Privacy Policy

USE OF WEBSITE PRIVACY NOTICE

Keeping your information safe and secure

We are committed to keeping personal information safe and confidential. If you apply for a product or service we will use your personal data in accordance with the consents that you give us when you apply.

Disclosures

We will not disclose your information to other parties and can assure you that the information given will only be used for internal purposes.

Cookies

A cookie is an information file that we store on your computer. The cookie records information such as, how often and at what times you visit the website.

Your browser will allow you to disable cookies. However, if you do disable cookies you may find that your use of the site is impaired. If you wish to disable cookies, please follow these steps:

Microsoft Internet Explorer

1. Select Tools
2. Select Internet Options
3. Select the Privacy tab and choose Advanced Options button
4. Check the Override Automatic Cookie Handling tick box
5. Disable the First Party cookies by choosing the Block option
6. Disable the Third Party cookies by choosing the Block option
7. Uncheck the option to ‘Always allow session cookies’
8. Select OK to confirm changes

Site tracking information

We use independent companies to measure and analyse how people use this site. We collate information like the number of pages viewed on the site, the number of visitors and common ways of arriving at or leaving the site. Doing this enables us to keep our content and navigation fresh and useful.

This generic, non-personal information is collated using cookies. We do not and will not link any information collected with any personal information collected about you on the website.
The Peridot International website is committed to improving the service and information we are able to provide our users. We are therefore continually seeking ways of improving and upgrading the website. With this in mind, we reserve the right to change the way this site operates and how we process information. However, we will continue to respect the privacy and preferences of all users.

MARKETING PRIVACY NOTICE

Protecting the confidentiality and integrity of personal data is a critical responsibility that we take seriously at all times. Peridot International will ensure that data is always processed in accordance with the provisions of relevant data protection legislation, including the General Data Protection Regulation (GDPR).

Purpose of data processing

If you have been contacted by us or received marketing communications or updates from us, the purpose of our use of your information is to tell you about our services and keep you up to date with relevant developments. This privacy notice sets out how we use your information and details your rights under applicable data protection laws. If your organisation is a client we may use your personal data for other purposes relating to the performance of our contract with the organisation. You should refer to the terms of the contract for further details.

Fair and lawful processing of data

In processing personal data, the following principles will be adhered to. Personal data will be:

• Used lawfully, fairly and in a transparent way;
• Collected only for valid purposes that are clearly explained and not used in any way that is incompatible with those purposes;
• Relevant to specific purposes and limited only to those purposes;
• Accurate and kept up to date;
• Kept only as long as necessary for the specified purposes; and
• Kept securely.

Personal information (including sensitive personal data) will only be processed when we have a lawful basis for doing so. No personal data provided to us will be the subject of automated decision making. We believe we have a legitimate interest in processing data for the purposes set out above. However, should you wish us to stop contacting you, you can tell us at any time. To do so, you can “opt out” by clicking the clearly labelled link in our email communications. Alternatively, you can contact our administration department at 22 Buchanan Street, KY12 7PG, by email at infor@peridotinternational.net or by telephone at 0131 2181414.

Storage of data

Data will be stored securely within our IT system. We have put in place appropriate security measures to prevent personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

Data sharing

Data will be shared internally only with those personnel who require to access it for the purposes stated above.

Data retention

Peridot International Ltd will retain data subjects’ personal information when it is necessary to do so and only for as long as required to fulfil the purposes it was collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. We will retain your data and use it for the purpose of marketing communications or unless and until you opt out of receiving such contact. Thereafter we will retain your data in order to add you to a “do not contact” list so that you do not receive any further communication from us.

Your rights

Peridot International Ltd will conduct regular reviews of the information held by it to ensure the relevancy of the information it holds. If you have concerns about the accuracy of personal data held by Peridot International Ltd, you should contact us immediately to request an amendment to the data. We have put in place procedures to deal with any data security breach and will, as soon as reasonably practicable, notify you and any applicable regulator of a suspected breach where legally required to do so.
You have the right to access personal data and to request its erasure, rectification or transfer. You also have the right to object to processing, automated decision making or request that processing is restricted. If you are dissatisfied by the way in which we process your data, you are entitled to make a complaint to the Office of the Information Commissioner at any time.

CLIENT DATA PRIVACY NOTICE

Protecting the confidentiality and integrity of personal data is a critical responsibility that we take seriously at all times. Peridot International Ltd will ensure that data is always processed in accordance with the provisions of relevant data protection legislation, including the General Data Protection Regulation (GDPR).

Peridot International Ltd requires you to provide the personal data of the people you wish to be authorised users of our services in order for us to fulfil our contract with you. In addition, it may be necessary for you to disclose personal data (including sensitive or “special category” data) about your employees, workers, contractors, volunteers, interns, directors, board members, job applicants, clients, customers and suppliers (collectively “your staff”) as part of our delivery of services.

Data Processing Activity

Fair processing of data

In processing personal data, the following principles will be adhered to. Personal data will be:

• Used lawfully, fairly and in a transparent way;
• Collected only for valid purposes that are clearly explained and not used in any way that is incompatible with those purposes;
• Relevant to specific purposes and limited only to those purposes;
• Accurate and kept up to date;
• Kept only as long as necessary for the specified purposes; and
• Kept securely.

Personal information (including sensitive personal data) will only be processed when there is a lawful basis for doing so and only on your instructions. No personal data provided to us will be the subject of automated decision making. The specific lawful bases on which we will process information you give to us are set out in the table below.

Lawful processing of data

It is your responsibility as Data Controller to advise your staff that their data may be transferred to third party processors such as Peridot International Ltd and to seek any necessary consent in respect of that processing.

Please be aware that we will add the personal data of authorised users to our mailing list so we can send newsletters, updates and invitations to seminars or other events by phone, letter or e-mail. This is part of our contractual commitment to ensure that your authorised users are kept up to date with relevant developments. We also believe that we have a legitimate interest in contacting you for this purpose, both during the currency of your contract with us and thereafter.

However, should any authorised user wish to stop receiving such information from us they can ask us to remove their details from our mailing list at any time. To do so, they can “opt out” by clicking the clearly labelled link in our email communications. Alternatively, they can contact us by email at info@peridotinternational.net or by telephone at 0131 2181414.

Collection and retention of data

Peridot International Ltd will collect personal information about authorised users and other contacts within your organisation at the outset of our relationship and any time you tell us to add new authorised users during the currency of our contract. We will also collect personal data of your staff as and when you disclose it to us while we are providing you with advice or other services under this contract.

Peridot International Ltd will retain data subjects’ personal information when it is necessary to do so and only for as long as required to fulfil the purpose(s) it was collected for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Details of retention periods for different aspects of personal information are set out in the table below.

When determining the appropriate retention period for personal data, Peridot International Ltd will consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of personal data, the purposes for which the personal data is processed, whether Peridot International Ltd can achieve those purposes through other means, and the applicable legal requirements.

On termination of our contract with you, you may request that we delete personal data or return it to you. We will do so without delay unless there is a lawful basis for us to continue to process it. Otherwise, we will securely destroy data subjects’ personal information after the relevant data retention period has expired.

Data security and sharing

Peridot International Ltd has put in place appropriate security measures to prevent personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Security measures include password protection, IT encryption and access controls. Access to personal information of your staff and authorised users is limited to those employees, contractors and interns of Peridot International Ltd who have a business need to know. They will only process personal information on Peridot International Ltd instructions and are subject to a duty of confidentiality. We require staff to handle personal data lawfully to take steps to safeguard personal data.

We will share personal data with third parties where it is necessary to administer our contract with you and where we have your general or express authority to do so, unless we are required by law to share the data without your authority. Where data is shared to a third party sub-processor we will contractually require the sub-processor to respect the security of data subject data and to treat it in accordance with the law.

Your rights and obligations

Peridot International Ltd will conduct regular reviews of the information held by it to ensure the relevancy of the information it holds. You are under a duty to inform Peridot International Ltd of any changes to lists of authorised users and any changes to personal information held about your staff. If you have concerns about the accuracy of personal data held by Peridot International Ltd, you should contact us immediately to request an amendment to the data.

You should also contact us if any data subject (including contacts, authorised users and other members of your staff) indicates that they to exercise rights in respect of personal data we hold, including the right to:

• Request access to personal information;
• Request erasure of personal information;
• Object to processing of personal information;
• Request the restriction of processing of personal information; and
• Request the transfer of personal information to another party.

Depending on the nature of the request, Peridot International Ltd may have good grounds for refusing to comply with a request. If that is the case, we will provide an explanation. If we receive any direct request to exercise rights in respect of personal data we process on your behalf, we will notify you before we respond to the request.

Our rights and obligations

Peridot International Ltd undertakes to assist you in meeting your obligations under data protection legislation in relation to the security of processing, notification of data protection breaches and data protection impact assessments. We have put in place procedures to deal with any data security breach, and will, as soon as reasonably practicable, notify you, the data subject(s) and any applicable regulator of a suspected breach where legally required to do so.

We will also assist you in providing subject access and allowing data subjects to exercise their rights in respect of the personal data we hold. This assistance will extend to submitting to audits and inspections and providing information you require to satisfy your obligations. We undertake to tell you if we are asked to do anything which would infringe data protection legislation. Peridot International Ltd will have regard to the principles of this policy and relevant legislation when designing or implementing new systems or processes.

Nothing in this policy relieves Peridot International Ltd of its own responsibilities and liabilities under applicable data protection legislation.