Websand Data Protection Policy
Websand offers the ultimate marketing solution joining the dots between CRM, email marketing and business analytics. Supporting safe and smart use of customer data.
Websand is a platform to hold your data. Through the Websand platform we’ll keep this information safe for you, and manage it for you. But at all times, but it remains your data.
We at Websand believe that an organisation should be respectful of the personal data it holds, ensuring that only relevant data is collected and that only communications of relevance are issued are the key drivers of the business.
The security of your data is of paramount importance to us. We are registered with the ICO (the information commissioners office).
ICO Data Protection – Things you need to know
Here are a key things to note regarding our data policies and also legal issues of note regarding data protection.
In the event that you decide that you no longer wish to use the platform then we will return the data provided to us back to you.
We do not allow anyone to export information from your platform, the structure of the platform should ensure that you have all the relevant information available to you, therefore exports shouldn’t be necessary. This also ensures that your data is secure. We have an export procedure should a data export be required, this will be discussed as part of the system set up.
Your obligations in relation to Data Protection (content below is summarised from the ICO website).
The Data Protection Act 1998 establishes a framework of rights and duties which are designed to safeguard personal data. This framework balances the legitimate needs of organisations to collect and use personal data for business and other purposes against the right of individuals to respect for the privacy of their personal details.
The legislation itself is complex and, in places, hard to understand. However, it is underpinned by a set of eight straightforward, common-sense principles.
- Personal data shall be processed fairly and lawfully and, in particular, shall not be processed unless –(a) at least one of the conditions in Schedule 2 is met, and(b) in the case of sensitive personal data, at least one of the conditions in Schedule 3 is also met.
- Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.
- Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.
- Personal data shall be accurate and, where necessary, kept up to date.
- Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
- Personal data shall be processed in accordance with the rights of data subjects under this Act.
- Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
- Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
If you make sure you handle personal data in line with the spirit of those principles, then you will go a long way towards ensuring that you comply with the letter of the law.
A full guide can also be downloaded from here.
We’ll endeavour to keep all our clients updated with any key changes to legislation as and when they arise.
If you have any questions please get in touch.