DATA PROTECTION POLICY & PRIVACY NOTICE
SECTION ONE – DATA PROTECTION POLICY
Alluxi Consulting Ltd, Registered Company 9666266
The Brand Building, Briar Close, Wye. TN25 5HB
For any queries regarding the content of this Policy Document and Privacy Notice, or any requests to access data held, please contact Linda Garcia on 07717 221368 or linda@alluxi.co.uk
Alluxi Consulting Ltd is registered with the Information Commissioner’s Office, reference A8746485
Understanding our Obligations
Alluxi Consulting have assessed and documented all processing activities conducted regularly, those exposing data to a high-risk and any sensitive personal data. These activities have been justified using the Legal Bases and Special Conditions provided in the Regulations and written into a Privacy Notice, please see Section Two of this document. The Privacy Notice is also available to all Interested Parties on our website, alluxi.co.uk
Data Subject Access Rights
Individuals have the right to request details of any personal information that Alluxi Consulting may hold on you, and you have increased rights regarding our use of that information, including;
- The right to request rectification of information that is inaccurate or out of date
- The right to erasure of your information (also known as “the right to be forgotten”)
- The right to restrict the way in which we are dealing with and using your information
- The right to request that your information be provided to you in a format that is secure and suitable for re-use (also known as “the right to portability”)
Alluxi Consulting acknowledges that any person may ask if any information is held containing their personal data. Alluxi Consulting will respond to written requests as soon as possible, not taking any longer than 30 days to provide copies of any data held. The company shall correct any errors if requested, and agrees to delete records where this is permitted under the Legal Basis.
Review of Data Protection Policy and Privacy Notice
Data Protection is a standing agenda item at the Alluxi Consulting Management Review Meeting; this includes a review of the Data Protection Impact Assessment and Privacy Notice for relevance and accuracy. The documents, and this policy document, shall be reviewed in full at least annually.
Security Details
Every effort is made to manage the personal information held by Alluxi Consulting in a responsible and secure manner. To this end, all network equipment is encrypted and password protected. The local hard-drive is backed up daily. Client files are held in the Cloud. LastPass software is used with a two-stage authentication process to access applications for file sharing, which are also set up with additional two-stage authentication processes.
Hard copies of client files are kept in a secure room on the premises.
Breach Response
In the event of a breach, such as a break-in, loss or theft of a laptop or phone, all staff and clients will be made aware. If there is a serious risk of personal data being misused, then all contacts will be informed and the incident reported to the Information Commissioner’s Office within three days of the breach being discovered; Alluxi Consulting will then take guidance on further action from the ICO.
Cookies
Cookies are small text files that are placed on your computer by your web browser when you use the internet. They allow information gathered on the web page to be stored until needed for use, allowing a website to provide you with a personalised experience.
Some cookies last for a set period of time e.g. until you close your browser. Others may last indefinitely.
Your web browser should allow you to delete any cookies you choose and to prevent or limit the use of cookies.
| Cookie | Name ( Expiry ) | Purpose |
| Preference cookies | wfvt_# ( Expiry: 30 minutes) | These cookies are used to remember your preferences. |
| Security cookies | wordfence_verifiedHuman ( Expiry: 24 hours ) | These cookies necessary and are used to keep this website secure. It collects your IP address to monitor activity in order to prevent access to any malicious IP addresses. |
| Google Analytics | _ga ( Expiry: 2 years ) _gat ( Expiry: 1 minute ) _gid ( Expiry: 24 hours ) Collect ( Expiry: session ) |
These cookies are used to collect information about how you use our website. The information collected includes number of visitors, pages visited and time spent on the website. The information is collected by Google Analytics an aggregated and anonymous form, and we use the data to help us make improvements to the website. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance. Click here for more information about Google Analytics and your privacy. |
| Analytical cookies | p.gif ( Expiry: session ) | Analytical cookies help us to improve our website by collecting and reporting information on its usage so that we can continue to produce engaging content. These cookies may track things such as how long you spend on the site or pages you visit which helps us to understand how we can improve the site for you. |
| Marketing cookies | NID ( Expiry: 6 months ) ads/ga-audiences ( Expiry: session ) |
These cookies are used by Google to show you relevant and engaging ads. |
Disabling cookies
You can manage your cookie settings by clicking the icon in the bottom right hand corner of the screen. You can also prevent the use of cookies by adjusting your browser settings.
Please be aware that some cookies are necessary for the website to function properly. If you disable these cookies in your browser, parts of the website may not work correctly. For more information about cookies, visit https://www.allaboutcookies.org/
Analytics
Our website uses Google Analytics to collect data and statistics about how our website is used e.g which pages our visited. This information is anonymous.
SECTION TWO – PRIVACY NOTICE
Processing Activity Statements
Activity
Purpose/justification – Legal Basis / Special Condition
Client Files
Profiling
As part of Leadership assessment some profiling of key staff may be undertaken, including interviews to determine views and opinions on business operations – Contract
Working Documents
Company procedures, not usually containing any personal information, but may include job descriptions and commercial KPIs – Contract
Dropbox File Sharing Service
Online programme to facilitate file sharing, listed here as the servers for the programme are in the US – Legitimate Interests
General Contacts
Database of Contact Information for Businesses
Business contacts from networking and referrals for the promotion of the Alluxi Consulting – Legitimate Interests
3rd Party Marketing Support
Simple Advertising support with specific marketing campaigns, business contact information is shared for this purpose only – Legitimate Interests
MailChimp Service
Online programme to facilitate email marketing campaigns, listed here as the servers for the programme are in the US – Legitimate Interests
Business Accreditation
Chartered Management Institute
Application for membership will contain personal information and evidence of qualifications – Legitimate Interests
International Clients
Supply of Advisory Services
Email exchange to assess client requirements and then deliver the required Bid & Tendering Support, no personal information transferred, listed here as professional business contacts are shared outside of the EU – Contract
Staff
Employment Records
Retention of application form and contract, copies of identification and qualifications where applicable – Legal Obligation / Special Condition B Legal Compliance