GDPR COMPLIANT PRIVACY POLICY

The following document explains how Intent Communications Ltd. uses, processes and protects personal data collected via our website. We therefore request you to carefully read the following Privacy Policy as you will be legally bound by its terms whenever you visit our website or when you provide any personal data about yourself.

Background

Intent Communications Ltd. (“Intent Communications”, “The Company”, “we”, “us”) value and respect the privacy of those who visit our website or provide information and personal data to us for the purposes of availing our services and/or for carrying out any other business or dealings with us.

This Privacy Policy (“the Policy”) provides information on how we collect information from our clients and other persons or organisations that visit our website or who we deal with for the purposes of carrying out our business. It should be read in conjunction with the Terms of Business that we may have issued to you, our website and with the information contained in the Register of Fee Payers published electronically by the Office of the Information Commissioner (“ICO”).

Who we are

For the purposes of the Data Protection Act 2018 (“the DPA”) and the General Data Protection Regulation (Regulation (EU) 2016/679) (“the GDPR”), the data controller in respect of any personal data submitted by you will be Intent Communications Ltd. which is a private limited company incorporated under the laws of England and Wales and registered at the Companies House under number 12411948. Our registered office address is 40 Haig Road West, London, England E13 9LH. ​ ​

Who is the person responsible for the management of your data?

We are registered with the Information Commissioner’s Office (ICO) under reference number ZA795486.

The Person responsible for data protection is Namrata Nadkarni. For any queries relating to the management of your personal data please do not hesitate to send us an email at info@intentcommunications.co.uk. ​ ​

What personal data do we need/receive?

“Personal Data” has been defined under the GDPR as “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular, by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.”

Any references to “personal data” in this Policy therefore means information about living individuals, which, alone or in conjunction with other information held by us is capable of identifying them. The DPA and the GDPR regulate our use of your personal data.

In order to provide our services or for the purposes of conducting our business we may need the following data from the individuals we are dealing with (We have tried to cover categories of data that we generally require while providing services to our clients or for operating our business. However, this is not an exhaustive list)

Sources of personal data

​ We may obtain personal data from you when you contact us or get in touch with us via our website or when you or your organisation correspond with us through any means of communication. This includes personal data you provide to us when you:

We may also collect and retain personal data

What are the purposes for gathering and processing your personal data?

We may gather and use your personal data for a number of purposes as set out below.

Providing our Services

We will collect and use all relevant information, including your personal data for the purposes of addressing your queries about the services offered by us and for providing our services to you, as requested by you or in accordance with a contract to perform services entered into between you and us. (We will retain your personal data for so long as is necessary for the contract or for us to be able to provide services and then as required for legal and compliance purposes, the period of retention not being less than 5 (five) years from the date on which such data was first gathered).

Contacting our clients or users of our website

If you have opted in to receive our newsletters, offers and updates, we will use relevant personal data to send such communications to you. (We will retain your personal data for these purposes until you opt-out of receiving our newsletters and/or other forms of marketing related communication).

Due Diligence

We may collect your personal data for the purposes of compliance and due diligence such as carrying out ‘Know your Customer’ checks, credit-worthiness checks and/or any other background checks we may be required to undertake by a regulatory body or otherwise for the purposes of our business. We may also gather and use your personal data to fulfil any professional, regulatory or legal obligations we may have towards you, other clients, regulatory authorities or to any other person under statute or otherwise. (We will retain your data for these purposes for so long as is necessary to document our compliance with the law or regulatory requirements (if applicable), the period of retention not being less than 5 (five) years from the date on which such data was first gathered).

Analytics

We use cookies and analytics tools (described in further detail below) to monitor and analyse user website activities, including but not limited to page views, location of access and sources and time spent on the website. This information is depersonalised and is displayed as numbers. This information cannot be traced back to individuals. This therefore ensures your privacy.

Events

We may gather and use your information for the purposes of inviting you to organised events including networking events, seminars and webinars. (We will retain and use this information until such time you expressly opt-out of being contacted for receiving invitations and updates about organised events).

Social Media

​ We may gather certain personal data in relation to you as a result of being connected with you on social media platforms such as LinkedIn, Instagram, Facebook, Twitter and other similar platforms. You may at any given point in time discontinue your connection with us on social media platforms.

Internal data analysis

Where we have obtained personal data for any of the purposes set out in this Policy, we may use it in connection with internal data analysis and also for any of the other purposes set out in this Policy. This does not affect your legal right to object to the use of your data for direct marketing purposes.

Personal data we may obtain from our website about our web visitors

We may automatically collect the following information, which may or may not be personal data, in relation to anyone visiting our website:

We will use this data to:

Cookies

​ Cookies are small text files that are downloaded to your device by websites you visit. Currently our website only uses Google Analytics. Using Google Analytics enables us to see what content is popular on our website so that we can continue providing content and information that our users enjoy reading and improve the website experience for our users. The details relating to the Google Analytics tool are as follows:

Personal Data collected: Cookies and Usage Data Place of processing: United States of America Privacy Policy Opt-Out

However, we may use a web-based analytics tool that tracks and reports on the manner in which the website is used to help us to improve it. The information that the cookies collect, such as the number of visitors to the site, the pages visited and the length of time spent on the site, may be aggregated and will therefore be anonymous.

We don’t use cookies in a way that allows us to identify site users.

You may refuse the use of cookies or withdraw your consent at any time by selecting the appropriate settings on your browser. This may prevent you from accessing all of our website.

Lawful basis for processing your personal data

The following is the lawful basis for processing your personal data:

In order to avail of our services, you consent to us obtaining and processing your personal data. While dealing with you we may issue Terms of Business or execute a contract outlining the terms and conditions of our engagement with you. The Terms of Business/contract along with this Policy set out the purposes for which your personal data may be obtained and processed by us. By accepting the Terms of Business or by using our website or by executing a contract with us and by continuing to deal with us you confirm that you have consented to us processing your personal data.

Contractual necessity

One of the grounds for obtaining and processing your personal data is so that we can perform our services in line with the scope of work and Terms of Business mutually agreed to by us.

We may have to collect personal data in order to comply with certain legislative and regulatory requirements relating to client due diligence. Consequently, we may process your data to carry out identity checks and maintain records of customer due diligence.

Legitimate interests

In circumstances where you or your organisation are a client/customer of Intent Communications or are an employee we will process your personal data to promote and pursue the legitimate interests of our organisation, or yours as our clients or employees.

Who will receive your personal data?

​ Your personal data may be received by: ​

Transfer of personal data to international organisations or countries outside the EEA

​ While providing services to our clients we may have to liaise with and provide information including personal data to third parties located in territories outside of the European Economic Area (“EEA”). ​ Where we transfer personal data to third parties outside of the EEA, we will ensure that the recipients are aware of the provisions of the GDPR and provide an adequate level of protection for the rights of persons whose personal data has been shared with them.

In addition, all our inbound and outbound email communications are TSL (Transport Security Layer) encrypted.

Retention of personal data

For data relating to our clients Intent Communications Ltd. uses (name the system the company uses to retain information, if any), a system maintained and backed up on our hard-drive. We chose _______ (name the data storage system) as our data retention system because _________(state the reason for choosing the data storage method. For example it stores all data on high-security servers with 256-bit SSL encryption and storage redundancies to prevent loss due to catastrophic events. Advanced permissions and password features ensure only authorised staff get access).

Your personal data will be retained by us for the duration as will be deemed necessary by us for the purposes of providing further services, marketing or growing our business, such duration not being less than (5) five years from the date on which data was first gathered.

Hosting and back-end infrastructure

We use third-party hosting services for the purposes of hosting data and files that enable our website to run and be distributed as well as to enable us to run specific features and functions within our website. Some of these functions work through geographically distributed servers, thereby making it difficult to identify the exact location where the personal data is stored.

The Intent Communications website is hosted by Netlify.

The details relating to Netlify are as below:

Personal Data collected: Various types of data as specified in this privacy policy Place of processing: United States Privacy Policy for Netlify

What are your rights with respect to your personal data?

Under the DPA, you have the following rights in relation to your own personal data:

If you want to (1) tell us to stop using your data for direct marketing or withdraw consent from us processing your personal data for any of the purposes mentioned in this Policy; (2) exercise your subject access rights; (3) tell us about inaccurate personal data you think we hold on you; or (4) object to a use you believe we’re making of your data which is causing, or is likely to cause, damage or distress, please contact our Data Protection Manager or write to us at this address:

Namrata Nadkarni Intent Communications, 40 Haig Road West, Plaistow, London E13 9LH

Unless the law permits us to do so, we will not charge you to exercise your subject access rights but may charge a reasonable fee reflecting our administrative costs should you request further copies of the personal data. When you contact us to exercise any of the above rights, we will first ensure that the person requesting the data is the person whose data is being sought (or that it is being requested on that person’s behalf). This may involve providing us with proof of your identity or your authority to act for the data subject. We may also ask you for any information we need to help us find the personal data you’re enquiring about.

We will also provide you with the following information relating to your personal data:

Should you contact us in relation to us holding incorrect, incomplete or inaccurate data about you, we will make the required corrections promptly.

Right to lodge a complaint

​ If you are unhappy with the way, we are processing your personal data you can lodge a complaint by writing to our Data Protection Manager at namrata@intentcommunications.co.uk or by sending your complaint to:

Namrata Nadkarni Intent Communications 40 Haig Road West, Plaistow, London E13 9LH​

You are also entitled to make a complaint at the Information Commissioner’s Office (ICO).

Variations to this Policy

We may update this Policy from time to time. We reserve the right to alter and make changes to this Policy at our sole discretion and we therefore request all users to regularly refer to our Privacy Policy for updates and variations.

Policy last updated on 13 February 2021.