Hampton & Associates Ltd is a Scottish Registered Company based in Scotland (SC562140) and considers Scottish law to be its lead supervisory authority. All significant decisions about data processing and policy implementation will be made using UK GDPR. This policy is set out to help you understand the types of data that we collect from you and/or your business and how that data is processed and managed.
We are committed to protecting the privacy and security of your personal information, we continually monitor compliance through implementing policies & procedures to safeguard data and by setting regular reviews to manage these policies and procedures.
In accordance with ICO Requirements of Data Controllers Hampton & Associates Ltd is registered with the Information Commissioners office (ZA695350). When you are using Hampton’s website, Hampton & Associates Ltd is the Data Controller.
Information we collect
Hampton collects personal data from web forms submitted by customers requesting information in the form of general enquiries or to register for the events and services provided by Hampton. This comprises the name, email address company name, subject & message of the person making the enquiry.
Hampton may also collect personal data from the website using Google Analytics to anonymously track how users interact with our site. This involves installing Google Analytics code on our website in the form of a ‘cookie’. Cookies contain an ID number which is assigned to a user and provides us with the following information:
- Your IP address (An IP address does not provide identifiable personal information).
- Your visits to our website.
- The time of your visits and the length of time you spent on our website.
- The pages that you visited.
- Your location (although this might be influenced by the location of your server).
- The browser you are using.
- Type of operating system.
- The device you are using (e.g., desktop, tablet or mobile).
- Referral source (how you arrived on our site, e.g., search engine, direct URL, social media or third-party website).
Who are our Stakeholders?
Clients, Media Outlets, Associates, Delegates, Supporting Organisation, Suppliers, Statutory & Regulatory Bodies
Our websites & information we share around events & involving stakeholders may contain links to other websites run by other organisations. This privacy notice applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy notices and practices of other sites even if you access them using links from our website. In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy notices and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
Hampton can be found on social media platforms such as Facebook, Twitter, Instagram and LinkedIn. These platforms are an important part of our business efforts, so you may be presented with a retargeting ads & emails in future following a visit to our website. We may target ads at audiences that we believe match the profile of our target audience and would therefore be interested in our services. We will also regularly tag or mention you where we are carrying out business promotion on your behalf or to raise your professional profile.
These platforms are run by commercial companies and Hampton is not the Data Controller or Data Processor of your social/professional media profile. You should contact these social media platforms directly if you have concerns over how your personal data is being used and stored by them.
Events & Webinars
We collect and process the following information:
How we use your personal data
We want to give you the best possible customer experience. One way to achieve that is to get the richest picture we can of who you are by combining the data we have about you. The data privacy law allows this as part of our legitimate interest in understanding our customers and providing the highest levels of service. Of course, if you wish to change how we use your data, you’ll find details in the ‘What are my rights?’ section below.
Here’s how we’ll use your personal data:
- To respond, provide support, make assessments and recommendations around products and services we provide. Provide reporting statistical analysis, identify customer trends and measuring effectiveness of marketing campaigns. Service quality, improvements & identify training requirements.
- We operate CCTV systems on and around our premises to prevent, detect crime and to support any accident, insurance, legal claims. We will also review footage where required as part of safety management to support & promote better health and safety.
- When you visit our offices, we will collect information required to identity you and the organisation you represent we will also collect the dates and times of attendance.
- To process payments. We do this on the basis of our legitimate business interests.
- To send you relevant, personalised email communications about services and products.
- To comply with our contractual or legal obligations.
- To react to customer needs inside & outside of business hours as part of emergency response.
- To send you survey and feedback requests to help improve our services.
How we protect your personal data
We know how much data security matters to all our clients. With this in mind we will treat your data with the utmost care and take all appropriate steps to protect it.
We secure access to all transactional areas of our website (https://www.hampton.agency) using ‘https’ technology.
Access to your personal data (such as email and phone number) is password-protected, and sensitive data (such as payment card information) is secured and encrypted to ensure it is protected.
All significant decisions about data processing and policy implementation will be made using UK GDPR. we take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this notice.
We use Google Analytics to collect standard internet log information on visitor behaviour patterns. We do this to understand how our website visitors use a website in order to provide an efficient user experience along with relevant information. This information is only processed in a way which does not identify individuals. For more information about Google Analytics terms and conditions, visit https://www.google.com/analytics/terms.
To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.
Website visitor behaviour analytic software
We use software to collect analytic information on how website visitors engage with our website pages and content. We do this to understand how our website visitors use a website in order to provide an efficient user experience along with relevant information. This information is only processed in a way which does not identify individuals.
We apply the UK GDPR principles to all personal data that we hold or process:
- Processed lawfully, fairly and in a transparent manner in relation to individuals.
- Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes.
- Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
- Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay.
- Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals.
- Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
We sometimes share your personal data with trusted third parties. Here’s the policy we apply to those organisations to keep your data safe and protect your privacy:
- We provide only the information they need to perform their specific services.
- They may only use your data for the exact purposes we specify in our contract with them.
- We work closely with them to ensure that your privacy is respected and protected at all times.
- If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.
Examples of the kind of third parties we work with are:
- IT companies who support our website and other business systems.
- Third-party suppliers.
- Third-party credit checks.
- Photographers or independent consultants (project-based).
We may share names email addresses pictures, job roles and organisational information as part of business-to-business networking events & with organisations & contractors commissioned to assist & co-ordinate these events.
Pre & post event/webinar management may include grouped online communications such as meeting invites in meeting chats and document sharing. Others attending may see your name email address and may see conversation responses and questions you may ask.
Where we have been commissioned by an Organisation to host a webinar or event, your registration & attendance information & any feedback you provide will be shared with this Organisation.
To help personalise your journey on our websites we use the following companies, who will process your personal data:
We do not anticipate providing services directly to children, however we do understand that if this change occurs, we will make provisions to verify age. We will also make further provisions to gain parental or guardian consent for data processing activity where required.
Hampton will continue to look for new ways to protect data however in the event of a data breach, we will notify the ICO within 72 hours of becoming aware of the breach, where we don’t yet have all the relevant details we will notify when we expect to have the results of the investigation. We have implemented the ICO guidance framework on managing a security breach. This framework includes the following
- Containment and recovery
- Assessing the risk/impact
- Notification of Breaches
- Evaluation & Response
All significant decisions about data processing and policy implementation will be made using UK GDPR. As part of the services offered to you the information which you provide to us will not be transferred to countries outside the European Union (“EU”) our servers are Located inside the EU. If we have a requirement to transfer your information outside of the EU in any way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Notice.
If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.
Your data protection rights
Under data protection law, you have rights we need to make you aware of. The rights available to you depend on our reason for processing your information.
Your right of access - You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process.
Your right to rectification - You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies.
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your information in certain circumstances.
Your right to object to processing - You have the right to object to processing if we are able to process your information because the process forms part of our public tasks or is in our legitimate interests.
Your right to data portability - This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another or give it to you. The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated.
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request. There are several ways you can stop direct marketing communications from us:
- Click the “unsubscribe” link in any direct marketing email communication that we send you. We will then stop any further direct marketing emails.
- You can also email or call us to ask us to add you to our suppression list. Please contact us at firstname.lastname@example.org or on 01224 620562 if you wish to make a request.
Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated.
Further information around your rights can be found at https://ico.org.uk/your-data-matters.
Hampton & Associates Ltd
34 Albyn Place, Aberdeen, AB10 1YL
Tel: 01224 620562