1.2. All your Personal Data shall be held and used in accordance with Data Protection Laws (which include: (i) the Data Protection Act 1998, until the effective date of its repeal (ii) the General Data Protection Regulation ((EU) 2016/679) (GDPR) and any national implementing laws, regulations and secondary legislation, for so long as the GDPR is effective in the UK, and (iii) any successor legislation to the Data Protection Act 1998 and the GDPR, in particular the Data Protection Bill 2017-2019, once it becomes law) and any legislation that replaces it in whole or in part and any other legislation relating to the protection of Personal Data (as defined below).
1.4. The Company ensures on an ongoing basis that all of its suppliers and third parties operate in compliance with GDPR.
1.5 For any Data Protection or GDPR-related enquiries in connection with our business, please contact us:
By email: firstname.lastname@example.org or
By mail: Sherry Design Limited, Suite Lp37157, 20-22 Wenlock Road, London, N1 7GU, UK
2. Data Controller
2.1. The Company is the controller and responsible for your personally identifiable information (Personal Data) as listed in clause 3 below.
3. Information we collect
3.1. The Company aims to collect the minimum data it needs to perform its role. The information we may collect on third parties to whom we conduct marketing campaigns on behalf of our clients includes:
a) Identity Data includes first name, last name, username or similar identifier, title, date of birth, gender;
b) Contact Data includes email address, delivery address and telephone numbers;
c) Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
3.2. The information we may collect on our clients includes:
a) Identity Data includes first name, last name, username or similar identifier;
b) Contact Data includes billing address, delivery address, email address and telephone numbers;
c) Financial Data includes bank account, payment card details and tax information;
d) Transaction Data includes details about payments to and from clients to the Company and other related details;
e) Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
3.3. We use automated technologies and interactions to collect data from and about you, users of the Site. With regard to each of your visits to our Site we may automatically collect the following information (Automated Data):
a) Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this Site;
b) Usage Data includes information about how you use our Site, products and services; c) Site Specific Information includes information about your visit to our Site including: i. the full Uniform Resource Locators (URL) clickstream to, through and from our Site (including date and time);
ii. Products, services or other pages you viewed or searched for;
iii. page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
3.4. We collect technical data through analytics providers, advertising networks and search information providers. A list of these third parties can be provided to you on request.
4. Where we collect information from
4.1. You may give us information about you:
a) by corresponding with us by phone, e-mail, mail or otherwise;
b) from connecting with us through social media platforms including LinkedIn, Twitter, Facebook, and Instagram;
c) by agreeing to sign-up to our marketing emails through our website;
d) as a result of personal recommendations and referrals;
e) from company websites;
f) from your business card; and
g) in the course of us providing consultancy services to you.
4.2. We work closely with third parties (including, for example, business partners, affiliate companies, sub-contractors in technical and payment services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them. A list of these third parties can be provided to you on request.
4.3. We may receive information about you from our Australian affiliate company, Sherry Design Australia (Pty) ltd.
5. Disclosure of your information
5.1. We will not share your Personal Data unless we have a legal basis for doing so as set out in clause 6. Third parties who we may share your Personal Data with include:
a) Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
b) Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others from time-to-time;
c) Analytics and search engine providers that assist us in the improvement and optimisation of our Site;
d) Credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you; and
e) Professional advisors, such as Solicitors.
5.2. We may disclose your Personal Data to third parties if:
a) we sell or buy any business or assets, in which case we may disclose your Personal Data to the prospective seller or buyer of such business or assets.
b) the Company or substantially all of its assets are acquired by a third party, in which case Personal Data held by it about its customers will be one of the transferred assets.
6. The legal basis for processing your Personal Data
6.1. The Company will only process Personal Data where there is a lawful basis as per Data Protection Laws. This lawful basis shall be one or more of the following:
a) Express consent from you;
b) In order to perform and/or complete a contract with a third party;
c) To comply with a legal obligation;
d) To protect your vital interest;
e) It is in the public interest; and
f) There is a legitimate interest.
6.2. Legitimate interests are a flexible basis upon which the law permits the processing of an individual’s Personal Data. To determine whether we have a legitimate interest in processing your data, we balance the needs and benefits to us against the risks and benefits for you of us processing your data. This balancing is performed as objectively as possible by our Data Protection Manager. You are able to object to our processing and we shall consider the extent to which this affects whether we have a legitimate interest.
6.3. We will use Automated Data to:
a) administer our Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
b) improve our Site to ensure that content is presented in the most effective manner for you and for your computer;
c) allow you to participate in interactive features of our service, when you choose to do so;
d) to keep our Site safe and secure;
e) measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
f) make suggestions and recommendations to you and other users of our Site about products or services that may interest you or them.
6.4. We will use data to perform a number of tasks including:
a) maintaining our records of our clients and contacts;
b) carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
c) to provide you with information about other products and services we offer that are similar to those that you have already purchased or enquired about;
d) to ensure that content from our Site is presented in the most effective manner for you and for your computer;
6.5. In some cases, the organisation needs to process data to ensure that it is complying with its legal obligations.
7. Where We Store your Personal Data
7.2 Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your data transmitted to our Site and any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
7.3 As a result of increased risk posed by cyber fraud please do not send any funds until you have received confirmation from your relevant contact and are certain as to the correct account details. Unfortunately, we do have to warn you that we cannot accept responsibility if you transfer money into an incorrect account.
8. Your Legal Rights
8.1 When reading this notice, it might be helpful to understand that your rights arising under Data Protection Laws include:
a) The right to be informed of how your Personal Data is used (through this notice);
b) The right to access any Personal Data held about you;
c) The right to withdraw consent at any time, by emailing email@example.com or calling 020 7490 8985;
d) The right to rectify any inaccurate or incomplete Personal Data held about you;
e) The right to erasure where it cannot be justified that the information held satisfies any of the criteria outlined in this policy, or where you have withdrawn consent;
f) The right to prevent processing for direct marketing purposes, scientific/historical research or in any such way that is likely to cause substantial damage to you or another, including through profile building; and
g) The right to object to processing that results in decisions being made about you by automated processes and prevent those decisions being enacted.
8.2 You can exercise your right to prevent such processing by contacting us at firstname.lastname@example.org
8.3 Our Site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any Personal Data to these websites.
9. Data Security
9.1 We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality.
9.2 We have put in place procedures to deal with any suspected Personal Data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
10. Data Accuracy
10.1 The Company shall ensure that all Personal Data collected, processed, and held by it is kept accurate and up-to-date. This includes, but is not limited to, the rectification of Personal Data at the request of a data subject, as set out in clause 8, above.
10.2 The accuracy of Personal Data shall be checked when it is collected and at regular intervals thereafter. If any Personal Data is found to be inaccurate or out-of-date, all reasonable steps will be taken without delay to amend or erase that data, as appropriate.
11. Data Retention
11.1 The Company will only retain your Personal Data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
11.2 Where we have limited contact with a candidate following an unsuccessful interview and placement process it will be held for a maximum of three years from the last date of contact with you.
11.3 All categories of Personal Data that are held by us because they are essential for the performance of a contract, will be held for a period of six years, as determined by reference to the Limitations Act 1980, for the purposes of exercising or defending legal claims. For further information on our data retention policy please contact email@example.com
12.1 We strive to provide you with choices regarding certain Personal Data uses, particularly around marketing and advertising.
12.2 We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you.
12.3 You will receive marketing communications from us if you choose to opt-in via our Website or other similar electronic or paper notices concerning the same.
13.1 Similar to other commercial websites, our Site uses a technology called “cookies” and web server logs to collect information about how our Site is used. Cookies are small text files that are placed on your computer’s hard drive through your web browser when you visit any web site. They are widely used to make web sites work, or work more efficiently, as well as to provide information to the owners of the site.
13.2 Like all other users of cookies, we may request the return of information from your computer when your browser requests a web page from our server. Cookies enable our web server to identify you to us, and to track your actions and the pages you visit while you use our Site. The cookies we use may last for a single visit to our Site (they are deleted from your computer when you close your browser), or may remain on your computer until you delete them or until a defined period of time has passed.
b) allow essential parts of our Site to operate for you.
c) operate our content management system.
d) operate the online notification form – the form that you use to contact us for any reason. This cookie is set on your arrival at our Site and deleted when you close your browser.
e) enhance security on our contact form. It is set for use only through the contact form. This cookie is deleted when you close your browser.
f) collect information about how visitors use our Site. We use the information to improve your experience of our Site and enable us to increase sales. This cookie collects information in an anonymous form, including the number of visitors to the Site, where visitors have come to the Site from, and the pages they visited.
g) record that a user has viewed a webcast which we may produce and upload to our Site from time-to-time. It collects information in an anonymous form. This cookie expires when you close your browser.
h) record your activity during a webcast which me may produce and upload to our Site from time-to-time. For example, as to whether you have asked a question or provided an opinion by ticking a box. This information is retained so that we can serve your information to you when you return to the Site. This cookie will record an anonymous ID for each user, but it will not use the information for any other purpose. This cookie will last for a period of time after which it will delete automatically.
i) store your Personal Data so that you do not have to provide it afresh when you visit the Site next time. This cookie will last for a period of time after which it will delete automatically.
14. Opt Out
14.1 You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time at firstname.lastname@example.org.
14.2 Where you opt out of receiving these marketing messages, this will not apply to Personal Data provided to us.
15. Access to information
15.1 Data Protection Laws gives you the right to access information held about you. Any access request may be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you.
17. Your Duty to Provide us With Accurate Data
It is important that the Personal Data we hold about you is accurate and current. Please keep us informed if your Personal Data changes during your relationship with us.
18. If you fail to provide us with Personal Data
The information about you that we have collected for the performance of our contracts is required in order for us to successfully fulfil our obligations to you. If you choose not to provide the Personal Data requested, we will not be able to enter into a contract with you to provide the benefits we offer. If we are already processing your Personal Data under a contract, you must end our contractual relationship (as/where permitted) in order to exercise some of your rights.
If you are unhappy about our use of your Information, you can contact us at the address or email address above. You are also entitled to lodge a complaint with the UK Information Commissioner’s Office using any of the below contact methods.
Telephone: 0303 123 11113
Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF