Data Protection & Accessibility
When the UK left the EU at the end of 2020 a ‘frozen’ version of the EU GDPR became part of UK law on 1st January 2021. Hark will continue to have appropriate safeguards in place to ensure data is held and used in accordance with this notice and be compliant with the European Union’s General Data Protection Regulation.
Information we hold in relation to the Data Protection Act 2018
Information that falls under the Data Protection Act 2018 is “any information relating to an identified or identifiable natural person”. This precludes most information we process, but given the broad definition could include the following data items which we hold:
Client software usage
• Email addresses which through we operate in a B2B environment may include personal accounts
• Individuals names
• Individuals regional location (Country – no full addresses)
• Business store locations / delivery addresses which, through we operate in a B2B environment, could include personal addresses
This information comes from our sign-up process, where the user is explained the information we will hold and its usage. Secondary data sources (e.g. Business store locations), are provided by our clients to whom we clearly indicate how we process any data provided.
Sales & marketing
In addition to the above, information can also include:
• Individuals job titles
• Individuals phone number which, through we operate in a B2B environment, could include personal phone numbers
This additional information can come from sign-up forms on our website or from data freely available on the internet, for example from websites like LinkedIn. Given the very limited scope of the data we process outlined above in relation to the Data Protection Act 2018 we consider the information we carry to be low risk whether you are a client or potential client.
Communicating privacy information
We communicate our privacy information, the data we hold and how we process it in this full document which is made available to clients, is published on our website and via summary to our direct users at point of software registration. For all Sales & Marketing emails we also provide a link to our Data Protection, Privacy & Cookie policies.
Every individual has a right to know what information we hold on them. We can provide a plain text formatted electronic document identifying information held on an individual subject to a proper request by the individual concerned or authoritative body with sufficient legal authority. We will remove an individual’s information from our systems within 30 days subject to a proper request by the individual concerned or authoritative body with sufficient legal authority.
We do not profile individuals. We will also comply to any other request covered by an individual’s rights as identified by the Data Protection Act 2018 systems within 30 days subject to a proper request by the individual concerned or authoritative body with sufficient legal authority.