X-Ray Leads is a trading style of Lead Monitors Ltd
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679)
Lead Monitors Ltd is a limited company incorporated under the laws of England and Wales, registered number 11210524 with its registered office address at Suite 4 Anchor Springs, Duke Street, Littlehampton, West Sussex, BN17 6BP (“LM” “we”).
LM is firmly committed to respecting and protecting the privacy of all personal data received or collected, in strict adherence to Data Protection Legislation (defined below) and best business practice.
Ben Parslow is the data protection officer for LM to contact the data protection officer please email firstname.lastname@example.org.
LM’s data protection and privacy measures are governed by the (i) the General Data Protection Regulation ((EU) 2016/679) (“GDPR”) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK and then (ii) any successor legislation to the GDPR or the Data Protection Act 2018 (“Data Protection Legislation”).
Where LM cannot determine the use of such personal data and is provided with that personal data by its clients, third parties or by users of LM’s Services who are not in a direct contract with LM, LM will be data processor of such personal data on behalf of the data controllers who determine how that personal data is processed, in accordance with their instructions. In such instances, those data controllers will be responsible to those individuals whose personal data may be processed by LM on behalf of that data controller in respect of how their personal data is processed, in accordance with that data controller’s own privacy statements.
Personal data collected
LM may collect, use, store and transfer different kinds of personal data about you and because of the nature of the Services we provide, the types of data we process can be quite varied, but will usually include:
- Identity Data including your first name, last name, title and job title;
- Contact Data including your address, billing address, delivery address, email address and telephone numbers;
- Financial Data including bank account and payment card details;
- Transaction Data including details about payments to and from you and other details of products and Services you have purchased from us;
- Usage Data including information about how you use LM’s Services or submit an enquiry or query through the Website including your IP address;
- Technical Data including information from your visits to the Website or in relation to materials and communications we send to you electronically; and
- Event Data including the information you provide to us for the purposes of attending meetings and events, including your preferences, access and dietary requirements.
If you fail to provide personal data
Where LM need to collect personal data by law, or under the terms of a contract LM has with you (or our customer for whom you are acting on behalf of) and you fail to provide that data when requested, LM may not be able to perform the contract it has or are trying to enter. In this case, LM may have to cancel the Services but will notify you if this is the case.
How is your personal data collected?
Where LM is acting as a data controller, LM uses different methods to collect personal data from and about you, including through:
- Interacting with LM. You may give us your data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you may provide us with when giving us feedback.
- Introducers. This includes data provided to us by an introducer or third party.
- Identity and Contact Data from publicly availably sources such as Companies House and the Electoral Register based inside the EU.
How LM will use your personal data
LM will only use your personal data in ways in which the law allows. Where acting as the data controller, most commonly we will use;
- Services for clients – Where we need to perform the contract we are about to enter into or have entered into. To provide you (or the company on behalf of which you instruct us) with services or other information that you have requested from us;
- Business Analytics – To manage our business performance and assess client satisfaction and improvement to our Services.
- Making/Chasing Payment – To invoice you for Services we have provided to you (or the company on behalf of which you instruct us) and to trace and collect debts where required;
- Compliance – To keep records of the work we have carried out for you (or the company on behalf of which you instruct us);
- Marketing – To send you electronic and/or paper-based marketing materials relating to our Services and to invite you to seminars or other events hosted by us (so far as permitted by law);
- Events – To enable us to provide events to you which are tailored to your needs and preferences
How your personal data may be shared
- with third party consultants selected by LM, whom we outsource certain support services such as word processing, translation, photocopying, data room hosting, document review and IT services or where we are using a third-party service provider to provide services that involve data processing, such as Eclipse, SecureDocs, Dotmailer or the Royal Mail;
- with event partners or providers of hospitality;
- with the Information Commissioners Office or other regulatory body where LM is under a duty to disclose your personal data to comply with any legal obligation (for example, in order to fulfil our regulatory obligations or comply with an auditor);
- with third parties to whom we may choose to sell, transfer, or merge parts of our business or with existing sister businesses. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice;
- to protect the rights, property, or safety of LM, LM’s customer, or others or to enforce any terms and conditions we provide to you. This includes exchanging information with other companies and organisations for the purposes of fraud protection and for compliance with laws;
- where you have expressly consented for us to share your personal data with third parties;
- with debt recovery agencies;
All our third parties are required to respect the security of the personal data we provide them and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with the instructions we have provided them.
Purposes for which LM will use your personal data
The details below set out a description of all the ways we plan to use your personal data where we are the data controller for your personal data, and which of the legal basis for doing so.
We have also identified what our legal bases are where appropriate and for further details please contact LM if you need the legal ground, we are relying on to process your personal data where more than one ground has been set out below.
Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest
- To register you as a new customer and verify your identity
* We will use your: (a) Identity (b) Contact data* Legal basis = Performance of a contract, Consent (for use of special categories of data) and /or Compliance with a legal requirement
– To process and deliver the Services including: (a) managing payments, fees and charges (b) collecting and recovering money owed to us (c) contacting you and corresponding about the Services
* We will use your: (a) Identity (b) Contact (c) Financial (d) Transaction data
* Legal basis = Performance of a contract, Necessary for our legitimate interests (to recover debts due to us), Compliance with a legal requirement
– To respond to queries, complaints, claims and enquiries
* We will use your: (a) Identity (b) Contact data
* Legal basis= Legitimate interests
* We will use your: (a) Identity Data (b) Contact Data
* Legal basis = Legitimate interests, or Consent (where an individual consumer)
- We will use your: (a) Identity Data (b) Individual Data (c) Event Data
- Legal basis = Legitimate interests
- Business Performance
- We will use your: (a) Identity Data (b) Individual Data
- Legal basis = Legitimate interests
- Operation of our Website
- We will use your: Technical data
- Legal basis = Legitimate interests
What if the purpose changes?
LM will only use your personal data for the purposes for which it was collected for at the beginning of our relationship, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact LM.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above or where this is required or permitted by law.
How LM stores personal data
For secure storage, LM does not transfer your personal data outside the European Economic Area (EEA). We do not normally share your personal data with anyone outside the EEA, however, we may do so when a circumstance or the Services we provide to you requires us to do so, whilst ensuring that adequate measures are in place in order to keep your personal data secure when transferring your personal data to that third party.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions (where we act as data controller) and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator or a breach where we are legally required to do so
Personal Data Retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Generally, we keep personal data in accordance with our internal retention procedures, which are determined in accordance with our regulatory obligations and good practice. These retention periods depend on the nature of the information and are subject to change. If you have any questions in this regard, please contact us using the details below.
We may send you marketing material where you are a business customer and we consider the marketing material to be relevant to you or where you are a business customer and we have previously provided you with Services, and you have not opted out of receiving such communication.
You can update your marketing preferences by emailing email@example.com.
Under certain circumstances, you have rights under Data Protection Legislation in relation to your personal data. Your rights are as follows:
- Request access to your personal data;
- Request correction of your personal data;
- Request erasure of your personal data;
- Object to processing of your personal data;
- Request restriction of processing your personal data;
- Request transfer of your personal data;
- Right to withdraw consent.
To exercise any of the above rights please contact us using the details below.
Where you exercise your right to erasure or where information is deleted in accordance with LM’s retention policy, please note that after the deletion of your personal data, it cannot be recovered, so if you require a copy of this personal data, please request this during the period LM retains the data. Please note that where you make a request for us to delete your personal data, we may have another legal basis for retaining your personal data and we may do so for so long as the other legal basis remains valid.
Where you exercise your right to request access to the information LM processes about you, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
Where you provide us with information it is your responsibility to ensure that all such information is complete in all material respects and not misleading. The accuracy and appropriateness of our advice may be affected as a consequence of your failure to do so. If any information changes, please let us know so that we can keep it updated on our systems.
The Website is not intended for children and LM will not knowingly collect any personal data from persons under the age of 18. LM may collect personal data about children which is incidental to the Services it provides. In this case LM will ensure that such personal data is processed securely.
If you would like to make a complaint in relation to how LM may have stored, used or processed your personal data, you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).
LM would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Remember the Risks Whenever You Use the Internet
LM is committed to ensuring that your information is secure and has in place reasonable and proportionate safeguards and procedures to protect your personal information. While LM does its best to protect your personal information, LM cannot guarantee the security of any information that you transmit to LM and you are solely responsible for maintaining the secrecy of any passwords or other account information.
Questions and Contact information
For any questions or for further information, please contact: firstname.lastname@example.org