Avla Business Services are committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data that you provide to us will be processed. Your personal data is information which by itself or with other information available to us can be used to identify you, the data subject. By ‘processing’, we mean any activity that involves using your personal data. This includes collecting it, recording it, storing it, retrieving it, using it, amending it, disclosing it, destroying it, and transferring it to other individuals or companies.
The types of personal data we collect and reasons
We record your name, email address, postal address and bank details in order to provide you with information or services that you have requested from us and in order to process payment for the same. We receive this information from you or anyone whom you have authorised to provide it to us.
You do not have to provide information to us but if you choose not to it means that we will be unable to provide you with the services that you requested from us.
Sharing your information
We may share your data with third parties ( such as HM Revenue and Customs ) where we are required by law to do or to fulfill our legitimate business interests.
Transferring your personal information internationally
We do not transfer your personal data outside of the United Kingdom.
The period for which we will keep your personal information
We will retain your personal data for the duration of our business relationship with you, for statistical reasons or for HM Revenue and Customs accounting purposes (for example business records must be kept for 6 years from the end of the financial year they relate to).
How we keep your personal information safe and who has access to it
We follow strict security procedures in the storage and disclosure of your personal data, and to protect it against accidental loss, unauthorised access, destruction or damage.
Personal information held by us electronically are stored on secure computer systems and we control who has access to them. Our staff receive data protection training and are expected to comply with data protection laws.
Where we use external companies to collect or process personal data on our behalf, we undertake detailed checks on these companies before we work with them, and put a contract in place that sets out our expectations and requirements, especially regarding how they manage the personal data they have collected or have access to.
Your Data Protection Rights
Under certain circumstances, by law you have the right to:
Request information about whether we hold personal information about you, and, if so, what that information is and why we are holding/using it.
Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
Object to automated decision-making including profiling, that is not to be subject of any automated decision-making by us using your personal information or profiling of you.
Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
Request transfer of your personal information in an electronic and structured form to you or to another party (commonly known as a right to “data portability”). This enables you to take your data from us in an electronically useable format and to be able to transfer your data to another party in an electronically useable format.
Withdraw consent. In those circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
If you want to exercise any of these rights, then please email: firstname.lastname@example.org or write to us at the address at the bottom of this page.
Your right to contact the Information Commissioner
If you are not happy with how we have handled your complaint, or you believe that we have not handled your personal information in keeping with the law, you have the right to complain to the Information Commissioner’s Office (ICO), which oversees the protection of personal information in the United Kingdom. Alternatively, you may choose to contact either the ICO directly about your complaint, regardless of whether you have raised it with us first.