Eden McCallum is committed to protecting your personal data. Personal data is any information that is capable of identifying you as an individual. This policy explains how we collect and use personal data that we obtain through the Sites and other means, such as email, in person or from other third party sources.
This policy does not apply to personal information you might provide to us or we might collect in the context of our providing you with consulting services or working with you as an independent consultant, which are subject to separate privacy policies available at www.edenmccallum.com/client-privacy-policy and www.edenmccallum.com/consultant-privacy-policy .
The Sites are not intended for or directed at children under the age of 16 years and we do not knowingly collect data relating to children under this age.
We are registered with the Information Commissioner’s Office under registration number Z3279079.
Eden McCallum LLP, 5 Upper St Martin’s Lane, London, WC2H 9EA United Kingdom
Eden McCallum adheres to the following principles when processing your personal data:
Information you give to us
You may provide us with information when you are introduced to us, when we meet you in person, or when we are in contact by phone, email or via our website or otherwise.
The categories of personal data you provide may include:
Information we collect from third parties
We collect most of this information from you directly. However, we also collect information about you:
Information we collect online
Eden McCallum may collect, store and use information about your visits to the Sites and about your computer, tablet, mobile or other device through which you access the Sites. This includes the following information:
Sensitive personal data
We do not generally seek to collect sensitive (or special categories of) personal data. Sensitive personal data is information relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership; health or sex life, sexual orientation; genetic data or biometric data. If we do collect sensitive personal data, we will ask for your explicit consent to our proposed use of that data at the time of collection.
The purpose for which we use and process your information (excluding sensitive personal data) and the legal basis on which we carry out each type of processing is explained below.
For all these categories, it is in our legitimate interests to continually monitor and improve our services and your experience of the Sites and to ensure network security. We consider this use to be necessary for our legitimate interests and will not be prejudicial or detrimental to you.
|Purposes for which we will process the information||Legal Basis for the processing|
|To provide you with information and services that you request from us.||It is in our legitimate interests to respond to your queries and provide any information requested in order to generate and develop business. To ensure we offer a good and responsive service, we consider this use to be proportionate and will not be prejudicial or detrimental to you.|
|To enter into and perform contracts with you.||It is necessary for us to process your personal data in this way in order to enter into a contract with you and to fulfil our contractual obligations to you.|
|To enforce the terms and conditions and any contracts entered into with you.||It is in our legitimate interests to enforce our terms and conditions of service. We consider this use to be necessary for our legitimate interests and proportionate.|
|To populate our database which we use for marketing purposes.||It is in our legitimate interests to market our services. We endeavour to ensure that the contacts in our database are relevant and up-to-date. We consider this use to be proportionate and will not be prejudicial or detrimental to you.
You can always opt-out of receiving direct marketing-related email communications or text messages by following the unsubscribe link.
|To send you newsletters, publications, announcements, surveys, event information and marketing communications or notifications we believe may be of interest to you.||It is in our legitimate interests to market our services. We consider this use to be proportionate and will not be prejudicial or detrimental to you.
You can always opt-out of receiving direct marketing-related email communications or text messages by following the unsubscribe link.
|To send you information regarding changes to our policies, other terms and conditions and other administrative information.||It is in our legitimate interests to ensure that any changes to our policies and other terms are communicated to you. We consider this use to be necessary for our legitimate interests and will not be prejudicial or detrimental to you.|
|To measure or understand the effectiveness of any marketing we provide to you and others, and to deliver relevant marketing to you.||It is in our legitimate interests to continually improve our offering and to develop our business. We consider this use to be necessary in order to effectively generate business and will not be prejudicial or detrimental to you.|
Where we rely on legitimate interests as a lawful basis, we will carry out a balancing test to ensure that your interests, rights and freedoms do not override our legitimate interests. If you want further information on the balancing test we have carried out, you can request this from us.
If you do not wish to provide us with your personal data and processing such information is necessary for the performance of a contract with you, we may not be able to perform our obligations under the contract between us.
Eden McCallum will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you in a timely manner and we will explain the legal basis which allows us to do so.
For email marketing to an individual subscriber (that is, a non-corporate email address) with whom we have not previously engaged, we need your consent to send you unsolicited email marketing.
Where you provide consent, you can withdraw your consent at any time, but without affecting the lawfulness of processing based on consent before its withdrawal.
You have the right to opt out of receiving email marketing communications from us at any time by:
A request to unsubscribe may take a few days to take effect.
We share your information with the following third parties:
Personal data will also be shared with our third party service providers who assist with the running of the Sites and our office services including database service providers, IT services such as backup and disaster recovery service providers and others. Our third party service providers are subject to security and confidentiality obligations and are only permitted to process your personal data for specified purposes and in accordance with our instructions.
In addition, Eden McCallum may disclose information about you:
The personal data we receive may be transferred to, and stored, at a location outside of the European Economic Area (“EEA”) for the purposes of processing by third party service providers that work for Eden McCallum. We will normally only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. Where personal data is transferred to and stored in a country not determined by the European Commission as providing adequate levels of protection for personal data, including:
If you want further information on the specific mechanism used by us when transferring your personal data out of the EEA, please contact us using the details set out above.
Eden McCallum use appropriate technical and organisational safeguards to protect personal data both online and offline from unauthorised use, loss or destruction. We use industry standard physical and procedural security measures to protect information from the point of collection to the point of destruction. This includes encryption, firewalls, access controls, policies and other procedures to protect information from unauthorised access.
Only authorised personnel and third party service providers are permitted access to personal data, and that access is limited by need. Where data processing is carried out on our behalf by a third party, we take steps to ensure that appropriate security measures are in place to prevent unauthorised disclosure of personal data.
Despite these precautions, however, Eden McCallum cannot guarantee the security of information transmitted over the Internet or that unauthorised persons will not obtain access to personal data. In the event of a data breach, Eden McCallum have put in place procedures to deal with any suspected breach and will notify you and any applicable regulator of a breach where required to do so.
Your personal data will not be kept for longer than is necessary for the purposes for which it was collected and processed and for the purposes of satisfying any legal, accounting or reporting requirements.
The criteria we use for retaining your personal data, includes the following:
Access to and updating your personal data
You have the right to access information which we hold about you. If you so request, we shall provide you with a copy of your personal data which we are processing (“data subject access request”). We may refuse to comply with a subject access request if the request is manifestly unfounded or excessive or repetitive in nature.
You may also have the right to receive personal data which you have provided to us in a structured and commonly used format so that it can be transferred to another data controller (“data portability”). The right to data portability only applies where your personal data is processed by us with your consent or for the performance of a contract and when processing is carried out by automated means.
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate. Please keep us informed if your personal data changes during your relationship with us.
You have the right to object at any time to our processing of your personal information for direct marketing purposes.
Where we process your information based on our legitimate interests
You also have the right to object, on grounds relating to your particular situation, at any time to processing of your personal information which is based on our legitimate interests. Where you object on this ground, we shall no longer process your personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
You also have the following rights under data protection laws to request that we rectify your personal information which is inaccurate or incomplete.
In certain circumstances, you have the right to:
Please note that the above rights are not absolute and we may be entitled to refuse requests, wholly or partly, where exceptions under the applicable law apply.
Where we have reasonable doubts concerning the identity of the person making the request, we may request additional information necessary to confirm your identity.
In order to improve the Sites, we may use small files commonly known as “cookies”. A cookie is a small amount of data which often includes a unique identifier that is sent to your computer or mobile phone (your “device”) from the Site and is stored on your device’s browser or hard drive. The cookies we use on the Site won’t collect personally identifiable information about you and we won’t disclose information stored in cookies that we place on your device to third parties.
You can find more information about how to manage cookies for all the commonly used internet browsers by visiting www.allaboutcookies.org. This website will also explain how you can delete cookies which are already stored on your device.
We currently set the following cookies:
We only use “Google Analytics” on the Sites. This cookie provides us with a visitor count and an understanding of how visitors move around and use the website. We can then use this information to improve navigability and the Sites generally. The cookies we use on the Sites won’t collect personally identifiable information about you and we won’t disclose information stored in cookies that we place on your device to third parties.
We are obliged by Google Analytics to state the following:
The Sites may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates.
If you follow a link to any of these websites, please note that these websites have their own privacy policies and Eden McCallum does not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.
Whilst every member of the Eden McCallum team has a personal email address, email which you send to us or which we send to you may be captured in our database and visible to authorised partners and staff. All emails may also be monitored from time to time by Eden McCallum to ensure compliance with professional standards and our internal compliance policies.
If you have concerns about our use of your personal data, please send an email with the details of your complaint to firstname.lastname@example.org.
You also have the right to complain to the Information Commissioner’s Office (https://ico.org.uk/).