Privacy Policy and Data Protection

Privacy Policy and Data Protection

As the online world continues to grow and we become ever more reliant on the web in all aspects of our lives, privacy and data protection concerns become increasingly important. The laws regulating internet privacy are relatively new and constantly changing to keep up with the pace of technological advancement. 

Privacy and Electronic Communications Regulations

In the UK, the Privacy and Electronic Communications Regulations set out a variety of marketing rules which apply if you are sending marketing and advertising materials by electronic means (such as email). Crucially, any recipients of an email marketing campaign must have opted in to receive these types of email, unless you obtained their contact details in the course of business. Furthermore, all recipients of a marketing campaign should be given a straightforward way of opting out of receiving any further marketing emails.

The regulations also specify the rules regarding the use of cookies. In a nutshell, website owners are required to gain consent from users before using non-essential cookies (ie. those used for analytics or advertising). Please see our separate information page dealing specifically with cookies to find out more.

Data Protection Act

The use of personal data by businesses and other organisations is regulated by the Data Protection Act. There are a range of requirements when it comes to processing personal data. You need to ensure that it’s used fairly and lawfully, in a way that is “adequate, relevant and not excessive” and not used beyond a specifically stated purposes. It’s also important to keep the information accurate and up-to-date and you shouldn’t keep it for any longer than absolutely necessary. You should always have an eye on the data protection rights of the individuals concerned and never step beyond these boundaries. As most information is stored electronically these days, it’s crucial that you are mindful of security risks, such as potential hacking attempts or even the case of leaving a memory stick on the train, as you have an obligation to ensure that any personal data you process is kept secure. Furthermore, you’re not allowed to transfer this data outside the European Economic Area (EEA) without adequate protection.

Some businesses handling personal data may be additionally required to register with the ICO. To find out whether you need to register, take this online self-assessment provided by the ICO.

We have a range of constantly updated website privacy policies which can be used by your business and adapted to your needs. These can be downloaded from our Business Documents Folder. Click on the relevant links below for further information.