Who we arehttps://www.elselondon.com (Website) is operated by Else London Limited. We are an experience design consultancy, incorporated and registered in England and Wales under company number 07431601, whose registered office address is at Metropolitan Wharf, 70 Wapping Wall, London, E1W 3SS. Else London (‘We’ or ‘us’) collect, use and are responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and the Data Protection Act 2018. We are responsible as ‘controller’ of that personal information for the purposes of those laws.
Our collection and use of your personal information
Information that you provideWe collect personal information about you when you send feedback, post material, contact us for any reason and by any medium, sign up to a service, share information via the Website’s social media functions, or report a problem with the Website. We collect this personal information from you either directly, such as when you contact us via our Website or indirectly, such as your browsing activity while on our Website (see ‘Cookies’ below). We collect data that is specifically and voluntarily provided by a visitor to our Website. In most circumstances, this data includes limited identifiable information. Where we store any information collected via our Website we will ensure that it is adequately protected. We may ask you to provide sensitive personal data from time to time which may include data relating to health conditions or for equality purposes. If such data is requested, you will be given additional information as to why the sensitive personal data is being requested and how it will be used. We may retain a record of any contact you make with us. The personal information we collect about you depends on the particular activities carried out through our Website. Such information includes:
- your name, address and contact details;
- your business address and name;
- details of any feedback you give us by phone, email, post or via social media; and
- information about the services we provide to you.
Personal information about other individualsIf you give us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can:
- give consent on his/her behalf to the processing of his/her data;
- receive on his/her behalf any data protection notices;
- give consent to any transfer of his/her data.
Information from third partiesOccasionally we may receive information about you from other sources, which will be added to the information already held about you in order for us to help supply our services and products to you.
How your personal data will be usedWe use this personal information to:
- create and manage your account with us;
- verify your identity;
- enquire for further information;
- provide services to you;
- fraud prevention and detection;
- customise our Website and its content to your particular preferences;
- notify you of any changes to our Website or to our services that may affect you;
- improve our services.
Our legal basis for processing your personal informationWhen we use your personal information, we are required to have a legal basis for doing so. There are various different legal bases upon which we may rely, depending on what personal information we process and why. The legal bases we may rely on include:
- consent: where you have given us clear consent for us to process your personal information for a specific purpose;
- contract: where our use of your personal information is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract;
- legal obligation: where our use of your personal information is necessary for us to comply with the law (not including contractual obligations);
- legitimate interests: where our use of your personal information is necessary for our legitimate interests or the legitimate interests of a third party (unless there is a good reason to protect your personal information which overrides our legitimate interests).
Disclosure of your personal dataWe may disclose your personal data to:
- other companies that become partners or part of a group with Else London;
- a third party who acquires Else London or acquires substantially all of its assets, in which case the personal data shall be one of the acquired assets;
- our agents and service providers;
- law enforcement and regulatory agencies in connection with any investigation to help prevent unlawful activity or as otherwise required by applicable law;
- our clients when as part of a contracted service such as collating data sets collected from surveys.
Transfer of your information out of the EEAYour personal information may be transferred to third party service providers who process information on Else London’s behalf, including providers of information technology, identity management, Website hosting and management, data analysis, data back-up, security and storage purposes. As a result, your personal data may be transferred outside of the country where you are located, including outside of the European Economic Area (EEA). Where we use data servers that may transfer data out of the EEA we will take steps to ensure adequate protections are in place to ensure the security of your information and give you remedies in the unlikely event of a security breach. Please note that we review all processors we utilise and ensure that there are adequate safeguards in place to protect your personal data, such as adherence to binding corporate rules or compliance with the EU-US Privacy Shield Framework, which is a mechanism that ensures compliance with EU data protection requirements when transferring personal data from the European Union to the United States. You can learn more about Privacy Shield here: https://www.privacyshield.gov/welcome If you would like further information regarding the transfer of your information out of the EEA please contact our Data Protection Officer using the details provided in the ‘How to contact us’ section below.
MonitoringWe may monitor and record communications with you (such as telephone conversations and emails) for the purpose of quality assurance, training, fraud prevention and compliance.
- You have the right of access to your personal records or other information that we hold about you. There is no administrative charge for this service.
- You have the right to rectify any errors in the data we hold about you. If any data or information we hold about you is inaccurate, or out of date, please contact us and we will correct this immediately.
- You may have the right to have the data we hold about you erased.
- If you wish us to continue to store your information but wish us to keep your data separate and not process it in any way, please let us know.
- You have the right to ask us to stop processing your personal data for direct marketing purposes. You may also specify that you object to direct marketing by particular channels such as by email of telephone. If this is the case, please specify the channels you are objecting to in your communications with us.
- You have the right to data portability. If you wish to obtain your data for your own purposes across different services, we will provide this information to you in a CSV file. There is no administrative charge for this service.
How long we will store your dataWe will store your data for as long as necessary for the purpose of processing. The data may be deleted in the following circumstances:
- you have withdrawn your consent to data processing;
- the original purpose for processing the data is no longer relevant or cannot be performed any more;
- the data is no longer up to date or accurate; or
- where we no longer have a reason to store your data as determined by our Data Retention Policy.