Privacy Notice

This privacy notice explains how Compliance and Privacy Solutions Ltd. (CaPS Ltd.), a company registered in England number 11234093 (also known as CaPS Privacy, CaPS Compliance and CaPS Training) uses the personal information we collect from you, either through using our website, or in any other way, electronically, verbally or in writing. This is not a contractual document for your agreement, it is simply information that we must and want to share with you.

Data controller

Compliance and Privacy Solutions Ltd. is as a Data Controller as defined by the UK General Data Protection Regulation and the Data Protection Act 2018. We make decisions about what and how personal data is collected, how it is used and with whom it is shared with. We can be contacted at dataprotection@caps-ltd.co.uk or by telephone on 0330 2020 601. You can write to us at Freedom Works, Spectrum House, Beehive Ring Road, Gatwick, West Sussex, RH6 0LG

The purpose for processing your data and our basis for doing so.

We process personal data for the purpose of providing our compliance and training services to you and for marketing purposes. We obtain your data in different ways, such as at network meetings, through referrals and if you contact us directly. Data Protection law defines the basis by which we can lawfully collect and process personal data for that purpose.

We will collect and process personal data, such as name and contact details if you are a prospective client and continue to do so when you agree to use our services. We do this under the basis of a legitimate interest, which is Article 6.1.f of the UK GDPR. Our legitimate interest is to grow our business and provide our services to more clients.

If you do not provide the limited personal data we require, we will not be able to provide you with our services.

We sometimes conduct marketing activity and if you are part of a legal entity, such as a limited company, then we will do that under a legitimate interest basis which is Article 6.1.f of the UK GPDR.

To send emails directly to individuals or sole traders, we need to ensure we have your consent so that we comply with the Privacy and Electronic Communications Regulations 2003. There is an exception to that if we have already recorded your data as part of a provision of services to you (or had some detailed discussions about it).

If you have provided us consent for processing your data for marketing purposes, you can withdraw that consent at any time by contacting us using the above details.

We will also process your data if we feel it is required to protect your vital interests, or the vital interests of another person. This might occur in serious life or death situations where immediate disclosure of personal data is required, and you are unable to give that information yourself. This is in accordance with Article 6.1.d UK GDPR.

Recipients of your data

As a general principle, we will not transfer your personal data to other recipients without your permission. There are some exceptions to this:

It is possible, that we might be obliged to disclose personal information in response to a court order or other lawful obligation. Our lawful basis for this is Article 6.1.c -legal obligation.
Our external accountants will have some limited access to your personal data through the preparation of our accounts. Our lawful basis for this is Article 6.1.f – Legitimate Interest; we have a legitimate interest in having our accounts correctly managed and filed.
If you do not pay your bills, we may choose to engage a third party to recover any money you owe us. Our lawful basis for this is Article 6.1.f – Legitimate Interest; we have a legitimate interest to pursue money owed to us

Data processed by third parties on our behalf.

We use the services of other organisations in the processing your data. We use external accountants, cloud based email and document storage, video conference platforms, project management and communication platforms and our website processes limited personal data such as through our contact form. We use a cloud based customer relationship management platform to store contact data. Also, we may share your personal information with printing and mailing companies, as well as email service providers and other delivery companies. We embed links to Facebook into our website. If you use these links, you will receive targeted advertising when visiting this platform.
Those organisations that process personal data on our behalf are subject to a data processing contract as required by Article 28 of the UK GPDR. This ensures that your data is handled securely in accordance with the UK GPDR.

Transferring your data outside of the UK

A small amount of personal data is used on our project management board and this data is stored in the US. The transfer of this data is covered using standard contractual clauses. All other data is stored in the UK or EU.

Retention policy

Personal data is held only for as long as is required for the purpose we collected it or for our legitimate purposes. We will retain your data for periods we are obliged to do so for legal requirements. Financial data and client data will be held for typically 7 years following end of any commercial agreement. Personal data used for training purposes will be retained for 2 years.

Your rights

The UK GDPR provide rights to you as the data subject and the relevant ones are listed below. In addition to these rights, you have the right to escalate any concern to the Supervisory Authority, which in the UK is the Information Commissioners Office https://ico.org.uk. A full and detailed explanation of all rights can be found at https://ico.org.uk/for-the-public/

The Right to be Informed – you should be clear about what, why and in what way your personal information will be processed at the time it is processed. This privacy notice sets out that information
Right of Access – you have the right to know what personal information is held, by whom and why and to receive copies of your data.
The Right to Rectification – If the information we have collected and processed is inaccurate or incomplete, you have the right to have it rectified.
Right to Erasure – You have the right to have your personal data erased and to prevent processing in some specific situations.
Right to Restrict Processing – If you contest the accuracy of the personal data we hold, we will restrict the processing of your data until accuracy is verified.
Right to Object – You have the right to object to profiling and direct marketing

You have the right to lodge a complaint with the UK’s supervisory body, The Information Commissioners Office www.ico.org.uk

Changes to our privacy policy

We keep our privacy policy under review, and we will place any updates on our website. This privacy policy was last updated in June 2022

Cookie	Duration	Description
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, camapign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assigns a randoly generated number to identify unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the wbsite is doing. The data collected including the number visitors, the source where they have come from, and the pages viisted in an anonymous form.
GPS	30 minutes	This cookie is set by Youtube and registers a unique ID for tracking users based on their geographical location
sbjs_current	session	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.
sbjs_current_add	session	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.
sbjs_first	session	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.
sbjs_first_add	session	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.
sbjs_migrations	session	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.
sbjs_session	1 hour	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.
sbjs_udata	session	Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website.

Cookie	Duration	Description
IDE	2 years	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
NID	5 months	This cookie is used to a profile based on user's interest and display personalized ads to the users.
PREF	8 months	PREF cookie is set by Youtube to store user preferences like language, format of search results and other customizations for YouTube Videos embedded in different sites.
VISITOR_INFO1_LIVE	5 months	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
VISITOR_PRIVACY_METADATA	6 months	YouTube sets this cookie to store the user's cookie consent state for the current domain.
yt.innertube::nextId	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
yt-player-headers-readable	never	The yt-player-headers-readable cookie is used by YouTube to store user preferences related to video playback and interface, enhancing the user's viewing experience.
yt-remote-cast-available	session	The yt-remote-cast-available cookie is used to store the user's preferences regarding whether casting is available on their YouTube video player.
yt-remote-cast-installed	session	The yt-remote-cast-installed cookie is used to store the user's video player preferences using embedded YouTube video.
yt-remote-connected-devices	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-device-id	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-fast-check-period	session	The yt-remote-fast-check-period cookie is used by YouTube to store the user's video player preferences for embedded YouTube videos.
yt-remote-session-app	session	The yt-remote-session-app cookie is used by YouTube to store user preferences and information about the interface of the embedded YouTube video player.
yt-remote-session-name	session	The yt-remote-session-name cookie is used by YouTube to store the user's video player preferences using embedded YouTube video.
ytidb::LAST_RESULT_ENTRY_KEY	never	The cookie ytidb::LAST_RESULT_ENTRY_KEY is used by YouTube to store the last search result entry that was clicked by the user. This information is used to improve the user experience by providing more relevant search results in the future.

Privacy Notice

Privacy Notice

Data controller

The purpose for processing your data and our basis for doing so.

Recipients of your data

Data processed by third parties on our behalf.

Transferring your data outside of the UK

Retention policy

Your rights

Changes to our privacy policy

CaPS Compliance

CaPS Privacy

CaPS Secure

About Us

0330 2020 601

contact@caps-ltd.co.uk

Freedom Works, Spectrum House, Beehive Ring Road, Crawley, West Sussex, RH6 0LG