pro-manchester Limited takes your privacy extremely seriously. This policy sets out how we collect and process any personal data you may provide to us when you book onto our events, purchase any services or memberships, sign up to our digital marketing or use any of our websites:
This policy applies where pro-manchester Limited (referred to as “we”, “us” or “our” in this privacy notice) identify as the data controller and where we are responsible for your personal data.
pro-manchester Limited have appointed a Data Protection Manager, who will be responsible for privacy matters and the protection of personal data we hold as an organisation, their details are below:
Name: Isabel Riley
Email address: email@example.com
Telephone number: 0161 833 0964
pro-manchester Limited is a company registered in England and Wales registration number 05001675 whose registered office is Level 9 – Tower 12, 18/22 Bridge Street Spinningfields, Manchester, M3 3BZ.
If you are unhappy with the way we collect or process your personal information, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) who are the UK’s supervisory authority for data protection.
Complaints and concerns can be lodged with the ICO via this link: https://ico.org.uk/concerns/
We kindly ask that before any complaints are lodged with the ICO, that you contact us first to try and resolve any issues you may have.
2. What data do we collect?
Personal information we may collect and process from you includes:
• Contact information – such as your name, address, telephone number and email address.
• Financial information – such as your bank account details or payment-related data.
• Technical information – this may include your IP address, browser details, location analytics, login details and any other technology information related with you using our site.
• Information provided to us by our clients which enable us to provide our services to their staff – this could include email addresses, account details or device identifiers.
• Any other personal information you may provide to us in the process of us providing you with our services.
Under the General Data Protection Regulation/Data Protection Act 2018, sensitive personal data is data which includes information about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data.
pro-manchester does not collect sensitive personal data about you – if we were to require it for any reason, we would seek explicit consent from you to gather this.
3. How do we use your personal data?
We will only use your personal data for the following reasons:
• To provide you with the services we offer as a business
• To provide you with information you have requested from us
• To keep you updated on our business, events and any news we may have
• To manage our relationship with you as an existing or potential member
• To fulfil any legal or contractual obligations we may have which require the processing of personal data
4. How do we obtain your data?
We can collect data about you via a variety of methods:
• From direct actions we may have with you by communicating via phone, email or post
• When you sign-up to services on our website – including our mailing list, contact forms, signing up for events or purchasing a service/membership
• From automated technologies or interactions as you use our website from analytics engines and cookies – please see our section on cookies for more details
• When you sign-up to attend any events, we may hold
• When you provide information to us as part of our sign-up process with you as a client.
4. Our lawful purposes for collecting and processing your information
We have identified that we will use your information for the following reasons:
• Where we need to perform the contract between us.
• Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
• Where we need to comply with a legal or regulatory obligation.
Generally, we do not rely on consent as a lawful purpose for processing your personal data, other than in relation to sending marketing communications to you when we when you are not already an existing client or to transfer your data outside of the EEA and recognised third countries. You have the right to withdraw consent (where applicable) at any time by emailing us at firstname.lastname@example.org.
5. Who do we share your information with?
We may need to share your information with third parties in order to provide you with our services or to market to you, these third parties include:
• Sage Cloud
• Insightly CRM
Where we do share your information with third parties, pro-manchester ensures that the highest levels of data protection are in place in accordance with the law. Third parties with whom we share data are only permitted to process this data for the specified purposes we stipulate with them.
We do not sell your information onto third parties.
6. International transfers
Where possible, we ensure that your data is stored within the European Economic Area (EEA), however some of our storage locations and service providers may be hosted outside of the EEA. When we do need to transfer your personal data out of the EEA, we ensure one of the following safeguards are in place to provide a similar level of security of your data:
• Your personal data has been transferred to a country that has been deemed to provide an adequate level of protection for personal data by the European Commission; or
• The hosting environment we use has specific contracts, codes of conduct or certification mechanisms in-place which have been approved by the European Commission; or
• Where we transfer data to the United States, we ensure our providers are certified as part of the EU-US Privacy Shield programme.
If none of these safeguards are available, we will only transfer your data with your explicit consent – which can be removed at any time by contacting us.
Please email us at email@example.com if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
7. Retention periods
Your personal information will be retained in accordance with our data retention policy which categorises all of the data assets held by us and specifies the appropriate retention period for each data asset.
These periods are based on the requirements to keep the data for as long as necessary to fulfil the purpose for which it was collected, to meet any legal requirements or to satisfy any reporting, accounting or contractual needs.
8. Your rights
Under the General Data Protection Regulation/Data Protection Act (2018), you have certain rights regarding your personal data, these include the right to:
• Request access to your personal data
• Request correction of your personal data
• Request erasure of your personal data
• Object to processing of your personal data
• Request restriction of processing your personal data
• Request transfer of your personal data
• Right to withdraw consent
You may exercise any of these rights by raising a subject access request with us. You can do this by contacting out Data Protection Manager via the details below:
Name: Isabel Riley
Email address: firstname.lastname@example.org
Telephone number: 0161 833 0964
We will not charge you for making a request and we will make all reasonable efforts to respond to you within 30 days. Sometimes it may take longer than 30 days to gather all the information we may hold on you, in this situation we will keep you updated at all times.
You can instruct us at any time to stop processing your personal data for the purposes of marketing.
We may refuse your request or withhold any personal information that you request if there is an overriding legal reason for us to do so.
8. Information security
pro-manchester takes the security of your information extremely seriously. In order to protect your data, we implement a risk-based approach to adopt the strongest organisational and technical controls in order to protect the confidentiality, integrity and availability of your data.
We undertake regular assessments of our information security and have certified to both the IASME governance and Cyber Essentials certifications. Your data is encrypted whilst stored in any of our systems and whilst in transit, and our systems are protected by robust and resilient cyber security controls.
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
The cookies we use
• Login related cookies:
• Forms related cookies:
When you submit data to through a form such as those found on contact pages or comment forms cookies may be set to remember your user details for future correspondence.
• Site preferences cookies:
In order to provide you with a great experience on this site we provide the functionality to set your preferences for how this site runs when you use it. In order to remember your preferences, we need to set cookies so that this information can be called whenever you interact with a page is affected by your preferences.
• Third Party Cookies
• This site uses Google Analytics which is one of the most widespread and trusted analytics solution on the web for helping us to understand how you use the site and ways that we can improve your experience. These cookies may track things such as how long you spend on the site and the pages that you visit so we can continue to produce engaging content.
For more information on Google Analytics cookies, see the official Google Analytics page.
• From time to time we test new features and make subtle changes to the way that the site is delivered. When we are still testing new features, these cookies may be used to ensure that you receive a consistent experience whilst on the site whilst ensuring we understand which optimisations our users appreciate the most.
Most browsers allow you to refuse to accept cookies and to delete cookies. The method for doing so differs with each browser, the following guides for the most common internet browsers detail the processes for doing this:
Blocking cookies may impact your experience on our website as you may not be able to make full use of the features on it.
We keep this policy under regular review. This policy was last reviewed on 16th May 2018. Any questions about this policy can be directed to our Data Protection Manager via the details set out in section 1 of this policy.
When you use our live chat service, we automatically collect the following information: IP address, browser type and operating system.
We will also collect your name, phone number, email address and any other information which you provide to us in order to follow up on an enquiry. If your enquiry is dependant on
location, we may also need to confirm a postcode.
Transfer and storage of your information
SnapEngage stores your information for 60 days.
Live Chat Cookies
Our live chat service uses functional cookies to allow it to function properly. For further information on these cookies, please see our cookies policy, which is available above.
The live chat cookies that may be used are listed below:
Legal basis for processing: our legitimate interests (Article 6(1)(f) of the General Data Protection Regulation).
Legitimate interests: we have a legitimate interest in collecting your IP address, browser information and device to better understand our customers as they access our website and
live chat service.
We have a legitimate interest in collecting your name, email address, phone number and any additional information you provide in order to be able to respond to your enquiry and
messages you submit via our live chat service. We ask for your phone number and email address in case we are unable to reach you on one of those means and to ensure that we
are able to respond to your enquiry as quickly and effectively as possible.
We ask for your name so that we know who we will be contacting, to allow us to ensure we are contacting the correct person and for legal and evidential purposes so that we can
identify what we have said to whom and when.
Legal basis for processing: necessary to perform a contract or to take steps at your request to enter into a contract with you (Article 6(1)(b) of the General Data Protection Regulation).
Reason why necessary to perform a contract: where your message or enquiry relates to our goods and services, we will collect your information in order to enter into a contract with
you or take steps to enter into a contract with you. This includes the collection of your name, email address and phone number so we know who we are contracting with and so
that we can provide you with the information you need in order to be able to enter into a contract with you.
How Long We Retain Your information
Live chat transcripts: we store the information from our live chat service for a maximum period of seven (7) years in order to defend against legal claims. This period is the maximum
period in which a claim form can be issued and served in respect of contract and tort claims under the Limitation Act 1980 under English law.
Transfers of your information outside the European Economic Area
Live chat information you submit to us by email is transferred outside the EEA and stored on SnapEngage’s servers in the United States of America.
Country of storage: United States of America. This country is not subject to an adequacy decision by the European Commission.
Safeguard(s) used: our SnapEngage has self-certified its compliance with the EU-U.S. Privacy Shield which is available https://www.privacyshield.gov/. The EU-U.S. Privacy Shield is an
approved certification mechanism under Article 42 of the General Data Protection Regulation, which is permitted under Article 46(2)(f) of the General Data Protection Regulation. You can access the European Commission decision on the adequacy of the EU-U.S. Privacy Shield https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-p
Updated 15 May 2018