This privacy notice explains how Compliance and Privacy Solutions Ltd. (CaPS Ltd.), a company registered in England number 11234093 (trading as CaPS Privacy and CaPS Compliance) uses the personal information we collect from you, either through using our website, or in any other way, electronically, verbally or in writing.
Compliance and Privacy Solutions Ltd. Is designated as a Data Controller as defined by the General Data Protection Regulation and the Data Protection Act 2018. We make decisions about what data is collected and how it is used and with whom it is shared with. We can be contacted at dataprotection@caps-ltd.co.uk or by telephone on 0330 2020 601.
We process personal data for the purpose of providing our services to you (including online training) and for marketing purposes. Data Protection law defines the basis by which we can lawfully collect and process personal data for that purpose.
Legitimate Interest.
We will collect and process personal data where it is in the legitimate interest of CaPS Ltd. to do so. Specifically, we use legitimate interest in relation to our clients and to identify prospective clients and if engaged, we continue to process personal data to manage our commercial relationship. This will include but not limited to the continued processing (retention) of records of our transactions and interactions. We will also conduct our B2B marketing activities under a Legitimate Interest basis.
CaPS Ltd. has conducted a Legitimate Interest Assessment and concludes that there is a justifiable necessity to process personal data under this purpose. In our assessment, CaPS Ltd.’s interests do not override that of the data subjects. The data collected will not be used for any unlawful or unethical purpose.
Consent
We also conduct business to consumer (B2C) direct marketing in accordance with the Privacy and Electronic Communications Regulations (PECR) 2003. For us to comply with the PECR and the General Data Protection Regulation, we collect the consent of data subjects (sole traders, individual subscribers, and other partnerships). In providing us with consent to receive direct electronic marketing, you will have the ability to object and opt out of further marketing at any time.
We will also process your data if we feel it is required to protect your vital interests, or the vital interests of another person. This might occur in serious life or death situations where immediate disclosure of personal data is required, and you are unable to give that information yourself.
We process the following data from our clients and prospective clients:
Data Recipients and Data Transfers
We do not sell any of your personal data to any third party. CaPS Ltd. does share personal data with service providers such as trusted associates who support the delivery of our services. We use 3rd party project management and information sharing platforms such as Trello and Slack. Whilst we store your data in UK accredited data centres, these 3rd parties transfer your data to accredited data centres in the USA. This movement of personal data from the UK to the USA in these circumstances is legitimised using Standard Contractual Clauses.
Also, we may share your personal information with printing and mailing companies, as well as email service providers and other delivery companies.
Any financial transactions conducted through ‘point of sale’ are handled by our card payment service provider, Stripe. We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments, and dealing with complaints and queries relating to such payments and refunds.
We may disclose your personal data with law enforcement and fraud prevention agencies, so we can help tackle fraud or where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in connection with the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
We embed links to Facebook into our website. If you use these links, you will receive targeted advertising when visiting this platform.
The data we collect from our data subjects is obtained directly from the data subject themselves or is obtained from sources such as social media platforms. Please see our Cookie Policy for information on the data collected by our website.
Sensitive Information
CaPS Ltd. does not process special category data as defined by Article 9 of the GDPR.
Retention policy
The data we collect directly from you is the minimum we require to facilitate the lawful processing described above. Personal data is held only for as long as is required for the purpose we collected it or for our legitimate purposes. We will retain your data for periods we are obliged to do so for legal requirements. Financial data and client data will be held for typically 7 years following end of any commercial agreement.
Data storage and security
We store data within our own physical network and on cloud software services. We take care to ensure that data held locally is backed up to avoid accidental loss. Security of data is also provided by the accreditations of our cloud host this includes data backup regimes. Our computer terminals have industry standard firewalls, antivirus and anti-malware installed and updated. We have a process in place to mitigate the impact of any data breach that should occur.
Your rights as a data subject
The regulations provide a number of rights to you as the Data Subject. CaPS Ltd. is committed to upholding those rights and those applicable to the personal information we collect, and process are listed below. In addition to these rights, you have the right to escalate any concern to the Supervisory Authority, which in the UK is the Information Commissioners Office https://ico.org.uk. A full and detailed explanation of all rights can be found at https://ico.org.uk/for-the-public/
You have the right to lodge a complaint with the UK’s supervisory body, The Information Commissioners Office www.ico.org.uk
Automated decision making
CaPS Ltd. does not conduct automated decision making.
Third party websites
Our website may contain links to other websites. This privacy policy only applies to CaPS Ltd., so if you follow a link to another website, you should read that organisations own privacy policy.
Changes to our privacy policy
We keep our privacy policy under review, and we will place any updates on our website. This privacy policy was last updated in September 2020
How to contact us
You can write to us at this address:
Compliance and Privacy Solutions Ltd.
Floor 2, South Wing, The Office
CBQ, Manor Royal West Sussex, RH10 9AD
Or, email dataprotection@caps-ltd.co.uk
Cookie | Duration | Description |
---|---|---|
_ga | 2 years | This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, camapign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assigns a randoly generated number to identify unique visitors. |
_ga_* | 1 year 1 month 4 days | Google Analytics sets this cookie to store and count page views. |
_gid | 1 day | This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the wbsite is doing. The data collected including the number visitors, the source where they have come from, and the pages viisted in an anonymous form. |
GPS | 30 minutes | This cookie is set by Youtube and registers a unique ID for tracking users based on their geographical location |
sbjs_current | session | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
sbjs_current_add | session | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
sbjs_first | session | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
sbjs_first_add | session | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
sbjs_migrations | session | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
sbjs_session | 1 hour | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
sbjs_udata | session | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
Cookie | Duration | Description |
---|---|---|
IDE | 2 years | Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile. |
NID | 5 months | This cookie is used to a profile based on user's interest and display personalized ads to the users. |
PREF | 8 months | PREF cookie is set by Youtube to store user preferences like language, format of search results and other customizations for YouTube Videos embedded in different sites. |
VISITOR_INFO1_LIVE | 5 months | This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website. |
VISITOR_PRIVACY_METADATA | 6 months | YouTube sets this cookie to store the user's cookie consent state for the current domain. |
yt.innertube::nextId | never | YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen. |
yt.innertube::requests | never | YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen. |
Cookie | Duration | Description |
---|---|---|
yt-player-headers-readable | never | The yt-player-headers-readable cookie is used by YouTube to store user preferences related to video playback and interface, enhancing the user's viewing experience. |
yt-remote-cast-available | session | The yt-remote-cast-available cookie is used to store the user's preferences regarding whether casting is available on their YouTube video player. |
yt-remote-cast-installed | session | The yt-remote-cast-installed cookie is used to store the user's video player preferences using embedded YouTube video. |
yt-remote-connected-devices | never | YouTube sets this cookie to store the user's video preferences using embedded YouTube videos. |
yt-remote-device-id | never | YouTube sets this cookie to store the user's video preferences using embedded YouTube videos. |
yt-remote-fast-check-period | session | The yt-remote-fast-check-period cookie is used by YouTube to store the user's video player preferences for embedded YouTube videos. |
yt-remote-session-app | session | The yt-remote-session-app cookie is used by YouTube to store user preferences and information about the interface of the embedded YouTube video player. |
yt-remote-session-name | session | The yt-remote-session-name cookie is used by YouTube to store the user's video player preferences using embedded YouTube video. |
ytidb::LAST_RESULT_ENTRY_KEY | never | The cookie ytidb::LAST_RESULT_ENTRY_KEY is used by YouTube to store the last search result entry that was clicked by the user. This information is used to improve the user experience by providing more relevant search results in the future. |