Privacy Policy

Ad Rank One Limited Privacy Policy

May 2018

Ad Rank One Limited Privacy Policy explains in detail the types of personal data we collect about customers in order to provide our services. The policy also explains how we store, handle and keep it safe for UK, EU and Non-EU customers. The policy also avails you of your rights.

1. Data we collect, retain and process

Personal Data:
Name of business
Name
Address
Email
Contact number/s
Card details at the point of purchase (NB. see 6. below “Data we do not retain“)

Digital Marketing Data:
Website login and password
Social media login and password

2. Lawful basis

2.1 HMRC – It is a mandatory requirement that customer personal data is retained for UK tax reasons.

2.1 Legitimate Interest – To provide you, the customer with the service you have paid for. Rights are detailed at Point 10. 

3. How we retain customer personal data

Customer personal data is stored on encrypted spreadsheets and stored on hard-drive encrypted computers. It is also stored on the GDPR compliant G-Suite.

4. How we retain customer digital marketing data

We store customer logins and passwords on encrypted spreadsheets on hard-drive encrypted computers and also on the GDPR compliant G-Suite.

5. How long we retain customer personal data

UK HMRC legal compliance dictates the retention of customer personal data for six years from the end of the last company financial year they relate to, or longer in certain legal circumstances.

6. Data we obtain and process but do not retain

Credit/debit card details.

Strict rules underpin card payments and are overseen by the Payment Card Industry.

Initial payment is taken from the customer over the telephone and put directly through the bank’s payment portal. We do not retain credit/debit card details. Payments are set up within the bank’s payment portal.

Ad Rank One Limited is fully PCI/DSS compliant.

We are annually assessed and awarded PCI/DSS compliant status by the Payment Card Industry.

7. What we don't do with customer personal data

We never share or sell customer personal data to any third-party organisation.

NB: If a customer is in debt to the company and despite our attempts to recover the amount owed, we will, under the lawful basis of Legitimate Interest provide details to a debt recovery agency.

8. How we protect customer personal data in transit between us and the customer

Emails are sent from us to customers over SSL/TLS encryption and/or via encrypted email from within GDPR compliant G-Suite.

9. Data processing and why

Customer personal data is processed for the following reasons:

Payment for services through the bank’s payment portal.
Record keeping in line with mandatory HMRC Law.
Calculation and payment of corporation tax through Chartered Accountancy Company.

10. Your rights

You have rights in respect of the personal data that we hold about you. Not all rights can be granted where a legal basis over-rides your rights e.g. UK Tax Law. Please refer to the ICO for further explanation at: “When does your rights do not apply.” 

 
Here we inform you of your rights.

RIGHT OF ACCESS
At no charge we will reply to any request with a list of customer personal data we retain. However, we only retain the data you have already given to us (except card details – see 6.0 above).

RIGHT TO RECTIFICATION
We will amend customer personal data as requested.

RIGHT TO ERASURE
HMRC prohibits us from erasing customer personal data until six years has elapsed or longer as in 5. Above.

THE RIGHT TO RESTRICT PROCESSING
HMRC prohibits us to allow restriction of processing.

RIGHT TO DATA PORTABILITY
Upon request we can forward personal data. However, please note, the only data we retain is that which has already been provided to us by the customer (except card details – see 6.0 above).

RIGHT TO OBJECT TO PROCESSING
This usually refers to personal data being used for profiling. We do not share customer personal data with any third party. Mandatory HMRC Tax Law requires us to process customer data.

RIGHTS RELATED TO AUTOMATIC DECISION MAKING INCLUDING PROFILING
We do not share customer personal data with any third party and we are not involved in profiling.

HOW WE PROTECT THE PRIVACY OF THOSE WHO BROWSE OUR WEBSITE
We have customised settings in Google Analytics so that users’ IP Addresses are anonymised to prevent identification.

The contact form does not save events (name, email, contact number or IP addresses) in the backend of the website or on the database where the site is hosted. It is designed to email directly to our contact email address. Additionally, our cookie message shows users how to use our website without being tracked via their browser settings.

11. How to contact us with questions

If you have questions regarding this Privacy Policy, please contact us at:

email: hello@adrankone.com

tel: 0161 935 8016