Orenda Living takes the privacy of client’s and potential client’s personal data seriously and make great efforts to protect this data as best as we can. We strive to always be clear about how we use this data and this policy details what personal data we hold / process, why we do this and how we look after the data. It complies with the relevant requirements specified in the General Data Protection Regulation (GDPR) and applies to when you visit our website and social media and when you use our services. We have sectioned the policy for ease of reference into the following aspects of the policy:
Who are we and who is responsible for your data
Contact details if you need to contact us about how we process the data
Types of personal data we process and how we attain this data
Disclosure of personal data
Transfer of personal data
Secure storage of personal data
Retention of personal data
Changes to our Data Protection Policy
Our business may change over time which may result in how we use, protect and store personal data. If this does happen, we will make the necessary changes to our Data Protection Policy and update our website. You may contact us any time via www.orendaliving.com or telephone 028 71 329 362 or email email@example.com.
• Who we are and who is responsible for your data
This policy aims to provide you with information on how Orenda Living collects and processes your personal data through any dealings with us, including any services of ours you may use.
Orenda Living is the controller and responsible for your personal data. Address: 4 Victoria Road, Derry-Londonderry, BT472AB.
• Contact details if you need to contact us about how we process the data
We have assigned a data privacy supervisor who is responsible for overseeing questions in relation to this policy. If you have any questions about this policy, including any requests to exercise your legal rights, please contact firstname.lastname@example.org or telephone 028 71 329 362.
• Types of personal data we process and how we attain this data
Personal data is any information about an individual from which that person can be easily identified.
You may provide personal data by requesting information on our products and / or services or by completing contact requests via our website.
We may need to collect, use and store different types of data about you:
Identity Data – this includes first name, last name, and position in company.
Contact Data – this includes billing address, email address and telephone numbers.
Financial Data – this includes payment details.
Transaction Data – this includes details about payments to and from you and other details of services you have purchased from us.
Marketing and Communication Data – this includes your preferences in receiving marketing from us.
If you fail to provide personal data we may not be able to perform the contract we have or are trying to enter into with you e.g. to provide you with services. In this case, we may have to cancel a service you have with us but we will notify you if this is the case.
We use different methods to collect data from you:
Direct interactions – you may provide us with your data e.g. name, contact details, financial data when completing forms or by corresponding with us by post, phone, email or otherwise. Personal data is also collected when you use our services, participate in our events, provide us with feedback on our performance or by swapping data at networking events.
Automated technologies or interactions – as you interact with our website and social media accounts we may collect technical data to ascertain effective marketing techniques.
• Disclosure of personal data
We will only use your personal data when the law allows us to e.g. where we need to perform the contract we are about to enter into or have entered into with you or where we need to comply with a legal or regulatory obligation. Generally, we do not rely on consent as a legal basis for processing your personal data.
Please see link on how we may use your personal data.
We endeavour to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We have established the following personal data control mechanisms:
We may use your identity and contact data to form a view on what we think you may want or need or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.
You will receive marketing communications from us if you have requested information from us or purchased goods or services from us and in each case, you have not opted out of receiving that marketing.
You can ask us to stop sending you marketing messages at any time by following the opt out links on any marketing message sent to you or by contacting us at any time.
Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose please contact us.
Please note we may process your data without your knowledge or consent, in compliance with the above rules, where this is permitted by law.
• Transfer of personal data
We will not share your data with any third parties unless you inform us in writing to do so.
• Secure Storage of personal data
We have put in place appropriate security measure to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
• Retention of personal data
We will retain your personal data for as long as necessary to fulfil the purposes we collected it for,
including the purposes of meeting any legal, accounting or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means.
If, for any reason, you would like to make a complaint please contact us via 028 71 329 362 or email email@example.com.
When we receive your complaint we make up a file containing details of the issues raised. This file also contains personal data i.e. the identity of the complainant and any other individuals involved in the complaint.
We will only use the personal data we collect to process the complaint and to check on the level of service we provide.
We may have to disclose the complainant’s identity to whoever the complaint is about but we will inform you of this at the time.
We will keep personal data contained in complaint files for 2 years from closure. It will be retained in a secure environment and access to it will be restricted according to the “need to know” basis.