Privacy Policy
We take the privacy of your personal data very seriously and all data captured will be used
and held in accordance with the requirements of the Data Protection Act 2018.
INTRODUCTION
This Privacy Policy sets out how we, Its Lolly Limited, registered office Unit 3, Freeport Office Village, Century Drive, Braintree, Essex, United Kingdom, CM77 8YG process your personal data. We take the privacy of your personal data very seriously and all data captured will be used and held in accordance with the requirements of the Data Protection Act 2018.
Its Lolly Limited is the controller. If you have any requests concerning your personal data or any queries with regard to how we handle your data, you can contact us as follows:
Contact Address: Unit 3 Freeport Office Village, Century Drive, Braintree, Essex, CM77 8YG
Phone Number: 0800 038 5389
E-mail: dataprotection@itslolly.com
Website: www.itslolly.com
WHAT IS PERSONAL DATA?
Personal data is information that relates to an identified or identifiable individual. An individual is ‘identified’ or ‘identifiable’ if you can distinguish them from other individuals. Common means of identifying someone may include, for example:
• name
• date of birth
• identification numbers
• bank details
• addresses, including email addresses
• other location data, such as an IP address
• online identifiers
This Privacy Policy gives you information on how Its Lolly collects and processes your Personal Data. Please read this Privacy Policy so that you are aware of how and why we are using your data.
THE DATA WE COLLECT ABOUT YOU
We collect, use, store and transfer different categories of Personal Data about you. This is collected when you enquire about our services directly or through contact channels on our website. This data is broken down into the following areas.
• Identity Data includes first name, maiden name, last name, title, date of birth.
• Contact Data includes billing address, delivery address, email address and telephone numbers.
• Financial Data includes bank account, payment card details.
• Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
• Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website or intranet.
• Usage Data includes information about how you use our website.
• Marketing and Communications Data includes your preferences in receiving marketing from us.
Third parties (or publicly available sources). We may receive categories of Personal Data about you from various third parties and public sources as set out below:
• Technical Data from analytics providers such as Google; advertising networks and search information providers.
• Contact, Financial and Transaction Data from providers of technical, payment and delivery services.
• Identity and Contact Data from publicly availably sources such as Companies House.
HOW WE USE YOUR PERSONAL DATA
We will only use your Personal Data when the law allows us to. Most commonly, we will use your Personal Data in the following circumstances:
• Where we need to perform the contract we are about to enter into or have entered into with you.
• Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
• Where we need to comply with a legal or regulatory obligation.
Generally, we do not rely on consent as a legal basis for processing your Personal Data other than in relation to sending direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.
HOW WE COLLECT YOUR PERSONAL INFORMATION AND WHY WE HAVE IT
Most of the personal information we process is provided to us directly by you. For example, when you:
• Enquire about our services directly or visit our website
• Have sales and consultancy meetings with us by phone, email, onsite visit
We also receive personal information indirectly, from the following sources in the following scenarios:
• Lead generation companies who have legitimately acquired information about you and your company and we have purchased.
• Through searching publicly available information about companies we are interested in offering our services to.
In summary, we use the information that you have given us in order to:
• Provide you with information about our products and services
• Provide you with notification of events that may be of interest to you
• Provide a service to you where we have a contractual obligation with you
In detail, under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are described below.
YOUR CONSENT
You are able to remove your consent at any time. You can do this by contacting us as stated at the beginning of this Privacy Policy or selecting unsubscribe on any promotional email you receive from us. For email marketing and for passing data to third parties we will use consent, this will usually be in the form of an opt-in tick box, or when you submit an email address expressly for the reason of sending marketing. We will always make it clear what your data will be used for and provide a link to our privacy policy. You can change your mind at any time.
WE HAVE A CONTRACTUAL OBLIGATION
Processing of your personal data is necessary for us to administer the pre-contract and contractual relationship between ourselves and our clients in connection with the performance of a contract.
SALES AND MARKETING
We conduct basic profiling for our marketing purposes to ensure relevant and targeted communications. This might be in the form of segmentation based on location or stated interests.
We would like to use your personal data to send you details of products or services that we offer that we have identified as likely to be of interest to you. We will only send you information in line with the preferences you indicated when you provided the personal data.
• Opting out. You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you.
• To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.
WE HAVE A LEGITIMATE INTEREST
We will use legitimate interests to send occasional marketing by post and email and for segmentation and profiling in order to send relevant targeted communications. Our legitimate interests are to communicate with our clients and prospective clients to keep them informed, to grow our business and promote best practice in the EPM marketplace.
RETENTION PERIODS
We will keep your personal data in connection with the services for which it was collected for an appropriate period of time and in accordance with our data retention policy. A copy of this policy can be obtained by emailing dataprotection@itslolly.com
In terms of personal data, we use for marketing, we will keep this data for as long as we are able to market to you and if you withdraw your consent or opt-out of marketing communications, we will keep your contact details only to ensure that we do not contact you again for marketing purposes.
HOW WE STORE YOUR PERSONAL INFORMATION
DATA SECURITY
We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition to this, we limit access to your Personal Data to Its Lolly employees only. Data collected by Its Lolly is stored in Microsoft Azure Data Centre secure storage facility, located in London, UK.
DATA RETENTION
The Personal Data collected will be stored in a form that allows identification of data subjects for the entire duration of the relationship between you and our company.
We will only retain your Personal Data for as long as necessary to fulfil the purposes we collected it for, in accordance with our data retention policy.
To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymise your Personal Data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
YOUR DATA PROTECTION RIGHTS
Under data protection law, you have rights including:
Your right of access – You have the right to ask us for copies of your personal information.
Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances. The ICO provides more information on their website.
Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances. We will look at any request and inform you of our decision within 28 days of receiving the request. If you want to exercise this right, please contact us on the contact details above.
Your right to object to processing – You have the right to object to the processing of your personal information in certain circumstances such as marketing to you.
Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us if you need additional details about the specific legal grounds we are relying on to process your Personal Data.
DISCLOSURES OF YOUR PERSONAL DATA
We may have to share your Personal Data with the parties set out below.
• Professional advisers: acting as processors or joint controllers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting and payroll services.
• HM Revenue & Customs, regulators and other authorities acting as processors or joint controllers who require reporting of processing activities in certain circumstances.
We require all third parties to respect the security of your Personal Data and to treat it in accordance with the law. We do not allow our third-party service providers to use your Personal Data for their own purposes and only permit them to process your Personal Data for specified purposes and in accordance with our instructions.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
HOW TO COMPLAIN
If you have any concerns about our use of your personal information, you can make a complaint to us at:
Contact Address: Unit 3 Freeport Office Village, Century Drive, Braintree, Essex, CM77 8YG
Phone Number: 0800 038 5389
E-mail: dataprotection@itslolly.com
Website: www.itslolly.com
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
COOKIES
As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this Personal Data by using cookies, and other similar technologies.
A cookie is a small piece of information sent by a web server to a web browser, which enables the server to collect information from the browser. Find out more about cookies on https://www.allaboutcookies.org/
Its Lolly use cookies to identify you when you visit this website and to keep track of your browsing patterns and build up a demographic profile.
Most browsers will allow you to turn off cookies. If you want to know how to do this, please look at the menu on your browser, or look at the instruction on https://www.allaboutcookies.org
WHAT TYPES OF COOKIES DO WE USE AND HOW DO WE USE THEM?
There are specific types of first- and third-party cookies served through our website and each performs a specific purpose. These cookies include:
PERFORMANCE AND FUNCTIONALITY COOKIES
These cookies are used to enhance the performance and functionality of our website but are non-essential to their use. However, without these cookies, certain functionality may become unavailable.
ANALYTICS AND CUSTOMISATION COOKIES
These cookies collect information that is used either in aggregate form to help us understand how our website is being used or how effective our marketing campaigns are, or to help us customise our website for you.
SOCIAL NETWORKING COOKIES
These cookies are used to enable you to share pages and content that you find interesting on our website through third-party social networking and other websites. These cookies may also be used for advertising purposes too.
CHANGES TO THE PRIVACY POLICY
This privacy policy is regularly reviewed and will be updated when necessary. If we make any significant changes to the policy, we will communicate these to you.
Subscribe to our Newsletter.
Subscribe to our newsletter to get a curated summary of our latest insights delivered to your inbox monthly. No sales pitches, no spam — ever.
