About us and this notice
We at Ignite Consulting respect your privacy and are committed to protecting your personal data. As a UK based business our handling of your information is controlled by the UK Data Protection Act 2018 and the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019.
Purpose of this notice
This privacy notice sets out the types of personal information we collect, how we collect and process that information and tells you about your privacy rights and how the law protects you.
Data controller contact details
Ignite Consulting Ltd is the controller and responsible for your personal data. Our contact details are:
Address: 27 Old Gloucester Street, London WC1N 3AX
Phone Number: 0203 633 6730
We are registered with the UK data protection regulator, the Information Commissioner’s Office (ICO). Our unique registration number is ZA293479.
The types of data we collect about you
Through legitimate business activities, such as business development, recruitment and the provision of services to our clients, we may collect, use, store and transfer different kinds of personal data as follows:
- Identity data eg name, title, gender, photograph, job title and company details
- Contact data eg address, email address, telephone numbers, social media profiles
- Employment data eg employment history, CV, education history, qualifications, salary data
- Technical data eg internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
- Usage data eg information about how you use our website
- Marketing and communications data eg your preferences in receiving marketing from us
- Sensitive personal data – during certain activities, we may collect and use sensitive personal information relating to you eg information about your health, including any medical conditions and disabilities, information about criminal convictions and offences.
How do we collect personal data about you?
Most of the personal information we process is provided to us directly by you as a potential customer, an existing customer or a potential employee, partner or associate.
You may give us Identity, Contact, Employment and/or Marketing and communications data when you:
- Express an interest in our products and services over the phone, via email, social media, webforms, webinar attendance, when signing up to newsletters and other communications or at events we attend or host.
- Contract with us to deliver services
- Connect with us through a social media channel, we will know your social media handle and any other information including photos you make available through our interactions and your profile.
- Attend a training course that we are delivering or contributing to
- Express an interest in or apply for a role at Ignite, whether as an employee, partner or associate, either in response to an advertised resource need or in response to an approach from us
- Visit our offices
We may also find your personal information indirectly, from the following sources:
- Your company may share us Identity, Contact and/or Employment data with us if we are contracted to provide services. In this situation your company would be the data controller and we would be data processors.
- Employment agencies recruiting on our behalf may provide us with Identity, Contact and/or Employment data
- Through a tendering process which includes Identity or Contact data
- Online searches such as LinkedIn which may include Identity, Contact and/or Employment data
Third party and public sources
We may receive personal data about you from various third parties and public sources. We may receive Identity and Contact Data through online publicly available sources for example, corporate websites, corporate profile sites such as LinkedIn and government registers such as Companies House. We may receive Identity, Contact and Marketing and communications data through marketing partners.
Automated technologies or interactions
As you interact with our website, we may automatically collect Technical and Usage data about your equipment, browsing actions and patterns. We collect this data by using cookies for services such as Google Analytics.
Lawful basis – why do we process your data?
We use the information that you have given us in order to:
- Fulfil a contract to provide you with one of our consultancy services
- Pursue our legitimate business interests and your interests and fundamental rights do not override those interests, for example networking, marketing and business development
- Comply with a legal or regulatory obligation such as fraud prevention or ensuring your legal right to work in the UK.
- Decide about your recruitment or appointment or advise you of future roles that might be of interest
Generally we do not rely on consent as a legal basis for processing your personal data except in specific circumstances laid out in the table below.
|Purpose||Type of data||Lawful basis|
|Business development including marketing||Identity, Contact, Marketing and communications data||Legitimate interests – our business development activity is business to business rather than business to consumer and it is necessary for our legitimate interests to ensure we can find new business and offer relevant services. However, if you do not wish to receive communications from us you can tell us and we will stop and remove you from our records.|
|Provision of consultancy services||Identity, Contact, Employment, Marketing and communications data||
Performance of a contract – to register you as a client and manage our relationship with you we will need to process personal data you provide to us.
Legitimate interests – it is also necessary for our legitimate interests to keep our records updated and understand how we can improve and develop new services for clients.
|Provision of training services||Identity, Contact, Employment and special category data||Legitimate interests – if you or your employer has registered you for a training course we will need identity, contact and employment details to register you (including registration on third party accreditation platforms) and to communicate with you about the course. We may also need collect data about disabilities or specific learning needs to ensure we make the course accessible to you.|
|To administer and protect our business||Identity, Contact and Technical data||Legal obligation – where there are legal obligations that we must comply with, eg tax related or generally dealing with local or national government, authorities, agencies or courts we may be required to disclose personal data to comply with the law.|
|To use data analytics to improve our website, services, marketing, customer relationships and experiences||Technical and Usage data||Legitimate interests – it is in our legitimate interests to understand how our website is used to develop our business and to inform our marketing strategy. We only use analytics cookies and we allow users of our website to opt out of these, in line with Privacy and Electronic Communications Regulations (PECR). See the section on Website cookies below.|
|Recruitment: Potential candidates||Identity, Contact, Employment and special category data (where you disclose it to us or it is in the public domain)||
Legitimate interests – it is in our legitimate interests to source contact details, employment history, CVs and experience from publicly available sources such as LinkedIn and via recruitment companies.
Consent – where we have retained your personal data for the purpose of keeping you informed of potential future opportunities, this is done so with your consent and you may withdraw this at any time. Special category data will only be processed when provided by you.
The only cookies in use on our website are Google Analytics cookies used to help us monitor usage so we can spot trends and make improvements.
Cookies are small pieces of information, normally consisting of just letters and numbers, which online services provide when users visit them. Software on the user’s device (for example a web browser) can store cookies and send them back to the website next time they visit. Cookies cannot be programmed, cannot carry viruses, and cannot install malware on the host computer. They allow the activity of website users to be tracked but do not try to identify them in person.
We do not believe that they pose any threat to your personal privacy or online security and we recommend that you indicate that you will “allow” cookies.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
With whom do we share your data?
We would only share your personal data with third parties in very specific circumstances:
- Service providers acting as processors based in the UK who provide IT and system administration services to us so that our services can operate effectively.
- When obliged to by law, for purposes of national security, taxation and criminal investigations
- If you have agreed that we may do so.
- Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.
How we store your personal information
Your information is securely stored in UK-based data centres. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Data retention and disposal
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Specific examples include:
- As an unsuccessful job applicant or if you were approached about future vacancies or projects, we will keep your data for 1 year after which we will delete our records unless you have told us that you wish to be contacted about future opportunities.
- Where there is a legal obligation to retain your information for a certain period of time, we will do so in order to comply with the legal requirement; this is typically 6 years.
- In order to perform the tasks required of us under contracts with our customers, we will retain relevant personal data for the duration of a contract and, unless explicitly required by contract to do otherwise, for a period of 24 months after the contract has ended. This is because customers sometimes came back to us after contracts have finished to ask us to review an element of the contract, or provide a quote for an extension or related services.
Once your data is no longer required it shall be deleted or if it is technically not possible to delete, we shall ensure sufficient controls are in place to put it beyond future use.
Your data protection rights
Under data protection law, you have rights including:
- Your right of access – You have the right to ask us for copies of your personal information.
- Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances such as you have withdrawn consent, or where we have no lawful basis for keeping it.
- Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances, namely (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Your right to object to processing – You can object to our processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
- Your right to withdraw consent – where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
You are not required to pay any charge for exercising your rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data or to exercise any of your other rights. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. If you make a request, we have one month to respond to you, unless the request is particularly complex and/or we have agreed a different response period with you.
If you wish to exercise any of the rights set out above, please contact email firstname.lastname@example.org or by phone on 0203 633 6730.
How to complain
If you have any concerns about our use of your personal information, please contact us in the first instance so we can address them.
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
We reserve the right to change our privacy policies at any time. We will update this page to reflect updates.