- Who we are
- Lawful Basis
- Data Sharing
- Personal Data Retention
This Privacy Statement sets out:
Ascentor Limited (company number 05260780) is the data controller. Ascentor is part of the EMB Group of companies: www.emb-group.co.uk and is based at 5 Wheatstone Court, Waterwells Business Park, Quedgeley, Stroud, Glos, GL2 2AQ.
Ascentor is committed to being transparent about how it collects and uses personal data and to meeting its data protection obligations.
Ascentor’s Data Privacy Manager can be contacted at: [email protected]
The personal data processed by Ascentor will be basic contact information sufficient to respond to your general enquiries, provide downloadable resources or to contact you on relevant matters when we are permitted to do so. If Ascentor is not given the necessary information, we may not be able to respond fully to your enquiry or request for resources.
Ascentor processes personal data against a lawful basis as described below:
- If you contact us, we will use our legitimate interests to respond to your general enquiries and to promote our services
- If you request our newsletters which include the latest cyber security updates by using the request function on this website, we will use our legitimate interest to provide this until such a time you ask us to stop sending them.
- To comply with our legal obligations
- With your consent prior to processing for a pre-defined purpose
Please note that you may withdraw your consent at any time by contacting the Ascentor privacy manager at [email protected]
Ascentor Ltd has a duty of confidentiality that means our staff will treat your personal data with due respect and in confidence. We also expect the same duty of confidentiality of all third parties with whom we share personal data. It is only disclosed to those that need to know it.
Ascentor will share your personal data but only when absolutely necessary, with some or all of the following third parties:
Hubspot, Mailchimp and Nexus B2B.
Ascentor takes the security of your personal data very seriously. It implements rigorous measures to ensure your data is safeguarded throughout the time we are using or storing it. Ascentor holds Cyber Essentials Plus certification and is certified to the Audited IASME Governance standard.
Where Ascentor is processing your personal data for our legitimate interests or with your consent, we will retain it until such a time you ask us to remove it from our systems. We will do this within one calendar month of receiving your request for erasure.
The General Data Protection Regulation defines the rights that you have, although these do not apply in all situations. These rights are shown below:
- Right to be informed as to how your personal data is being processed – this is done through this policy and/or specific privacy notices
- Right to access your personal data held which is done by making a ‘Data Subject Access Request’ (DSAR) to the Ascentor privacy manager
- Right to rectification of your personal data if you believe it has been collected incorrectly or it needs to be updated
- Right to erasure of your personal data for which Ascentor no longer has a legitimate purpose to process
- Right to restrict processing under certain circumstances during which time your personal data but will be out of operational use until the related matter is resolved
- Right to data portability of your personal data in a machine-readable version, as you have provided but only applicable to data provided with your consent or under contract
- Right to object to Ascentor processing your personal data for which it does not have a legal or contractual obligation
- Rights related to automated decision making and profiling (however Ascentor does not use these techniques in its decision making)
Further details on data subjects’ rights can be found on the Information Commissioner’s Office (ICO) website: https://ico.org.uk.
If you wish to raise a concern or would like to exercise your rights or just have a query regarding Ascentor’s processing of personal data, please contact the privacy manager. Be aware that we may need to verify your identity before responding fully. For that reason, please be prepared to provide proof of your identity, or other material that, in context, will enable us to confirm your identity. Alternatively, you may wish to contact the ICO directly, using the details provided above.
This policy was last updated in July 2021.