In accordance with the Data Protection Act 2018 and the General Data Protection Regulation (GDPR), this Data & Privacy Policy explains, in detail, the types of personal data we may collect about you when you interact with us. It also explains how we’ll store and handle that data and keep it safe.
We know that there’s a lot of information here, but we want you to be fully informed about your rights, and how our firm uses your data. We hope the following sections will answer any questions you have but if not, please do get in touch with us.
Conditions for Processing Data
We are only entitled to hold and process your data where the law allows us to. The current law on data protection sets out a number of different reasons for which a firm may collect and process your personal data.
Legitimate Interests
In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.
Consent
In some situations, we can collect and process your data with your consent. For example, when you tick a box to receive email newsletters. When collecting your personal data, we’ll always make clear to you which data is necessary in connection with a particular service.
When do we collect your data?
We normally collect your data when you provide it to us or when it is provided to us by others (third party with whom you have traded in business and relevant only to the purpose of the live account). You may give us your data by email; through an online web form; over the telephone; face to face; or by post.
What sort of data do we collect?
We collect your name and contact details. We will request your bank details to allow the transfer of payments. We also collect and hold information about your customer and the background surrounding your debt.
Customer Data Management.
To effectively manage our customer relationships, we may store your personal data in a secured Excel spreadsheet that serves as our customer relationship management (CRM) system.
How do we use your data?
We only use your data for the purposes of providing you with professional advice, assistance and where appropriate, representation and for reasons directly associated with those services.
We may use your data to notify you of our other services but only where we have your consent to do so.
How do we protect your data?
We take protecting your data very seriously. With this in mind we will treat your data with the utmost care and take all appropriate steps to protect it. We have clear data protection and information security policies and procedures in place and these are regularly assessed as part of our compliance processes.
We protect our IT system from Cyber Attack. Access to your personal data is password-protected, and sensitive data is secured by encryption.
We regularly monitor our system for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security.
How long will we keep your data?
We only keep your data for as long as is necessary for the purpose(s) for which it was provided. Data is provided by Clients’ and their Customers for the purpose of Credit Control, Debt Collection, Tracing Services and legitimate purposes only and will be retained for no longer than is necessary for the specific purpose or purposes. Client information will be retained indefinitely unless requested by the Client to remove.
We will hold information relating to marketing communications (e.g. Klaviyo) for as long as you opt to be a subscriber. If you unsubscribe, your personal data will be removed and we will no longer have access to it.
Who do we share your personal data with?
We sometimes share your personal data with trusted third parties. We only do this where it is necessary for providing you Credit Management services or for the effective operation of our Company.
For example, we may share your data with vetted suppliers to advance proceedings for the legitimate interests originally instructed by our Client.
Here’s the policy we apply to those organisations to keep your data safe and protect your privacy:
Marketing Communications
This website operates an email newsletter program, used to inform subscribers about products and services supplied by this website. Users can subscribe through an online automated process should they wish to do so but do so at their own discretion. Some subscriptions may be manually processed through prior written agreement with the user. Subscriptions are taken in compliance with UK Spam Laws detailed in the Privacy and Electronic Communications Regulations 2003. All personal details relating to subscriptions are held securely and in accordance with the EU General Data Protection Regulation 2018. No personal details are passed on to third parties nor shared with companies/people outside of the company that operates this website. Under GDPR you may request a copy of personal information held about you by this website’s email newsletter program.
Email marketing campaigns published by this website or its owners may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database for future analysis and evaluation. Such tracked activity may include; the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity [this is by not a comprehensive list]. This information is used to refine future email campaigns and supply the user with more relevant content based around their activity. In compliance with UK Spam Laws and the Privacy and Electronic Communications Regulations 2003 subscribers are given the opportunity to un-subscribe at any time through an automated system. This process is detailed at the footer of each email campaign. If an automated un-subscription system is unavailable clear instructions on how to un-subscribe will be detailed instead. In accordance with the GDPR you will also be given the opportunity for your information to be removed completely from all our systems.
If you sign up for our newsletter, which is administered through Klaviyo, or if you register for Klaviyo through our site, we will store some of your information, including your email address, IP address and certain information about the links you click within the emails we send you, on a Klaviyo server.
Neither we nor Klaviyo will ever sell your email address or share it with any other party, unless we are legally compelled to do so. If you contact Klaviyo directly regarding your subscription to our newsletter, Klaviyo may contact you directly; otherwise, Klaviyo will never contact you. Only authorised Klaviyo employees have access to our subscriber list.
You are always free to unsubscribe from our newsletter, but as long as you are registered with Ernest Brodie Credit Management Consultant’s newsletter we may use Klaviyo to send you information about your account. Klaviyo’s privacy policy may be viewed here: https://www.klaviyo.com/legal/privacy/privacy-notice
We may use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work. To read more about this and see how you can opt out, please read the “Cookies, Tracking and Advertisements” section below.
What are your rights?
You have rights under the General Data Protection Regulation (2018) and these include the right to be informed what information we hold about you. In particular, you have the following rights:
If you would like any further information from us, or to make any requests, please contact us via our contact form.
If you believe your personal information has been used in a way that does not comply with data regulation, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO).
For more detail on your rights, please visit the Information Commissioner’s Office.
If we choose not to action your request, we will explain to you the reasons for our refusal.
Contact Details
For information on how your information is used, how we maintain the security of our information, and to exercise your rights to access information we hold on you, please contact us. Similarly, if you believe that the information we hold is wrong or out of date, please let us know and we will update it. We may charge a fee where the request is manifestly unfounded or excessive, to make your request please request by email to enquiries@ernestbrodie.co.uk and in writing to 8 Albany Street, Edinburgh, EH1 3QB or telephone directly on 0131 202 7614.
Your right to withdraw consent
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.
Where we rely on our legitimate interest
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
Cookies, tracking and advertisements
We do not collect sensitive information about you except when you specifically knowingly provide it. In order to maintain the accuracy of our database, you can check, update or remove your personal details by contacting us or logging into your account.
When you browse Ernest Brodie Credit Management Consultants, we automatically collect some information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information”. We collect Device Information using the following technologies:
“Cookies” are data files which asks permission, that are placed on your device or computer and often include an anonymous unique identifier.
Cookies are small text files that are created by a web server and stored on your computer when you visit a website. They don’t do anything i.e. they are not executable code and can only be read by (you and) the website that created them.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
By law, we may not place cookies on your computer without your consent, unless they are strictly necessary to the operation of the service that we provide on the Website.
e.g. We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
You can view and edit the cookies on your computer like any other text file using a text editor (the contents are usually just strings of unique identifiers and date/timestamps). The website that created the cookie can read the contents when you are at their website.
Cookies are widely used across the internet: you may have hundreds of cookies on your computer at any one time. Each browser has its own set of cookies so, if you run multiple browsers, you will have multiple sets of cookies on your computer.
Many websites use cookies to improve your browsing experience e.g. remember your log-in details, record which items you have selected to purchase, or even tailor what content is displayed depending on your preferences. Cookies can also be used to record ‘analytics’ data i.e. which web pages you visit, whether or not you arrived at the web page by clicking on an advertisement or an affiliated website. Many websites find the collection of analytics data valuable in improving the quality and content of their web sites. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org
“Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
“Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site.
We use some tools, including Facebook tools and Google Analytics, that may use cookies, web beacons, and other storage technologies to collect or receive information from your websites and elsewhere on the internet and use that information to provide measurement services and target ads. You can opt out of targeted advertising by using the links below:
Google Analytics collects information anonymously: it reports website trends without identifying individual visitors. We use this data to create a variety of reports on where and how visitors are engaging with our website; it’s really helpful for us to see statistical data about users’ browsing actions, patterns and interests and it helps us to improve our website.
Our use of Google Analytics requires us to pass to Google your IP address (but no other information) – Google uses this information to prepare site usage reports for us, but Google may also share this information with other Google services. In particular, Google may use the data collected to contextualise and personalise the ads of its own advertising.
You can opt out of Google Analytics without affecting how you visit our site. For more information about opting out of being tracked by Google Analytics across all the websites you use, please visit https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
Related Information:
Google:
How Google uses this information
In the past, cookies have had some bad press. Much was due to a general misunderstanding of what cookies are and how they work but some was due to justifiable privacy concerns relating to 3rd party tracking cookies. These cookies are used by advertising websites and track a web user across multiple sites. The good news is that all modern browsers allow you to easily block 3rd party cookies.
All the major browsers allow you to block cookies and delete those that have already been created on your computer, usually within the ‘Tools’ section of the browser. These tools allow you to specify which cookies you will accept by type and often by specific websites using an exception list e.g. you can block all cookies and then list the website from which you will accept cookies. There are also a wide choice of browser add-ins that you can install if you wish greater control over persistent cookies.
In order to process credit/debit card transactions, the bank or card processing agency may require to verify your personal details for authorisation outside the EEA (European Economic Area).
We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.
If you have any questions about privacy or the cookies that we use, or would like some more information, please contact us via our contact page or email us at enquiries@ernestbrodie.co.uk
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this policy. You should exercise caution and look at the privacy statement or policy applicable to the website in question.
The Regulator
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
You can contact them by calling 0303 123 1113.
Or go online to https://ico.org.uk (opens in a new window; please note we can’t be responsible for the content of external websites)