Sunnyfield Marketing Privacy Policy
Welcome to the Sunnyfield Marketing Privacy Policy which describes the information that we collect about you; how we use and protect this information; and the choices you can make about how we use it.
Sunnyfield Marketing has been set up as an unincorporated membership association and is run entirely by local volunteers.
For the purposes of the General Data Protection Regulation (GDPR) the data controller is Sunnyfield Marketing
We hope the following sections will answer any questions you have but if not, please do get in touch with us.
Lawful grounds for processing your data
When collecting your personal data, we will always make clear which data is necessary in connection with a particular service. We may process your data for more than one lawful ground.
The law on data protection sets out a number of different reasons why we may collect and process your personal data, including:
Consent
In specific situations, we can collect and process your data with your consent. For example, when you sign up for our newsletter or promotions by providing your email address.
Contractual obligations
If you are a customer or a supplier, we need your personal data to comply with our contractual obligations. For example, if you are a Connect Business delegate or exhibitor we need your name, email address so that we can invoice you or send you information about the event.
Legal compliance
If the law requires us to, we may need to collect, process and store your data. For example, we need to store personal data that is needed to support our regulatory reporting to HMRC and Companies House.
Legitimate interest
We will use your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our association and which does not materially impact your rights, freedom or interests.
For example, we may use your address details to send you invitations to events that we think might interest you.
When do we collect your personal data?
We may collect personal data under any of the following circumstances. It will always be clear what we are collecting and why.
We may collect data from publicly-available sources when you have given your consent to share information or where the information is made public as a matter of law.
We will never insist on having your consent in order to receive any of our services or information
What personal data do we collect?
How and why do we use your personal data?
Here’s how we’ll use your personal data and why. (If you wish to change how we use your data, you’ll find details in the ‘What are my rights?’ section below)
If you are a customer or past customer, then we will use your personal data to:
If you are yet to become a customer but have expressed an interest in what we can offer, then we will use your personal data to:
Protecting your personal data.
We will treat your data with the utmost care and take all appropriate steps to protect it. Our website is secured with ‘https’ technology and access to your personal data is password-protected on the various applications we use. Data is regularly backed up and virus software kept up to date.
We have a procedure in place to handle any data breaches if they should occur.
How long will we keep your personal data?
We will only keep your personal data for as long as is necessary for the purpose for which it was collected or as specified by HMRC or similar regulatory authorities.
At the end of that retention period, your data will either be deleted completely or anonymised (so that it can still be used for management information analysis).
Who do we share your personal data with?
We will share your personal data with trusted third parties who act as data processors. We check that they are GDPR compliant and have processing agreements in place with each of them.
We provide only the information they need to perform their specific services and they may only use your data for the exact purposes we specify in our contract with them. If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.
We do not sell your data to any third party nor do we share your data with any third party for their own direct marketing purposes
We currently use the following companies, who will process your personal data as part of their contracts with us:
Where your personal data may be processed
Several of the data processors we use are outside of the EEA. The EEA includes all EU Member countries as well as Iceland, Liechtenstein and Norway. Where the processor is outside of the EEA we ensure that they have appropriate privacy policies in place and that the processing agreement with them includes appropriate protection for your data.
What are your rights over your personal data?
You have the right to request:
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any data subject access request you make under this Privacy Notice. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
Links to other websites
This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
Please check the terms of the third-party website’s privacy policy before submitting any personal data to such a website.
Contacting the Regulator
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
You can contact them by calling 0303 123 1113 or go online to www.ico.org.uk/concerns
If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.
Sunnyfield Marketing has been set up as an unincorporated membership association and is run entirely by local volunteers.
For the purposes of the General Data Protection Regulation (GDPR) the data controller is Sunnyfield Marketing
We hope the following sections will answer any questions you have but if not, please do get in touch with us.
Lawful grounds for processing your data
When collecting your personal data, we will always make clear which data is necessary in connection with a particular service. We may process your data for more than one lawful ground.
The law on data protection sets out a number of different reasons why we may collect and process your personal data, including:
Consent
In specific situations, we can collect and process your data with your consent. For example, when you sign up for our newsletter or promotions by providing your email address.
Contractual obligations
If you are a customer or a supplier, we need your personal data to comply with our contractual obligations. For example, if you are a Connect Business delegate or exhibitor we need your name, email address so that we can invoice you or send you information about the event.
Legal compliance
If the law requires us to, we may need to collect, process and store your data. For example, we need to store personal data that is needed to support our regulatory reporting to HMRC and Companies House.
Legitimate interest
We will use your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our association and which does not materially impact your rights, freedom or interests.
For example, we may use your address details to send you invitations to events that we think might interest you.
When do we collect your personal data?
We may collect personal data under any of the following circumstances. It will always be clear what we are collecting and why.
- When you book to attend an event
- When you sign up for our newsletter and promotions via our website
- When you’ve given a third-party permission to share with us the information they hold about you.
- When you deliver a service or a product to us as a supplier
We may collect data from publicly-available sources when you have given your consent to share information or where the information is made public as a matter of law.
We will never insist on having your consent in order to receive any of our services or information
What personal data do we collect?
- Name
- Email address
- Telephone number
- Mobile phone number
- Dietary requirements (only if you attend our events)
- Accessibility requirements (only if you attend our events)
- Your social media username, if you interact with us through those channels, to help us respond to your comments, questions or feedback.
- Business address
- Photographs at events
How and why do we use your personal data?
Here’s how we’ll use your personal data and why. (If you wish to change how we use your data, you’ll find details in the ‘What are my rights?’ section below)
If you are a customer or past customer, then we will use your personal data to:
- Deliver our contractual obligations
- To keep you informed about other events
- To send you joining instructions for events
If you are yet to become a customer but have expressed an interest in what we can offer, then we will use your personal data to:
- Send you invitations to relevant events
- Send you newsletters
- Check arrangements for meetings or events (by mobile phone, text or email)
- Ensure any catering arrangements at events meet your dietary requirements
- Ensure that any accessibility requirements can be handled at any event
- To send you joining instructions for events
- To process any event booking
Protecting your personal data.
We will treat your data with the utmost care and take all appropriate steps to protect it. Our website is secured with ‘https’ technology and access to your personal data is password-protected on the various applications we use. Data is regularly backed up and virus software kept up to date.
We have a procedure in place to handle any data breaches if they should occur.
How long will we keep your personal data?
We will only keep your personal data for as long as is necessary for the purpose for which it was collected or as specified by HMRC or similar regulatory authorities.
At the end of that retention period, your data will either be deleted completely or anonymised (so that it can still be used for management information analysis).
Who do we share your personal data with?
We will share your personal data with trusted third parties who act as data processors. We check that they are GDPR compliant and have processing agreements in place with each of them.
We provide only the information they need to perform their specific services and they may only use your data for the exact purposes we specify in our contract with them. If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.
We do not sell your data to any third party nor do we share your data with any third party for their own direct marketing purposes
We currently use the following companies, who will process your personal data as part of their contracts with us:
- Mailchimp
- We use Mailchimp, to deliver our electronic newsletters and promotional emails. We gather statistics around email opening and clicks to help us monitor and improve our newsletter and email campaigns. For more information, please see Mailchimp’s privacy notice.
- Google
- When someone visits www.sunnyfieldmarketing.co.uk we use Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. The way this information is processed does not allow us to identify an individual
- When someone visits www.sunnyfieldmarketing.co.uk we use Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. The way this information is processed does not allow us to identify an individual
- Facebook
- We only use Facebook to share information, tips and promote events. We do not use any of the personal data outside of Facebook
- Twitter
- We use Twitter to share information and promote events. We do not use any of the personal data outside of Twitter.
- LinkedIn
- We use LinkedIn to share information and promote events as well as contacting our connections via the platform. Email addresses may also be used outside of LinkedIn
- Smart Survey and Survey Monkey
- Using Smart Survey or Survey Monkey we may from time to time ask you to complete surveys that we use for research purposes. You do not have to respond to these surveys and may opt out of future emails by clicking a link at the bottom of the email. These messages will not include any promotional content.
Where your personal data may be processed
Several of the data processors we use are outside of the EEA. The EEA includes all EU Member countries as well as Iceland, Liechtenstein and Norway. Where the processor is outside of the EEA we ensure that they have appropriate privacy policies in place and that the processing agreement with them includes appropriate protection for your data.
What are your rights over your personal data?
You have the right to request:
- Access to the personal data we hold about you
- The correction of your personal data when incorrect, out of date or incomplete.
- That we stop using your personal data for direct marketing (either through specific channels, or all channels). You can click the ‘unsubscribe’ link in any email communication we send you or send an email to [email protected] subject ‘UNSUBSCRIBE’ Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated
- That we stop any consent-based processing of your personal data after you withdraw that consent.
- That we erase all data that we hold about you
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any data subject access request you make under this Privacy Notice. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
Links to other websites
This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
Please check the terms of the third-party website’s privacy policy before submitting any personal data to such a website.
Contacting the Regulator
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
You can contact them by calling 0303 123 1113 or go online to www.ico.org.uk/concerns
If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.