01626 437157

GDPR Data and Information Policy

To view our Cookie and Privacy Policy please click here.

We are transparent about how we hold and use data.

The information we hold is:

Client Information

  • Information enabling us to run their digital marketing campaign. Including names, phone numbers, email addresses, business address (or home business address)
  • Website logins (where supplied)
  • Social media logins (where supplied)
  • Domain and hosting logins (where supplied)
  • Advertising account logins (where supplied)
  • Analytics logins (where supplied)
  • Bank details (where supplied)

Elements are also kept inside Hubspot and Tawkto (our chat software). Their data processing terms and conditions are available on their websites.

Leads and Contacts

If you request a marketing review from us,  or enquire about using our services, we will retain some or all of the following data:

  • Name
  • Address (if purchased)
  • Email address
  • Phone number (if provided)
  • Declared business information, 

This information is collected through:

  • Our website:
    • The free review questionnaire asks visitors for the information necessary for us to carry out the review

Data Consent

We always make clear on email capture forms that the data we collect may be used.

The basis for processing client data is Contract. The basis for processing lead/contact data is Consent and/or Legitimate Interest.

Data and Privacy Notice

We store the data you submit to us in our email marketing software so that we can send you relevant information and training to help you with your marketing. 

You can remove your consent to receive this information at any time by clicking the link at the bottom of the email. If you would like to have your data erased, simply reply to any email from us requesting this and we will handle this for you within 1 month.

Data Policy

Spotty Dog only collects and stores information from clients necessary for us to carry out the work that we are required to carry out. This information is available to the team working on the campaign and other staff in the company who might need it for the purposes of accounting, administration or helping with the marketing work.

We also collect and store information from contacts and leads in order to provide relevant marketing training, advice, and sales recommendations. This information is available to all staff.

The information we store about each client or contact is available to that client or contact on request, and we will remove any data when requested by them.

All client or contact information is held only in the designated cloud software applications (Google Drive, Hubspot, Dropbox, Gmail, Outlook, Tawkto, Skype). Information and data is never stored locally on computers in documents not controlled by these cloud apps.

 

Risks and Impact Assessment

  • Risk: Staff computer or account hacked, and contact information accessed
    • Impact: client data leaked and shared online. Potentially websites hacked and personal data leaked.
    • Mitigation: where possible, data is stored in cloud services like Google Drive and Dropbox which have login protection and two-step verification when accessed from new locations or IP addresses. Passwords changed every 3 months.

Breach Notification

A data breach can be something which leads to the destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored, or otherwise processed.

If any staff notice that this has happened they are required to immediately notify their manager. Following notification of a breach, we will:

  • Assess the impact of the breach
  • Notify the relevant parties immediately
  • Investigate the cause of the breach
  • Rectify any security vulnerabilities or processes to minimise the chance of this happening again

Right of Access

If an individual requests access to their personal data, this request is to be immediately passed to the Data Protection Officer (Jo) who will:

  • Confirm the data being processed
  • Provide full access to their data stored in our various softwares, via email.

We will respond to all such requests within 1 month.

Data Disposal

Individuals have the right to be deleted and can request that their data is erased. We will erase all records held for that individual/company including:

  • CRM records
  • Campaign documents and files

 

Information Security Policy

Every staff member is required to adhere to this policy and to abide by our data guidelines:

  • Personal data must not be stored on your personal devices
  • Passwords must be changed on the three-monthly cycle and at any other time when management requests
  • No data should be collected and retained other than what is necessary to carry out the work that has been requested of us
  • Any requests for access to data, requests to be forgotten, reports of a breach, or any other matter relating to management of or access to personal data should be immediately passed to Jo Eckersley at jo@spottydogdigitalmarketing.co.uk.

Request your free Spotty Dog website review!

We'll review your website from a technical and customer point of view. 

You'll receive a report on what can be done to increase visibility in search engines, increase traffic and (inevitably) get more leads and sales..

Conducted by a person. For free.  With no obligation.

  • This field is for validation purposes and should be left unchanged.

New Spotty Dog website enquiry!

We think your website should be your best salesperson, so it's worth investing in.

The first step is to fill in your details, and then we'll be in touch to ask you to fill in a more detailed questionnaire about your business, website likes and dislikes, timescale etc.

When we get your answers we'll have a chat about what would be an ideal outcome for you and see if we're a good fit.

All for free.  With no obligation.

  • This field is for validation purposes and should be left unchanged.

Free website report

Let's get started!