Last updated: 27 January 2020
Introduction Northlink Consulting (the “Company“, “we“, “us” or “our“) respects your privacy and is committed to treating any information that we obtain about you with as much care as possible and in a manner that is compliant with all applicable data protection legislation including the EU General Data Protection Regulation 2016/679 (“GDPR“) and any national implementing laws in relation to the same including the Data Protection Act 2018 (collectively, “Data Protection Legislation“).
This policy is intended to be communicated to you in a concise, transparent, intelligible and easily accessible manner, but we appreciate that you may have queries or want to seek clarification as to its terms. If so, please email email@example.com or write to Data Protection Enquiries, Northlink Consulting, 2142 Holliday Dr. SW Wyoming, MI 49519 and we will endeavour to respond as soon as possible.
The Company reserves the right to make changes to this policy in order to reflect any changes in Data Protection Legislation and best practice from time to time. The Company will endeavour to notify you of such changes but you are advised to check for an updated version of this policy at https://northlinkconsulting.com/privacy-policy each time you interact with us through the Channels.
The personal data we process
We collect personal data about you through the Channels when you: access and use our websites (including by way of cookies – please refer to paragraph 11 below for more information); register for an account on our website or subscribe for other services, or our mailing list; contact us (whether in writing, by email, by telephone or otherwise), including via any contact forms on our website; make any enquiry or purchase, request or subscribe for a product or service from us; request technical support or other customer care support; participate in polls, surveys and questionnaires; post content on our social media pages; or otherwise interact with us through the Channels.
The purposes for which we process your personal data
Other lawful grounds
What if you refuse to provide us with any personal data?
Where we need to collect personal data by law, or under the terms of an agreement we have with you, and you fail to provide that data when requested (or fail to consent to the processing of that data, if necessary), we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with products or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time. Whilst we may be able to provide you with certain products and services notwithstanding your refusal to submit personal data, this may limit your ability to participate in some activities or features or your use of certain online services or functionality. We may lawfully obtain information from third parties or public sources and we may process that information where it is an essential component of the products and services we offer you.
Sharing information with affiliates and third parties
We will not share any of your personal data with third parties except as set out in this paragraph 6 or otherwise notified to you or agreed between you and us from time to time.
From time to time it may be necessary for us to transfer your information internationally. In particular your information may be transferred to and/or stored on the servers of third parties identified in paragraph 6 which are based outside of the EEA. However, we will not transfer your personal data outside of the EEA unless: such transfer is to a country or jurisdiction which the EU Commission has approved as having an adequate level of protection (including to the USA where Privacy Shield compliant); appropriate safeguards are in place as set out in Article 46 GDPR or equivalent provisions of subsequent Data Protection Legislation; or the transfer is otherwise allowed by applicable Data Protection Legislation (such as in the form of a derogation under Article 49 GDPR).
Your rights as a data subject Subject to any conditions or requirements set out in the relevant Data Protection Legislation, you may have some or all of the following rights in relation to the personal data we hold about you: the right to request a copy of your personal data held by us; the right to correct any inaccurate or incomplete personal data held by us. You can amend any personal data by emailing us at firstname.lastname@example.org; the right to request that we erase the personal data we hold about you; the right to request that we restrict the processing of your data; the right to have your personal data transferred to another organisation; the right to object to certain types of processing of your personal data by us; and the right to complain (please see paragraph 12 of this policy). Please note however that these rights are not absolute in all situations and may be subject to conditions and provisos set out in relevant Data Protection Legislation. The Company cannot therefore guarantee that any request from you in connection with the rights set out above will be agreed to. For further information, or to see if you can exercise any particular right, please contact us at email@example.com.
Storage and retention of your personal data
As a minimum, we need to store your data for as long as is necessary to enable us to provide you with the goods and services that you have requested from us (or to support your other uses of our Channels, such as maintaining your account on our website). However, we will retain certain of your personal data for longer if we think it is reasonably necessary to do so in the circumstances, taking into consideration factors such as: our need to perform any agreements between you and us (including order fulfilment); our need to answer any queries or resolve any problems you may have; your continued consent to receive marketing and other emails and communications from us; our continued provision of our services to you; and our need to comply with legal requirements (e.g. relating to record keeping). If you tell us that you would like to delete your account, we will take steps to delete all the personal data we hold about you once it is no longer necessary for us to hold it (e.g. to fulfil any outstanding orders, resolve disputes, or as is permitted by applicable law or regulation). For as long as we do store your data, the Company follows generally accepted industry standards and maintains reasonable safeguards to attempt to ensure the security, integrity, and privacy of the information you have provided. The Company has security measures in place designed to protect against the loss, misuse, and alteration of the information under our control. Personal data collected by the Company in connection with this policy is stored in secure operating environments that are not available to the public. The Company maintains information behind a firewall-protected server and uses SSL encryption for purchases made through our online store. Notwithstanding our efforts to keep your personal data secure, no system can be 100% reliable. To the fullest extent permitted by law, we cannot be held liable for any loss you may suffer if a third party procures unauthorised access to any data you provide through the Channels. In addition, you are responsible for maintaining the strength and confidentiality of your login credentials (if any). We will notify you as soon as reasonably practicable if we have reason to believe that there has been a personal data breach by us which could adversely affect your rights and freedoms. Links to third parties Our website may link or redirect to other websites that are beyond our control. Such links or redirections are not endorsements of such websites or representation of our affiliation with them in any way and such third party websites are outside the scope of this policy. If you access such third party websites, please ensure that you are satisfied with their respective privacy policies before you provide them with any personal data. We cannot be held responsible for the activities, privacy policies or levels of privacy compliance of any website operated by any third party.
Mailchimp Monitors website page user interaction from email campaigns so more tailored content and better experiences can be delivered.
Facebook Monitors website page interaction for the purposes of tailored re-targeting Facebook ads.
Google Analytics Tracks how users interact with our website to help us improve user experience and monitor performance.
These cookies are likely to be analytical/performance cookies or targeting cookies. Your browser may give you the ability to block all or some cookies by activating a setting in your browser’s options. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website. Except for essential cookies, all cookies will remain unless the cookie cache is cleared (unless otherwise indicated in the table above).
Questions and complaints
For all questions or complaints about this policy, we would appreciate the chance to deal with your concerns before you approach the relevant data protection authority. Please contact us in the first instance via email at firstname.lastname@example.org or write to Data Protection Enquiries, 2142 Holliday Dr. SW Wyoming, MI 49519.