This policy relates to the data protection and privacy practices which apply to Daniel Connal Limited Liability Partnership (“Daniel Connal Partnership”) and our website www.danielconnal.co.uk
Our aim is to protect our clients, employees and website users’ privacy whilst providing a personalised and valuable service. Collecting personal information is necessary if we are to satisfy the expectations and requirements of our users, i.e. to communicate and to enable an interactive service. In this policy we explain what information we collect, what we do with it and what controls you have.
Personal Identification Information
Any personal information such as name, postal address, telephone number and email address given to us may be used to provide a requested service in line with our contractual agreement, inform of and promote our services to those with a legitimate interest and/or to respond to an enquiry. This will not be disclosed to any other third party without your prior permission; unless we are required to do so by law.
Any non-personal information gathered via our website such as IP address, pages accessed, and files downloaded will only be used to determine how many individuals use our site, how many people visit on a regular basis, which pages are most popular, and which pages are least popular. This information doesn’t tell us anything about who you are or where you live, it is simply used to enable us to monitor and improve our service. Details can be found on our Cookies Policy.
How We Store and Protect Data
We are committed to protecting our employees, clients and users’ privacy. We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration or destruction of personal data we store.
All client and project data is stored on a secure Content Management System.
All computers are protected against virus attacks and malware by ‘Sophos’ and ‘Mimecast’ security software which provides advanced email security, antivirus, antispam protection, TLS encryption, Data Leak Prevention, Documents Services and Attachment Management security software. We have a secure hardware firewall between our internal systems and the outside world. All devices and connections are password protected.
We have implemented an Ultimate Disaster Recovery Solution which is supported by our IT provider “Rio Ltd’’. Our Disaster Recovery Policy explains in more detail the safeguarding we have in place, a copy of which is available upon request.
Our website is SSL (Secure Sockets Layer) certified which keeps data secure between servers. Any enquiry/information entered through our website is encrypted.
Project files and financial files are kept in accordance with the RICS recommendations for a maximum period of 15 years. Archive files are stored off-site in a secure fireproof warehouse.
We have continuous Cyber & Data Liability cover with Victoria Insurance Company Ltd.
We maintain a Personnel Data Register of our staff and job applicants. Information provided to us will be held for the period of their employment with us and 6 years thereafter for legal/reference purposes.
Information provided to us for Job Vacancies either directly, via our website or an agency will be retained for a period of two years should suitable opportunities become available during this period.
Other data protection practices we maintain are document shredding, secure locked personnel files with authorised key access only.
Sharing Personal Information Data
Certain projects may require us to share personal information data with third parties such as contractors, sub-contractors, insurers, photographers, recruitment agencies. This information will be shared as per the project requirements or individual basis and in prior agreement with you. Should you not wish for us to share this information please inform your Project Manager or in the case of employees, one of the Partners.
We also use social media – Facebook, Twitter and LinkedIn to share our practice news, industry updates, project updates, testimonials and case studies. Every effort will be taken to anonymise our social media updates, on the occasion that a reference has to be made this will be done with prior permission.
Staff with duties which include the handling of personal information are kept up to date on the importance of keeping information secure, the appropriate collection, use and deletion of client and employee data, the rules around disclosing information over the telephone and how to deal with requests from individuals for their personal information, through regular training and continuing professional development.
We may contact individuals who have a legitimate interest in our business to inform of or promote our services. An opportunity to unsubscribe/opt-out of such communication will be provided with every email.
We may use a project as a case study, including client feedback/testimonials, photographs and video where available for marketing purposes via brochures, postcards, website and social media.
At times we may invite you to networking events. You will be provided with an opportunity to opt-out/ unsubscribe from further correspondence should you not wish to receive these invitations.
Scheduled Audit Date
Daniel Connal Partnership will review this Policy annually and as required.