Privacy Notice

• Who are we?
• The types of information we collect
• How we may use this information
• Lawful reasons to using your personal data
• Automated decision making
• How we use your data
• How long we keep your data for
• Your legal rights
• How we protect your information
• Where we store your information
• Complaints
• Updates or changes to the privacy polic

Privacy Notice

Chorus Advisers takes the privacy of your information very seriously. We are Data Controllers for purposes of the GDPR and Data Protection Act 2018 and are responsible for the manner in which the data you provide us, either directly or through this site, is processed.  We are registered as data Controllers with the Information Commissioners Office reg. ZA297309”

This Privacy Policy applies to our use of any data provided by you to us through our site or via direct contact with us.

It does not extend to any websites that can be accessed from this website including any links we may provide to social media websites.

Who are Chorus Business Advisers?

Chorus Business Advisers (Company No. 09210216) are an Essex based Data Protection Consultancy dedicated in assisting organisations of all types and all sizes to achieving and maintaining compliance with Data Protection laws.

The types of information we collect

1. When you engage with us, for example, access our information or use our services/products, we may collect and process personal information about you. Depending on your activity, this personal information may include your name, email address, postal address, telephone number, date of birth or financial details.
2. We may also ask you for information when you report a problem with our website.
3. If you contact us, we may keep a record of that correspondence.
4. We may ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
5. We may also collect details of your visits to our website, including but not limited to traffic data, location data, weblogs, and other communication data and the resources that you access.
6. To help us create a more effective website that reflects users’ needs, we may also use cookie files to collect and record information about how our site is used and collect your IP address (a number that identifies a specific internet connection) for system administration and to report aggregated information. For more information on cookie files and IP addresses.

Please read our Lawful reasons to using your personal data

There are several reasons we may collect and use your personal data which the law on data protection allows us to, including:

• Contractual obligations
• In order for us to fulfil our contractual obligations to you we will need to use your personal data
• For example, for you to use any of our services described on the website.

• Consent
• We will always request your consent when we collect and process your personal data
• For example, if you tick the consent box to receive our newsletters or alerts 

• Legal or regulatory obligation
• For example, we will need to pass and process your personal data to law enforcement if there is any involvement in fraud or criminal activity 

• Legitimate Interests
• Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience.
• For example, we may send you information regarding changes to the law based on your past service requirements

Automated decision making

We will not use your data to make automated decisions that will affect you.

How we use your data

1. To allow you to participate in interactive features on our website, when you choose to do so, for example, we may generate reports or invoices or help you complete forms by pre-filling them, using contact details you have previously provided.
2. Internal record keeping
3. To provide you with information regarding services or products you have requested.
4. To analyse and improve the services offered on our website by providing you with the most user-friendly navigation experience we can for your computer or other internet device.
5. With IP addresses, to identify your approximate location, block disruptive use or to establish the number of visits to the website from different countries.
6. To process personal information for the purposes of customer analysis and direct marketing to help us with our activities and to provide you with the most relevant information.

Chorus will not rent or sell your personal information to other organisations for use by them in their own direct marketing activities.

• How long we keep your data for: Your data will be stored securely on our servers as long as it is legally necessary and in line with our retention policy. If you no longer wish Chorus to process your data, you can contact the Data Privacy Officer and your data will be deleted from our servers.
• Your legal rights: You have the rights under the data protection laws in relation to your personal data including:
• Request access to your personal data: (commonly known as a ‘data subject access request’). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
• Request correction of the personal data that we hold about you: This enables you to have any incomplete or out of date data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
• Request erasure of your personal data: This enables you to ask us to delete or remove personal data where there is no Business or legal reason for us continuing to process it.
• Object to processing of your personal data: Where we are relying on a Legitimate Interest (or those of a third party) and there is something about your situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms.
• Request restriction of processing of your personal data: This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
• Request the transfer of your personal data to you or to a third party: We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
• Withdraw consent. Where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain services to you. We will advise you if this is the case at the time you withdraw your consent.

Please email us at dpo@chorusadvisers.co.uk requesting for Data Subject Access Request if you wish to exercise any of these rights.

No fee in most cases – You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. There is the possibility that we will refuse to comply with your request in these circumstances.

What we may need from you – to protect your personal data we will ask you to verify your identity before proceeding with your request to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

If you have authorised a third party to submit a request on your behalf, we will request proof that they have your permission to do so.

Time limit to respond – We will respond to all legitimate requests within 1 calendar month from the date of receipt of your request. Occasionally it may take us longer if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. Where you are sending us a request via post rather than email we recommend you send it via recorded delivery to guarantee safe delivery.

How we protect your information 

Protecting the confidentiality and integrity of your personal data is a responsibility that we take seriously. We use appropriate technical and organisational measures to keep personal data secure against unauthorised or unlawful processing, and against accidental loss, destruction or damage. For example:

• SSL encryption is used on the website to encrypt the information you provide us. This ensures that the data is collected and stored securely..
• the company as strict internal procedures monitoring the handling of all data.
• your personal data will be periodically reviewed and securely deleted if required
• internal systems and networks are regularly tested
• all staff have completed data protection training.

Where we store information

Chorus uses Internet Service Providers and servers located within European Economic Area. We shall ensure that your personal information will be held by those Internet Service Providers in compliance with European data protection regulations. By submitting your personal information to our website, you agree to the transfer, storing or processing of data to locations within the European Economic Area. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

How to access your personal information

You have a right to know whether or not Chorus holds any information about you (personal data) and a right to be provided with your information within 30 days in accordance with the Data Protection Act.

You can request your personal information by email to dpo@chorusadvisers.co.uk or by writing to:

4th Floor Gateway Building,

10 Elmer Approach,

Southend-on-Sea,

SS1 1LW

Complaints

We take any complaints about our collection and use of personal information very seriously.

If you think that our collection or use of personal information is unfair, misleading or inappropriate, or have any other concern about our data processing, please raise this with us in the first instance.

To make a complaint, please contact our data privacy officer.

Alternatively, you can make a complaint to the Information Commissioner’s Office:

• Report a concern online at https://ico.org.uk/concerns/
• Call 0303 123 1113
• Or write to: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Contact us

If you have any questions, concerns or would like more information about anything    mentioned in this privacy notice, please contact our Privacy Officer:

Email: dpo@chorusadvisers.co.uk

Updates or changes to the Privacy Policy

We reserve the right to make changes to this Privacy Policy. Each time you visit this site you should check this Privacy Policy to check that no changes have been made to any sections that are important to you. Where appropriate, any changes may be notified to you by email.

Cookies Policy

• We use cookies on our website so that we can tailor the content to you, ensure it’s working the way it should and make improvements.
• A cookie is a small file that is sent to your computer or mobile phone which contains information that allows us to recognise that you have used our website before.
• Cookies are safe and secure and are commonly used on websites.

A cookie typically contains

• The name of the server the cookie was sent from
• The lifetime of the cookie
• A unique identifier (usually a number)

How cookies work

When you visit Chorus’ website, the page that you see and cookies are downloaded to your device. Your browser and our web server exchange the cookie and we use this number to recognise you when you return to our site or browse from page to page. Only the server that sends a cookie can read it, and therefore use, that cookie.

This file is stored on your computer’s (or phone’s) hard drive. All websites can send a cookie to your browser if your browser settings allow it. Many websites do this to track online traffic flow.

Types of cookies

Cookies can be categorised from their life span:

1. Session or temporary cookies: these cookies expire when you close your browser or when the session times out
2. Persistent or permanent cookies: these are usually stored on your hard disk and survive across multiple sessions and have a longer expiration date

Controlling or deleting cookies

You can control and disable cookies through your browser settings. All browsers are different, so visit allaboutcookies website to find out more.