Last updated: May 2018
Happy Giraffe Group are the controller of your personal data.
Happy Giraffe Group Limited
Sandford House, 6 & 7 Lower High Street, Stourbridge, West Midlands DY8 1TE
Company No: 09889776
Our data protection lead is Managing Director, Matt Peace. If you have any questions about how we use personal data or wish to exercise your rights and request information, please email: firstname.lastname@example.org.
As a data subject, you have the following rights in relation to your personal data:
- To access the personal information Happy Giraffe holds about you free of charge. This is known as a Subject Access Request. To make a request, please contact the data controller listed above: email@example.com.
- To correct inaccuracies or, where appropriate and taking into account the purpose for which we process your data, the right to have incomplete data completed;
- To have your personal data erased. This is a limited right which applies, among other circumstances, when the data is no longer required or the processing has no legal justification. There are also exceptions to this right, such as when the processing is required by law or in the public interest (e.g. when the Foundation needs to retain a historical archive);
- To object to the processing of your personal data for marketing purposes. If you ask us to delete your personal data, we will continue to maintain a core set of personal data comprising very brief information to ensure that we do not inadvertently contact you in future. We may also need to retain some financial records for statutory purposes;
- To object to the processing of your personal data when that processing is based on specific criteria such as the public interest or other legitimate interests, unless we have compelling lawful grounds to continue;
- To restrict the processing of your personal data. This is a limited right which will apply in specific circumstances and for a limited period;
- To ask for the transfer of your data electronically to a third party;
- Where the legal basis for us processing your personal data is your consent, to withdraw that consent at any time.
General information on how we collect data
We understand how important it is to treat the data we capture correctly. We do not, nor will we ever sell, rent or loan any data to 3rd parties that identifies you without your consent.
We may collect personal information from you. The main circumstances are as follows:
- When you submit an enquiry via one of our websites forms – we may collect your name, email address, telephone and other information.
- When you contact us directly, we may keep a record of the correspondence including contact information.
- When you use our website, we will collect:
- We use a feature of your internet browser called a ‘cookie’ on the Happy Giraffe website. We do not use ‘cookies’ to retrieve personal information about you from your computer. We will only gain such information if you have knowingly and willingly provided such information to us.
- We may collect information from your computer, including where available your IP address, operating system and browser type. This is statistical data about users’ browsing actions and patterns for reporting.
Happy Giraffe are committed to protecting and respecting your privacy and have taken out technical and organisational measures to keep your data secure. To view our data protection policy in full, click here.
We are committed to:
- ensuring that we comply with the eight data protection principles, as listed.
- meeting our legal obligations as laid down by the Data Protection Act 1998 and GDPR May 2018 and the resulting changes as listed.
- ensuring that data is collected and used fairly and lawfully
- processing personal data only in order to meet our operational needs or fulfil legal requirements
- taking steps to ensure that personal data is up to date and accurate
- establishing appropriate retention periods for personal data
- ensuring that data subjects’ rights can be appropriately exercised
- providing adequate security measures to protect personal data
- ensuring that a nominated officer is responsible for data protection compliance and provides a point of contact for all data protection issues
- ensuring that all staff are made aware of good practice in data protection
- providing adequate training for all staff responsible for personal data
- ensuring that everyone handling personal data knows where to find further guidance
- ensuring that queries about data protection, internal and external to the organisation, is dealt with effectively and promptly
- regularly reviewing data protection procedures and guidelines within the organisation.
General information on how we use data
We may use your personal information:
- to provide you with information or marketing communications on our services that you request from us
- to make you aware of related services (but only with your consent where required)
- to notify you of any changes to our services
- to assist with any contractual obligations between us
- for reporting and monitoring purposes.
We will retain your personal data no longer than is necessary for the purposes for which it is processed.
Information on sharing and collecting data
We do not rent, sell or share personal information about you with other people or nonaffiliated companies except to provide products or services you’ve requested, when we have your permission.
We will use reasonable efforts to ensure that your personal data is not disclosed to regional/national institutions and authorities, unless required by law or other regulations.
We may update this policy. We will notify you about significant changes in the way we treat personal information by placing a prominent notice on our website.