Dougall Baillie Associates Ltd from here on known as the ‘Controller’, maintains and protects the personal data that individuals provide us. The General Data Protection Regulation says that personal data shall be processed fairly and lawfully. Data will be processed lawfully by means of consent or contract under Article 6 of the General Data Protection Regulation.
The Controller only collects basic personal data about you which includes name, address, email address and telephone number. We use this information to enable us to supply you with information and services which you have requested.
The Controller needs to know this basic personal data in order to provide you with information and services which you have requested. The Controller will not collect any personal data from you that is not required in order to provide and oversee these services to you and will be erased when it is no longer required, unless explicit consent is given for retention.
All the personal data that is provided is processed by our staff in the UK, however for the purpose of IT hosting and maintenance this information is located on a server within the UK. No third parties have access to your personal data unless the law allows them to do so.
The Controller has a Data Protection regime in place to oversee the effective and secure processing of your personal data.
The Controller is required for insurance purposes to keep basic personal data relating to information and services of projects for a minimum of 12 years, after which time it will be destroyed. All other personal data that is processed shall not be kept longer than is necessary for that purpose.
Under Article 17 of the General Data Protection Regulation individuals have the right to have personal data erased under certain circumstances. Individuals also have the right to have incorrect personal data corrected. If at any point you believe the information we process on you is incorrect you can request to see this information, and have it corrected or erased.
If you are not satisfied with the Controllers response or believe that the processing of the personal data is not done in accordance with the law you can complain to the Information Commissioner’s Office: https://ico.org.uk/