This policy discloses the practices of the Data Controller: The Obsidian Co. Ltd (together referred to as “we”, “us”, “our” or “Company”). It aims to inform you of the types of information we collect about you and why, how we will use it and the steps we take to ensure its security.
We only use personally identifiable information (your data) for the specific purpose of developing new business for our company. Our lawful basis for processing your data is Legitimate Interest stated here as the assumption that the organization at which you are employed may benefit from the services offered by our company.
Was publicly available via the internet, social media; print or broadcast media, or;
Was provided directly by you (or by another employee of your organization or by someone with prior knowledge of you professionally) in conversation with one of our representatives either in person, via telephone or email or other correspondence*, and; Can include your name, job title or role within your organization, email address; telephone numbers, and; Is limited to the minimum amount required for the stated purpose, and; Will be processed no further than necessary to carry out the stated purpose and will not be reappropriated for any other purpose nor be shared with any third party, and; Will be retained no longer than necessary and deleted if not used for the stated purpose for a period of two years. We use the information to contact you from time to time:
To ensure we keep the potential requirements of your organization up to date, and; To make sure we are in touch with the person at your organization most relevant to the provision of our services. At no time will your data be subjected to automated decision-making or profiling.
Your information will be stored securely by U.S. based data centers and duplicated for redundancy on European Union based data centers owned and operated by Linode or Siteground. Your data may also be processed by Google (the platform we use for sending and receiving email, preparing proposals, scheduling meetings and so on). In our company, access to your data is limited to employees specifically tasked with managing data or developing new business.
To exercise any of your rights: to be informed; of access; to rectification; to erasure; to restrict processing; to data portability; to object, or; in relation to automated decision-making and profiling, or if you have any questions about this policy or our privacy practices please email firstname.lastname@example.org
If you believe we have not upheld our obligations under the General Data Protection Regulation (GDPR) you have the right to the right to lodge a complaint with a supervisory authority. In the UK this is the Information Commissioner’s Office. Details on how to lodge a complaint can be found at https://ico.org.uk/concerns/
*Information is always given freely, without remuneration, and received in good faith.