Cookies are small text files that are placed on the device you use to access our website, in which some information is stored for the purposes described on this page.
We are Hazel PR Limited, a Limited Company registered at Companies House under the Company Number 05695230. Hazel PR Limited’s business address is Arena Business Centre, 9 Nimrod Way, Ferndown, Dorset BH21 7UH.
The information generated by the cookie about your use of the website (including your IP address) will be directly transmitted to and stored by Hazel PR Limited on servers in the United Kingdom and the European Economic Area. Responsibility for this data corresponds exclusively to Hazel PR Limited and, according to the terms and conditions of the service, will be used for the purpose of tracking your use of the website and compiling reports for website and internet activity.
Hazel PR Limited may transfer said information to third parties where required to do so by law, or where such third parties process the information on Hazel PR Limited’s behalf.
This tool does not gather data on users’ names or surnames or the postal address from which they connect. The information it gathers is related, for example, to the number of pages visited, the language, the city in which the IP address users access the website from is located, the number of users that visit us, the frequency and reoccurrence of visits, the length of the visit, the browser used and the operator or type of device through which the website is accessed.
We use this information to improve our website, detect new needs and assess the improvements to be made in order to provide a better service to our users.
You can allow, see, block or delete the cookies placed on your device in your browser settings.
HAZEL PR LIMITED (HPR), the business address being Arena Business Centre, 9 Nimrod Way, Ferndown, Dorset BH21 7UH, under company number 05695230, is committed to its obligations under the law and this document describes how HPR is committed to meeting its data protection commitments and obligations. This policy sets out the lawful basis on which HPR stores and processes personal data.
The Data Protection Act 1984 introduced basic rules of registration for users of data and rights of access to that data for the individuals to which it related. These rules and rights have been revised and superseded by the Data Protection Act 1998 which came into force 1st March 2000. These are superseded by the EU General Data Protection Regulation (GDPR) that come into force May 25th 2018.
HPR’s Lawful Basis for Processing Data For all Business to Business, client to Business and Business to client communications (generally via email) Policy is to fully comply with the EU General Data Protection Regulation in line with the Information Commissioners Office guidelines.
HPR is committed to being fully transparent about the data it collects and processes and to meeting its data protection obligations. This policy documents HPR’s purpose of processing activities for all Business to Business, client to Business and Business to client communications (generally via email).
Should you have any questions or complaints regarding this policy please contact Hazel PR Limited via email firstname.lastname@example.org or alternatively you may write to Hazel PR Limited, Arena Business Centre, 9 Nimrod Way, Ferndown, Dorset, BH21 7UH.
HPR has a commercial relationship with Vuelio and they may be contacted at email@example.com or alternatively they may be contacted at Vuelio, Longbow House, 20 Chiswell Street, London EC1Y 4TW.
HPR also has a commercial relationship with MailChimp and they may be contacted here; https://mailchimp.com/contact/. MailChimp is a US based business but are a signatory to the US-EU Privacy shield and is GDPR compliant. They may also be contacted at the following address; The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000 Atlanta, GA 30308 USA.
DEFINITIONS UNDER THE ACTS / REGULATIONS
A data controller is the person who determines the purposes for which and the manner in which any personal data is, or is likely to be, processed as part of the Data Protection Act 1998.
Under GDPR, a data controller determines how and why personal data is collected and where from.
A data “processor” acts on behalf of the “controller” to process data according to their guidelines. HPR is both a controller and a processor.
“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
DATA PROTECTION PRINCIPLES
HPR will comply with the eight principles of the schedule 1 to the Data Protection Act, namely that personal data should be:
1. Processed lawfully, fairly and in a transparent manner in relation to the data subject ('lawfulness, fairness and transparency');
2. Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes ('purpose limitation');
3. Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed ('data minimisation');
4. Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data are accurate, having regard to the purposes for which they are processed, are erased or rectified without delay ('accuracy');
5. Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organisational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject ('storage limitation');
6. Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures ('integrity and confidentiality').
7. Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
8. Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
JUSTIFICATION OF PROCESSING
In order for data to be processed lawfully, under the first principle, HPR has considered all legal bases for the collection of personally identifiable information via Business to Business, client to Business and Business to client communications (generally via email) that;
We understand our responsibility to protect the individual’s interest;
We believe that there is a limited privacy impact on the individual;
We believe that the individual should reasonably expect us to use their data for business purposes and we do not want to bother them with disruptive consent requests when they are unlikely to object to the processing;
We have identified the legitimate interests;
We have checked that the processing is necessary and there is no less intrusive way to achieve the same result;
We only use individual’s data in ways they would reasonably expect unless we have a very good reason
We are not using people’s data in ways they would find intrusive or which could cause harm unless we have a very good reason;
We have considered safeguards to reduce impact where possible;
We have considered whether we can offer an opt out;
We keep our Legitimate Interests Assessment under review and if circumstances change we will amend or change accordingly;
We have therefore decided that we justify processing and storing of personal data obtained via Business to Business, client to Business and Business to client communications (generally via email) on the grounds of legitimate interests and that legitimate interest is the commercial interest of HPR.
HPR has put in place adequate security measures to safeguard personal data from destruction, loss, unauthorised access or disclosure, for example, security against hacking on any website that collects visitors’ e-mail addresses.
RIGHTS OF INDIVIDUALS
HPR affords the following rights to data subjects, in accordance with their application under the GDPR;
An individual may request access to all personal data of which he or she is the subject and which HPR is processing. Requests of this nature may be submitted via the email address or the business address provided at firstname.lastname@example.org and / or alternatively Arena Business Centre, 9 Nimrod Way, Ferndown, Dorset, BH21 7UH.
If HPR discovers that there has been a breach of any personal data that poses a risk to the rights and freedoms of individuals, it will report it to the Information Commissioner within 72 hours of discovery. HPR will record all data breaches regardless of their effect. If the breach is likely to result in a high risk to the rights and freedoms of individuals, it will tell affected individuals that there has been a breach and provide them with information about its likely consequences and the mitigation measures it has taken.
HPR reserves the right to change this policy at any time by updating this page. This policy is effective from 21 May 2018.