FREE 30 minute consultation! CONTACT US

Digital Regs

Digital Regs Digital Regs Digital Regs

Digital Regs

Digital Regs Digital Regs Digital Regs
  • Home
  • Sectors
  • About Us
  • Contact Us
  • Services
    • Outsourced DPO
    • AI Governance
    • GDPR Consulting
    • Data Deletion Process
    • DSAR Response Service
    • Crypto Compliance
  • More
    • Home
    • Sectors
    • About Us
    • Contact Us
    • Services
      • Outsourced DPO
      • AI Governance
      • GDPR Consulting
      • Data Deletion Process
      • DSAR Response Service
      • Crypto Compliance
  • Home
  • Sectors
  • About Us
  • Contact Us
  • Services
    • Outsourced DPO
    • AI Governance
    • GDPR Consulting
    • Data Deletion Process
    • DSAR Response Service
    • Crypto Compliance

Privacy Policy

Our contact details

Name: Digital Regs 

Info@digitalregs.com


1. The type of personal information we collect as data controller

We currently collect and process the following information applicable to the relevant data subjects on the following legal basis:

Clients: contact name at a company that is a client of ours, email address, business address, business phone number;  when we host events or send gifts we may also process information about food allergies and names of the family members;

lawful bases for processing- performance of a contract

Prospective Clients: Name, company, email, address, telephone, background data which may be associated with both personal and professional life, depending on the type of a prospective clients; this data may contain special categories data (art.9);

lawful bases for processing- legitimate interest and a special condition for the processing of criminal offence data and special categories data is substantial public interest applied in a form of counselling the management team.

Employee Candidates: Name, address, previous roles and salary, reasons for leaving, performance information; please note that there is a potential that the filed interview notes include special categories of data under art. 9, especially in the context of political; views, health and religious affiliations;

lawful bases for processing- legitimate interests and a special condition for the processing is carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of employment; we also rely on the basis of legal obligation when we conduct right to work checks

Vendors and partners: name of the individual associated with the vendor company, their email address;

lawful bases for processing- legitimate interests 

Please note that where we rely on legitimate interests as lawful bases for personal data processing, we always perform a legitimate interest impact assessment to balance our interests with yours and continue with this legal basis only in case of no adverse effects of such processing on you.

2. The type of personal information we collect as data processor

Where we process personal data in relation to clients’ work, we do it in capacity of data processor what means that we act on written instructions of data controllers- our clients.

3. How we get the personal information and why we have it

Most of the personal information we process is provided to us directly by you for one of the following reasons and we do not change the purpose for which we process your personal data:

Performance of a contract that we have or are about to have with you which may  include:

· Client contracts for the services 

· Contracts with vendors and partners

Promotional activities, notably organising events

Recruitment

Business continuity, notably storing back-up data and day to day operations of the  business

Assessment of suitability of prospective clients

Conflicts of interests checks

Communications between us and our clients/partners

We also receive personal information indirectly, from the following sources in the following scenarios: when conducting due diligence on prospective clients we may use background check tools which pull together relevant to this process data from publicly available sources.

We may share your personal information with certain third parties for a reason of performing our services and day-to-day running of the business, notably contractors, vendors and service providers including:

· IT infrastructure provider with servers based in the EU.

Please note that where your personal data crosses UK borders, we ensure that it happens in accordance with the regulation and that each of the relevant international data transfers is subject to an international data transfer assessment to ensure that the transfer does not expose your rights and freedoms to risks or that such risk can be mitigated and kept to minimum.

4. How we store your personal information

Your information is securely stored.

We keep all information associated with clients for a period of 6 years from the moment the engagement ended. We will then dispose your information by deleting it beyond the recovery and in accordance with our Retention and Deletion process.

We keep all data associated with HMRC for 6 years from the end of the financial year that they were used in to produce financial statements for. We will then dispose your information by deleting it beyond the recovery and in accordance with our Retention and Deletion process.

We keep personal data of employee candidates for 6 months from candidates’ rejection. We will then dispose your information by deleting it beyond the recovery and in accordance with our Retention and Deletion process.

Any marketing activities data, notably events organisation, LinkedIn activity and prospecting is kept indefinitely as it is of a very high value to us. The access to such data is restricted and data is encrypted.

Where we process personal data on behald of our clients, we store it for 6 years from the end of the engagement with that client.

5. Your data protection rights

Under data protection law, you have rights including:

Your right of access - You have the right to ask us for copies of your personal information unless one of the exemptions applies. We will inform you if such exemption exists when we respond to your request.

Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances; i.e. if we no longer need your data for the original reason the data was collected for, or if you are withdrawing your consent if the processing relied on your consent as legal basis, or we process your data unlawfully, or we have a legal obligation to erase the data or the data was collected from you as a child.

Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information if you have challenged the accuracy of your data, or objected to the use of your data.

· You may also ask us to limit the use of your data instead of deleting it if:

o we processed your data unlawfully but you do not want it deleted, or

o we no longer need your data but you want the organisation to keep it in order to create, exercise or defend legal claims.

Your right to object to processing - You have the the right to object to the processing of your personal information if:  we process your data for a task carried out in the public interest;

· for the exercise of official authority;

· for their legitimate interests;

· for scientific or historical research, or statistical purposes; or

· for direct marketing purposes

Note that we may not need to stop the processing if we can give strong and legitimate reason.

Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances. This right only applies to data you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another or give it to you. The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated.

Automated decision making- we do not make automated decisions using personal data

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at the address specified at the top of this privacy notice if you wish to make a data subject request.

6. For website visitors

This website does not collect or store any personally identifiable information about its visitors. The information we do collect is used to improve our website and services.

Like most websites, we use Google Analytics to monitor traffic and collect information about how our website is used. We use IP anonymization and do not collect any personal information through our use of Google Analytics.

Although we do not collect personal data, we may collect anonymous analytics information about the web-browser used, when a page was accessed, operating systems used, browser used and country the visitor was from.

This website may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

7. Cookies

This website uses Cookies to collect information and help improve our services and website.

Cookies are small data files stored on your computer’s (or smart-devices) web-browser. These files are sent from websites to help record the way a website is used, check if a user is logged in, personalise a website, provide tailored adverts, and many other things. Some Cookies are only used when browsing a website and are automatically deleted when the user leaves – these are known as “Session Cookies”. Other Cookies remain for a set period of time or forever – these are known as “Persistent Cookies”.

· The following Cookies may be used on this website:

· CloudFlare Cookie (__cfduid)
This Cookie is necessary for security features provided by CloudFlare. It helps protect our website and does not store any personally identifiable information.

· Google Analytics Cookies (_ga, _gid, _gac_<property-id>)
These Cookies are used to collect analytical statistics about how the website is used and accessed. Our Google Analytics is set to anonymise IP addresses and no personal data should be collected.

Managing Cookies

Modern browsers provide the ability to manage Cookies. However, completely rejecting all Cookies or removing/disabling necessary Cookies may leave some websites incomplete or unusable. Information on how to manage your Cookies will vary depending on the web-browser you are using. Please refer to your browser providers documentation for instructions on how to manage Cookies.

8. Privacy Concerns and Complaints

If you have any concerns about our use of your personal information, you can make a complaint to us at the address specified at the top of this privacy notice.

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:           

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk


Copyright © 2025 Digital Regs  - All Rights Reserved.

  • Privacy Policy

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept