Privacy Policy

Privacy Policy

This is the privacy notice of PURPLESHEEP . In this document, “we”, “our”, or “us” refer PURPLESHEEP.

We are a company registered in N.Ireland

Our registered office is at Purplesheep, CIDO,  73 Charlestown Road, Caigavon, Co.Armagh, N.Ireland BT63 5PP

 

Introduction

  1. This is a notice to inform you of our policy about all information that we record about you. It sets out the conditions under which we may process any information that we collect from you, or that you provide to us. It covers information that could identify you (“personal information”) and information that could not. In the context of the law and this notice, “process” means collect, store, transfer, use or otherwise act on information.
  2. We regret that if there are one or more points below with which you are not happy, your only recourse is to leave our website immediately.
  3. We take seriously the protection of your privacy and confidentiality. We understand that all visitors to our website are entitled to know that their personal data will not be used for any purpose unintended by them, and will not accidentally fall into the hands of a third party.
  4. We undertake to preserve the confidentiality of all information you provide to us, and hope that you reciprocate.
  5. Our policy complies with UK law accordingly implemented, including that required by the EU General Data Protection Regulation (GDPR).
  6. The law requires us to tell you about your rights and our obligations to you in regards to the processing and control of your personal data. We do this now, by requesting that you read the information provided at knowyourprivacyrights.org
  7. Except as set out below, we do not share, or sell, or disclose to a third party, any information collected through our website.

Data collection and processing audit

We have reviewed our PURPLESHEEP activities and our offerings to identify where we are collecting and processing customer data. Based on this, we have validated our legal basis for collecting and processing that personal data.

We have also ensured that we are applying the appropriate safeguards across our entire infrastructure (both hardware and software) to fully protect this data.

It must be noted that some client systems will require specific attention and changes to meet compliance. We trust the ‘data controllers’ of these organisations will contact us directly to organise further assessment.

Updated Terms of Service and Privacy Policy

We’re updating our Terms of Service and Privacy Policy (See below). These updated versions will clearly outline what personal data we’re collecting and processing, why, how we use it, who we share it with, and how long we store it for. As always, we aim to keep the language in our Terms of Service and Privacy Policy as clear as possible.

Data Breach Management

As part of our compliance, we have a communication process in place in the event of a data breach. If you wish to report a data breach, please contact the DPO at the PurpleSheep- Martin Lavery

Data Protection Officer: Martin Lavery

Email address: info@purplesheep.eu

Postal address: PurpleSheep, Cido, 73 Charlestown Road, Craigavon, Co.Armagh, BT63 5PP

 

THE DATA WE COLLECT ABOUT YOU

To fulfil requests for our services, you may be asked to enter your name, email address, physical address, phone number or other personal information.  We collect information from you when you:

– Complete a contact form – Name, Email, Contact Number, Enquiry, IP

– Download an Ebook – Name, Email, Company Name

– Visit our website ie. Cookies – IP Address

 

Marketing Automation Software  

We receive and store a variety of information, outlined below, for the legitimate interest of our business, including for marketing purposes and the identification of leads / prospects to complement our sales efforts.

We use a third party marketing automation software to facilitate the collection and storage of such data, for marketing purposes.

When a visitor completes an online form, visits our website or other areas of the software (for example on social media), we automatically collect and store certain information about that user and the user’s activities, as we receive from such user, for example:

–  The user’s name and contact information.

–  Information that the user provides to us.

–  The user’s company information, if any.

–  The nature of the communication.

–  The purpose of the interaction, and the action we took in response to the user’s enquiry or request;

–  Any action the user takes upon receipt of such communication (for example, whether the user requests to download an ebook).

The information collected in connection with each type of interaction is retained so that the software and each user can continue interaction with the requestor for marketing and sales purposes.

 

Social Media  

The software integrates with third-party social media platforms like Facebook, Twitter, and LinkedIn. These services collect your IP address and which page you are visiting on our website. They may set a cookie to enable these features to function properly. Social media features and widgets are hosted by a third party or directly on the software’s website. Your interactions with these features are

 

Collection & Use of Automatically Collected Information 

We receive and store certain types of information automatically, such as whenever you interact with our website. This information does not necessarily reveal your identity directly but may include information about the specific device you are using, such as the hardware model, device ID, operating system version, web-browser software (such as Firefox, Safari, or Internet Explorer) and your Internet Protocol (IP) address/MAC address/device identifier.

For example, we automatically receive and record information on our server logs from your browser, including how you came to, and use, the Services; your IP address; device type and unique device identification numbers, device event information (such as crashes, system activity and hardware settings, browser type, browser language, the date and time of your request and referral URL), broad geographic location (e.g. country or city-level location) and other technical data collected through cookies, pixel tags and other similar technologies that uniquely identify your browser. We may also collect information about how your device has interacted with our website, including pages accessed and links clicked. We may use identifiers to recognise you when you arrive at the Site via an external link, such as a link appearing on a third-party site.

 

Email Marketing 

Based on your communication preferences, we may send you marketing communications to inform you about our services or events; to deliver targeted marketing; and to provide you with promotional offers based on your communication preferences. We use information about your usage of our Services and your contact information to provide marketing communications. You can opt-out of our marketing communications at any time.

To fulfil requests for our services, you may have completed one of our contact forms and explicitly opted into our email marketing subscriber list. We use a third party provider, to supply and support our Email Marketing services. By using this information with consent, PurpleSheep will from time to time make individuals aware of our products and services depending on the users preferences.

–  Information collected: Name, Email Address

–  Data Retention Period: 10 years

For existing clients, we currently use a number of external 3rd party providers for our Email Marketing lists – please contact us for more details on this.

 

Cookies

Cookies are small text files that are placed on your computer’s hard drive by your web browser when you visit any website. They allow information gathered on one web page to be stored until it is needed for use on another, allowing a website to provide you with a personalised experience and the website owner with statistics about how you use the website so that it can be improved.

Some cookies may last for a defined period of time, such as one day or until you close your browser. Others last indefinitely.

Your web browser should allow you to delete any you choose. It also should allow you to prevent or limit their use.

Our website uses cookies. They are placed by software that operates on our servers, and by software operated by third parties whose services we use.

When you first visit our website, we ask you whether you wish us to use cookies. If you choose not to accept them, we shall not use them for your visit except to record that you have not consented to their use for any other purpose.

If choose not to use cookies or you prevent their use through your browser settings, you will not be able to use all the functionality of our website.

We use cookies in the following ways:

  • to track how you use our website
  • to record whether you have seen specific messages we display on our website
  • to keep you signed in our site
  • to record your answers to surveys and questionnaires on our site while you complete them
  • to record the conversation thread during a live chat with our support team

[We provide more information about the cookies we use in our cookie policy].

 

Sales 

Our sales team uses several 3rd party systems to manage requests for our services. We use this for internal sales process information, providing prospective clients with more information, internal scheduling and following up on historical clients and prospective clients. This information is collected via manual input from our internal New Business Team. We will use this information to reconnect with new business leads. This information is locked down via secure account and will only be shared within the PurpleSheep Account Management team.

These systems include:

–  CRM

–  Information collected: Name, Company Name, Email Address, Address, Phone Number and Work Phone Number

–  Online Leads

– Name, Company Name, Email Address, Address, Phone Number and Work Phone Number, IP

–  Online Marketing

– Name, Company Name, Email Address, Address, Phone Number and Work Phone Number

Data Retention Period: 7 years

 

Finance 

Our finance team uses several 3rd party systems to manage our internal billing and financial services. We use this for company accounts, day to day billing, credit control, historical financial data and banking.  This information is collected via manual input from our finance team once clients have signed up for our services. We will use this information to perform the day to day and annual finanical activities of the business. This information is locked down via secure accountsand will only be shared within the PurplSheep Finance team, Senior Management team and with the 3rd parties outlined below.

–  Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.

–  Accounting Software: Client Name, Company Name, Email Address, Address, Phone Number, Billing History

– Billing Software:Client Name, Company Name, Email Address, Address, Phone Number, Billing History

– Banking: Client Name, Account Details

–  Accountant 3rd Party: Client Name, Company Name, Email Address, Address, Phone Number, Billing History

–  Pensions:Staff Name, Company Name, Email Address, Address, Phone Number, Billing History

–  MS Office 365

–  Client Financial Reporting – Client Name, Company Name, Email Address, Address, Phone Number, Billing History

 

Human Resources 

Our HR team uses several internal and external 3rd party systems to manage our internal HR requirements. We use this for staff contact details, employment contracts, recruitment, disciplinary, appraisals/reviews and leave. This information is collected via manual input from staff members and senior management team at various stages of employment. We will use this information to perform the day to day HR requirements of the business Ie. to deal with disciplinary/internal disputes, staff performance reviews, recruitment. This information is locked down via secure accounts and will only be shared within the PurpleSheep HR team, Senior Management team.

The types of the personal information we store includes:

Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.

  • Contact Details
  • Name, Email Address, Address, DOB, Phone Number
  • Contract
  • Name, Address, Phone Number, Bank Details, National Insurance Number
  • Recruitment
  • Name, Email Address, Address, Phone Number, DOB, CVs
  • Disciplinary
  • Name, Address, Phone number, Details of Dispute
  • Appraisals
  • Name, Details of Appraisal
  • Leave Request
  • Name, Email Address

 

Support 

We process your personal information when you contact us to resolve any questions, disputes or to troubleshoot problems. We may process your information in response to another customer’s request, as relevant. Without processing your personal information for such purposes, we cannot respond to your requests and ensure your uninterrupted use of the Services.

By interacting with PurpleSheep for our support services, we capture specific information in relation to projects and individuals. Our support system is committed to protecting the security of your personal information. We use a variety of systems to record and manage the workflow of support requests. Each of these systems capture various bits of personalinformation.

Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.

  • Support Requests – Direct Email
  • Name, Email Address, Address, DOB, Phone Number
  • Support Management system
  • Name, Email Address, Address, DOB, Phone Number

 

Hosting & Security 

PurpleSheep is committed to protecting the security of your personal information. We use a variety of security technologies and procedures to help protect your personal information from unauthorised access, use or disclosure. For example, in our hosting solutions we store the personal information you provide in computer servers with limited access that are located in controlled facilities. When we transmit sensitive information over the internet, we protect it using encryption, such as the Secure Socket Layer (SSL) protocol. SSL is an industry standard to ensure internet messages are not intercepted.

Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.

Our hosting setups that we use are provided by 3rd Party Providers – these providers adhere to best practice ISO270001 standards to ensure best quality is maintained in terms of Security. Please contact us directly and we will provide documentation on the hosting solution that relates to your specific project.

 

Third-party vendors audit 

We have completed an audit of all 3rd party vendors we use internally and have validated their GDPR compliance.

Please note this does not include all third party vendors used on all client website. Clients must contact us about this and we would be more than happy to help.

 

Client Systems 

Please note there is no overarching policy to cover individual client sites as the variances between platforms and setups is too vast to cover in a single document. For specific information relating to your own individual project please contact us directly and we can give guidance on data assessments.

If you have any requirements to review the information or would like further details on any of the above methods in which we store data then please contact us directly.

 

Data Location – International Transfers

If you utilise our Services from a country other than the country where our servers are located, your communications with us may result in transferring your personal data across international borders. Also, when you call us or initiate a chat, we may provide you with support from one of our global locations outside your country of origin. Your personal data will be transferred and processed outside of the EEA. In these cases, your personal data is handled according to this Privacy Policy.

Postal address: PurpleSheep, Cido, 73 charlestown road, Craigavon, Co.Armagh, N.Ireland BT63 5PP

 

Rights of access, correction and deletion 

You have a right of access to the personal information that we hold about you under European data protection legislation, and to some related information. You can also require any inaccurate personal information to be corrected or deleted.

 

Right to object  

You can object to our use of your personal information for direct marketing purposes at any time and you may have the right to object to our processing of some or all of your personal information (and require them to be deleted) in some other circumstances.

 

Changes  

We reserve the right to modify this Policy at any time. If we decide to change our Policy, we will post those changes to this Policy and any other places we deem appropriate, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If we make material changes to this Policy, we will amend the published date on the web page in question.

 

Last Updated 25/05/2018