PRIVACY AND DATA POLICY
Stonehaven Campaigns Ltd is a strategic communications consultancy who are committed to protecting the privacy of those whose personal information we process, including, but not limited to, our employees, clients, journalists, MPs, advisors and visitors. The following policy outlines how we collect and use information, and the rights you have in relation to your information.
Stonehaven may update this policy from time to time to reflect current privacy practices. As and when it is updated, we will signpost this with the dates of changes made.
By providing personal information to us (including through the use of our website), you acknowledge you have read this Policy, and, to the extent your consent is necessary and valid under applicable law, you consent to the collection, use and disclosure of such personal information by Stonehaven and any third-party recipients in accordance with this Policy.
Personal information is information about an identifiable individual, as defined by applicable law. By 'personal information' we mean names, addresses, email addresses, and any other personal information you voluntarily provide, for example by completing a questionnaire, or by joining any of our networks.
We may also collect some personal information automatically when you browse our website, such as your IP address and details of the pages that you have visited.
SENSITIVE PERSONAL INFORMATION
Sensitive personal information includes race or ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; physical or mental health; genetic data; biometric data; sexual life or sexual orientation; and criminal records. We ask that you do not provide sensitive personal information of this nature when using our website.
If you choose to provide sensitive personal information to us for any reason, the act of doing so constitutes your explicit consent, where such consent is necessary and valid under your local law, for us to collect and use that information in the ways described in this Policy or as described at the point where you choose to disclose this information.
In this Policy, we collectively refer to handling, collecting, protecting or storing your personal information as “processing” such personal information.
PERSONAL INFORMATION PROCESSED BY US
We may collect personal information from you in the course of our business, including through your use of our website, when you contact or request information from us, when you engage our services or as a result of your relationship with one or more of our staff and clients.
The personal information that we process includes, but is not limited to:
- Basic information, such as your name (including name prefix or title), the company you work for, your title or position and your relationship to a person;
- Contact information, such as your postal address, email address and phone number(s);
- Financial information, such as payment-related information;
- Technical information, such as information from your visits to our website or applications or in relation to materials and communications we send to you electronically;
- Information you provide to us for the purposes of attending meetings and events (including dietary and access requirements);
- Identification and background information provided by you or collected as part of our business acceptance processes;
- Personal information provided to us by or on behalf of our clients or generated by us in the course or providing services to them, which may include sensitive personal data; or
- Any other information relating to you which you may provide to us.
OBTAINING PERSONAL DATA
Below are some examples of how we may obtain your personal information:
- As part of our business processes including business acceptance, finance, administration and marketing processes, including anti-money laundering, conflict, reputational and financial checks;
- Subscribing to third party contact databases;
- Registering for events and conferences;
- Submitting CVs or resumes or otherwise for the purposes of recruitment;
- Contacting us for further information;
- Monitoring email communications sent to and from Stonehaven; and/or
- Providing us with business cards or other contact information.
USING YOUR PERSONAL INFORMATION
We may use your personal information to:
- conduct administrative or operational processes within our business;
- process and respond to requests, enquiries or complaints received by you;
- provide services requested by you (including the performance of our contractual obligations to you);
- identify services you may be interested in;
- communicate with you about our services;
- invite you to events;
- monitor and analyse our business;
- form a view of you as an individual and to identify, develop or improve our services and/or products that may be of interest to you and to carry out market research;
- to conduct quality and risk management reviews;
- send you marketing materials.
MEDIA AND POLICTICAL STAKEHOLDERS
We frequently engage with external parties and other individuals on behalf of our clients as part of the services we provide. Where we obtain the personal information of these individuals, we use this in order to:
- Send company announcements
- Respond to any questions relating to any communications issued by our clients
- Share insights with respect areas of interest and topics that we think may be relevant;
- Facilitate access to and arrange interviews with individuals employed by our clients which will be of benefit to both parties;
- Share information with our clients so that we can be transparent with them about whom we are speaking to on their behalf and understand who they believe may be most relevant to speak to in respect of a particular matter; and
- Send invitations to meetings or events hosted by us or our clients where on occasion we may ask whether you would be willing to attend
By using our website, you agree that we can place cookies on your device. If you want to restrict or block cookies, you should do this through the web browser settings for each browser you use and on each device you use to access the Internet.
Cookies are text files containing small amounts of information that are downloaded to your device when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognizes that cookie. Cookies are useful because they allow a website to recognize a user’s device, preferences and generally help to improve your online experience.
As you navigate through and interact with our website, we may automatically collect certain information about your equipment, browsing actions and patterns, including:
- Details of your visits to our website, including traffic data, location data and information about the resources that you access and use on our websites; and
- General non-personal statistical data about your operating system and browser type.
Collecting this data helps us to improve our website and to deliver a better and more personalized service by enabling us to:
- Estimate our audience size and usage patterns;
- Store information about your preferences, allowing us to customize our websites according to your individual interests;
- Speed up your searches; and
- Recognize you when you return to any of our websites.
We will not keep any cookies placed on the device from which you access any of our websites longer than is necessary to fulfil the purposes mentioned above. In any event, such information may not be kept for longer than 1 year.
YOUR RIGHTS AND PERSONAL INFORMATION
The European Union’s General Data Protection Regulation and other applicable data protection laws provide certain rights for data subjects.
You may be entitled to:
- request a copy of personal information we hold about you and how we process it by way of a subject access request;
- ask that we update the personal information we hold about you, or correct such personal information that you think is incorrect or incomplete;
- ask that we delete personal information that we hold about you, or restrict the way in which we use such personal information;
- object to our processing of your personal information, restrict our processing of that information, prevent unauthorised transfers of your personal information to a third party and, in some circumstances, require personal information relating to you transferred to another organisation; and/or
- withdraw your consent to our processing of your personal information (to the extent such processing is based on consent and consent is the only permissible basis for processing).
We may require further information from you in order to verify your identity before disclosing any personal information to you and we may charge for a request to access your information, if permitted by applicable law.
You may also have the right to lodge a complaint in relation to Stonehaven’s processing of your personal information with a local supervisory authority. If you would like to exercise these rights, please contact us by sending an email to: email@example.com.
Most of the personal data we collect and use for marketing purposes relates to individual employees of our clients and other companies with which we have an existing business relationship. We may also obtain contact information from public sources, including content made public at social media websites, to make an initial contact with a relevant individual at a client or other company.
Where we are legally required to obtain your explicit consent to provide you with marketing materials, we will only provide you with such marketing materials if you have provided consent for us to do so. We may send you further emails prompting you to refresh your consent from time to time.
You can exercise your right to prevent marketing communications to you by checking certain boxes on the forms we use to collect your personal data, or by utilizing opt-out mechanisms in emails we send to you. If you select any preferences such as issues, topics, subjects or industries, you may receive email communications related to those self-selected topics.
You can also exercise the right to discontinue marketing communications to you. In such cases, we will retain minimum personal data to note that you opted out in order to avoid contacting you again. If you have agreed to receive marketing but then later change your mind and no longer wish to receive marketing, please let us know so we can remove you from our distribution lists.
Our databases include personal data belonging to individuals at our client and other companies with whom we already have a business relationship or want to develop one. The personal data used for these purposes includes relevant business information, such as: contact data, publicly available information (e.g. board membership, published articles, press releases, your public posts on social media sites if relevant for business purpose), your responses to targeted email (including web activity following links from our emails), and other business information included by Stonehaven personnel based on their personal interactions with you.
Please contact us on firstname.lastname@example.org if you do not wish to receive communications from us or wish to be removed from our internal databases.
When we keep your personal information, we are responsible for keeping an accurate record of the information that you have submitted to us and verified. We do not assume responsibility for verifying the ongoing accuracy of your personal information.
SHARING YOUR PERSONAL INFORMATION
We may share the personal information we collect to other third party contractors, subcontractors, and/or their subsidiaries and affiliates. When we share personal information, we do so for the purposes for which the information has been submitted, for the purposes listed above, for the administration and maintenance of our website and associated systems, and/or other internal or administrative purposes.
We may for example share personal information with certain trusted third parties in accordance with contractual arrangements in place with them, including:
- Our professional advisers;
- Suppliers to whom we outsource certain support services such as word processing, translation, photocopying and document review;
- IT service providers to Stonehaven (including identity management, website hosting and management, data analysis, data backup, security and storage services);
- Third parties engaged in the course of the services we provide to clients and with their prior consent; and
- Third parties involved in hosting or organising events or seminars.
The third-party providers may use their own third party subcontractors that have access to personal data (sub-processors). We only use third party providers that are bound to maintain appropriate levels of security and confidentiality, to process personal information and to flow those same obligations down to their sub-processors.
We may be required to disclose your information to comply with legal or regulatory requirements; under those circumstances, we will attempt to notify you before we do this, unless we are legally restricted from doing so.
We have implemented measures to ensure that Stonehaven keep your personal information confidential and secure and only use it for the specified purposes about which we have informed you. To the best of our ability, access to your personal information is limited to those who have a need to know. Those individuals who have access to the data are required to maintain the confidentiality of such information.
The transmission of information via the internet is not completely secure. Although we will do our best to try and protect your information, we cannot guarantee the security of your information transmitted to our websites; any transmission is at your own risk.
We will retain your personal information for as long as is necessary to fulfil the purposes outlined in this Policy unless a longer retention period is required or permitted by law.
Our retention periods are based on the requirements of applicable data protection laws and the purpose for which the information is collected and used, taking into account legal and regulatory requirements to retain the information for a minimum period, limitation periods for taking legal action, good practice and Stonehaven’s business purposes.
We keep contact information (such as mailing list information) until a user unsubscribes or requests that we delete that information. If you choose to withdraw consent for us to retain your information, we may keep certain limited information about you so that we may honour your request.
If you have any questions in relation to this Policy please contact us at:
Telephone: (0) 207 569 1300