INTRO
This Privacy Notice relates to the processing activities of Chrysalis Partners Business Consulting Ltd (Chrysalis Partners)
At Chrysalis Partners, we are passionate about delivering the best possible results.
You may sometimes hear this document referred to as an FPN or Fair Processing Notice too. In short, it’s a snapshot of how we process your personal data whilst delivering a first-class service to our customers.
By taking the time to read the below, you will have a good idea of how Chrysalis Partners processes your data, from obtaining it in the first instance, right through to deletion. To help you feel empowered, we’ve even added in any Data Rights you may have too.
USING YOUR PERSONAL INFORMATION
We are what is known as the Data Controller, meaning we are an ‘entity’ that decides how and why your personal data is used.
When you contact us, we will collect some of your personal details to enable us to contact you about your query and enter into a contract should you wish to use our services.
We will never ask for more information than we need to process your relationship with us, collecting only what is deemed adequate to carry out the task.
Examples of the types of personal information we usually collect are:
- Name
- Address
- Telephone number (including mobile)
- Email address
- Payment details (Direct Debit, credit/debit card number)
Unless we tell you otherwise, the personal data and information you supply will never be used for any other purpose without your permission.
LAWFUL BASIS
We have several internal processes that enable us to service your requirements. For each, we must tell you about the lawful basis we will rely upon. In short, it is simply the reasoning and the justification behind the way we process your data.
Consent – We rely on this lawful basis, specifically around Direct Marketing
We may also rely on this basis should you decide to choose to activate any of the other cookie types.
For your information, we don’t collect information about you via cookies others than those that are deemed essential.
In any case, you can clear your cache at your own leisure.
Contract – You may have asked us to do something, for example, provide a quote for a service or perhaps a one-off chat.
Equally, we will also use this basis to enable us to deliver our service to you.
Legal Obligation – In line with statutory requirements, we may also have a need to process and keep data pertaining to any business we do together, for HMRC auditing purposes.
Legitimate Interest – We may use this lawful basis when processing data in ways you would reasonably expect to enable us to provide you with our service.
KEEPING AND STORING YOUR DATA
If you are an existing customer or we have had a relationship previously, we will keep your personal data for 6 years from the time our services to you cease.
This is because we have a legal obligation, as mentioned above, to HMRC, should they wish to make an enquiry with us. It also enables us to handle any complaints more effectively.
Should you make an enquiry and decide not to proceed with us, we will typically keep your data for 28 days, unless you tell us we can keep it to market to you in the future.
Your data really matters to us, so we make enquiries with our suppliers to establish where they may store your data or share it with their sub processors. At the time of writing, all of your personal data is stored within the European Economic Area (‘EEA’).
SHARING YOUR DATA WITH THIRD PARTIES
As you would expect, we don’t share any of your personal data with third parties for marketing purposes, although we may share it with companies in the course of managing our services to you.
Our suppliers are chosen following due diligence and vetting checks to ensure they are legitimate and trusted and will only be shared for purposes of:
To deliver the services you have asked for, which includes sharing your information with a specialist consultant from our network (if required for a specific service).
For a third party vendor such as eLearning providers or other partners that requires your data to reach out to you.
For legal or regulatory purposes including fraud prevention or supplying data to Law Enforcement agencies
If we buy or sell any business or company assets
MARKETING PREFERENCES
Chrysalis Partners are constantly improving our services and products for our clients. We believe these are exciting times for our business and want to bring you on the journey with us. However, we understand if you don’t want to hear from us. You can always change your mind later too.
If you do wish to hear from us, we’ll ask you how best to contact you, be it SMS, email, post or phone. You will also be able to unsubscribe via the link at the base of every marketing email.
YOUR RIGHTS
The Data Protection Act was updated in 2018, with Rights being at the forefront of the Regulators’ minds, from the outset. We totally support this and list the Rights you have (and more importantly, what they mean) below:
Right of Access – This means you have the right to ask us about the Personal Data we are currently holding about you and to be provided with this data.
Right to be informed – You have a right to be aware of how your data is being processed. We look to uphold this Right by providing you with THIS notice. Please be assured, should the way we process your data change, we will let you know.
Right to Data Portability – In basic terms, should you wish us to help you move your data to another organisation, we will do so in a secure and legible format.
Right to Erasure – In certain circumstances, you may have the right to have your personal data deleted. This will depend on whether there are other reasons that we may have to hold onto your information.
Right to Object – This might be a request to stop marketing to you, or perhaps, insist we stop processing your data for other reasons. Unless there is a compelling reason for us not to do so, we will cease the processing of your data.
Right to Rectification – It is important that the quality and accuracy of your data is of the highest standards and reflective of your circumstances. Requests might include an update of your bank details, contact details or perhaps a change of sex or name.
Right to Restrict – This right is normally upheld by a business upon receipt of a Right to Object request. This means we may ‘pause’ what we are doing with your data whilst we investigate your request
Rights in Relation to automated decision making and profiling – At present, we do not make use of profiling of automated decision making.
THE LEGAL BIT
Should you feel you would like to exercise one of the above rights, please contact Keith Blackshire at keith.blackshire@chrysalispartners.co.uk
If sending via email, please help us by clearly identifying in the subject line that this is in relation to a RIGHTS REQUEST. We have an obligation to deal with your request asap and in any case, within 1 month of receipt, so your assistance helps us deal with the request in a timely manner.
LESS THAN HAPPY?
In the unlikely event that you are unhappy with the way we have processed your personal data, you can contact the Information Commissioners Office, often referred to as the ICO.
For full details about how to share any concerns you may have, visit www.ico.org.uk/concerns/
MENTIONS OF OTHER COMPANIES ON OUR WEBSITE
We pride ourselves on the relationships we have built over the years.
To that end, we might include names and links of trusted partner agencies that we think you could benefit from, on our website, https://chrysalis-partners.com
Any contact with a third party will be subject to the rules and overarching Privacy Notices and Policies you have with that specific ‘Data Controller’ and not https://chrysalis-partners.com directly
Like with any website or business, please carefully read the conditions and be sure they are capable of effectively safeguarding your personal data before disclosing your details.
KEEPING YOU INFORMED
We have an obligation to ‘Keep you Informed’, so from time to time, may have a requirement to update this document to accurately reflect the way we process your personal data. We promise to review this Privacy Notice annually, in any case.
For your information, this is version V1.0 and was created and reviewed by Keith Blackshire, May 2023