This privacy notice explains how DataGRC Ltd uses personal data. Data GRC Ltd is a company registered in England and Wales (10892418) and a registered Data Controller with the UK ICO (ZA284104)
Click to read more...
We record your IP address, pages you visit and datetime stamp. This is a legitimate interest to help maintain the security and performance of the website. The information is not used to identify visitors and is deleted after two years.
You can use our contact form to initiate business conversations with us. As a legitimate interest, we retain this data for two years.
Our website is hosted by 1&1 in the UK.
We are a business-to-business organisation.
We work with many organisations and retain contact details of people we speak to in those organisations as a legitimate interest.
We will delete or restrict use of those details if requested or if we believe they're no longer relevant.
Our email and file services are hosted by Microsoft in the UK.
When individuals apply to work at Data GRC, as staff or contractors, we will use the information that is provided to assess the applicant. We will obtain consent before reqesting references or other background checks. We will delete data from unsuccessful candidates after 6 months.
For employees, we will maintain employee records for a variety of reasons including legal (e.g. Employment, AML and tax law), contract (e.g. bank details) and legitimate interest (e.g. performance reviews). After the employment ends, we will delete data that is no longer required after 7 years, but retain some of the information that may be required for references or legal reasons.
Security of personal data is very important to us. We use a wide range of organisational, technical, physical and operational controls, which are assessed for effectiveness on a regular basis.
We only process personal data in the UK.
We fully respect your rights to request that we:
If you wish to raise a Data Subject Request or contact us about any another matter, please contact our Data Protection Office at:
When we receive a request, we will try to verify your identity and the request, before responding to you within 28 days. We will retain details of your request as a legitimate interest for two years, for quality assurance purposes, to deliver on our agreement to you and to help if you have any further questions about the matter.
Please let us know if you are not happy about how we are handling your data. We will do out best to resolve the matter, but if you have further concerns it is your right to make a complaint to the UK Information Commissioner's Office at https://www.ico.org.uk/.
Our website provides links to other websites, which are beyond our control. We encourage you to read the privacy statements on the other websites you visit.
This privacy notice was drafted with brevity and clarity in mind. If you would like more details, please let us know.
We reserve the right to update our privacy notice and cookie notice at any time.
We keep out privacy notice under regular review. This notice was last updated 18 May 2018.
+44 (0) 208 133 0242