a legitimate business requirement or when such information is provided on a voluntary basis.

Users should be aware that non-personal information and data may be automatically collected through the standard operation of the Company’s web servers, and by the use of cookies technology and/or Internet Protocol (IP) address tracking. Nonpersonal identification information might include the browser used by you, the type of computer, the operating systems, the Internet service providers, and other similar information. The web server also automatically gathers information about the top viewed and visited pages and links on our website, top entry and exit points, time
spent on pages, top downloads, top keywords, used offsite to lead customers to our website, your internet protocol address (IP), information collected via cookies, the areas you visit on the website, the links you may select from within the website to other external websites and device event information cookies. You can set your browser to refuse cookies, or to alert you when cookies are being sent; however, if you disable cookies, the full functionality of the Company’s website may not be available to you. The information thus collected enables us to develop and customise our services better to meet your needs and preferences.

Purpose of Processing

The personal data collected is used by the Company to be able to provide comprehensive HR, training and coaching services to clients, and to respond to queries received from the public or other relevant stakeholders.

Data Retention

The personal data collected is stored in the Company’s data management systems, both paper-based and electronic. Personally identifiable information will not be disclosed to any third party except if permission has first been obtained from the users. The data will not be transferred to any agency located outside the EU.

At regular intervals, we will

  • Review the length of time we keep your personal data for
  • Consider the purpose or purposes for which we hold your personal data for in deciding whether (and for how long) to retain it
  • Securely delete information that is no longer needed for that purpose or those purposes
  • Update, archive or securely delete information if it goes out of date

Security

The Company uses reasonable measures to safeguard personally identifiable information. The implemented measures will be appropriate to the type of information maintained and compliance with all relevant legislation governing protection of personal information. Measures are implemented to preserve confidentiality, integrity and availability of the personal information. We have put in place appropriate security measures to prevent personal data from being accidentally lost, used or accessed in any unauthorised way, altered or disclosed. In addition, we limit access to personal data to only those employees who have a legitimate business need to have access to that data. The employees will process personal data in accordance with our instructions. They will be subject to a duty of confidentiality and due care with respect to handling personal data. We have put in place procedures to deal with any suspected data security breach and will notify any individual(s) and any applicable regulator of a suspected breach where we are legally required to do so. The Company’s employees are trained on data security and information protection.

Social Media

If the Company is sent a private or direct message via social media the message may be stored. Like other personal data, these direct messages will not be shared with any other organisations.

Access, Review and Correction

The General Data Protection Regulations gives you the right to access your personal data held by us (subject access request). If you have an established business relationship with the Company, you may request from us a list of the categories of personal information held about you. Subject access requests must be made in writing to the Casu Consulto Audit and Compliance Officer. We will endeavour to respond to the request within a reasonable time period and in any event within one month as required by the relevant provisions in the GDPR.

It is important that the personal data we hold about you is accurate and current. We will take all reasonable measures to ensure that the personal data we hold about you is accurate. We have also implemented procedures to enable you to review and correct your personal information, should there be any changes to your circumstances or errors in the gathered data. When you make a request or access or review the personal data we hold about you, we will request you to verify your identity before the request can be fulfilled.

Privacy Rights

In addition to the rights of access, review and correction, you have the right to object to your personal data being processed for any particular purpose, or to request that we stop using your information. If you wish to exercise these rights, please email dpo@casuconsulto.co.uk. If you have further concerns about how we use your personal data you also have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the data protection authority for the UK. Please visit https://ico.org.uk/ for more details on your data protection rights and how to contact them.

This privacy policy was last updated on 12th September 2018.