Privacy Policy

This privacy policy sets out how Impact Reporting uses and protects any information that you give when you use our website and online web platform (together “the website”)

Impact Reporting is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.

Impact Reporting may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 21st May 2018.

Hosting

Our website is built using WordPress and we use a third-party service, AWS, to host our website. Our Servers are located in the EU. As is true of most websites, we gather certain information automatically through your use of the Site. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring or exit pages, the files viewed on the Site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and clickstream data to analyze trends in the aggregate and administer the site, this data is saved into server logs. For more information, please see AWS’s privacy policy.

Google Analytics

When someone visits impactreporting.co.ukwe use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information does not identify anyone and we don’t use any method that would allow ourselves or Google to work out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.

E-Newsletter

Consenting to our e-newsletter is done by completing the newsletter signup form found in the footer of every page of this site.

We use a third party provider, Mailchimp, to deliver our e-newsletters and to manage our mailing list. Through this service we gather statistics about actions such as email opens and clicks using industry standard technologies to help us review and improve our emails. Mailchimp are based in the US and are certified under the EU-US Privacy Shield Framework to ensure security of all data.  For more information on Mailchimp please see their privacy policy.

What we Collect

We may collect the following information:

1. a) Name, job title and address;
   b) Contact information including email address;
   c) Demographic information such as postcode, preferences and interests;
   d) Other information relevant to customer surveys and/or offers.

If you contact us about a trade account then we will also collect details about your business and your role in it for example, if you are a partnership we will require details about your business interest and may also require details about your business partners. To open an account you will also need to provide us with financial information such as bank account details and credit history information and will also be required to provide us with details of trade referees. This is all information which we may retain on our records for future reference.

If you contact us through this website (including if you complete a contact form), by telephone, email or if you write to us, the content of those communications may also include personal data and we may also keep a copy of that correspondence on our records.

If you provide us with information about any other person, for example any other individuals within your organisation or your business partners, then you must ensure that you have consent to pass those details to us and for us to use those details in accordance with this privacy policy.  You should also make sure that you bring this privacy policy to their attention.

What we do with the information we gather

We require this information for the proper administration of our business, to understand your needs and to provide you with a better service, and in particular for the following reasons:

1. a) Account management and dealing with invoicing arrangements;
2. b) Internal record keeping;
   c) We may use the information to improve our products and services;
   d) We may periodically send promotional email about new products, special offers or other information which we think you may find interesting using the email address which you have provided;
   e) From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, or mail. We may use the information to customise the website according to your interests.

If at any time you wish to stop receiving the type of information referred to in (d) and (e) above then you can contact us at any time, using the contact details shown below.

We might also use your personal details to deal with any enquiries or complaints which you may raise or if you report any problems with our site and to contact you and deal with those issues as appropriate.

We may also use your information for other business purposes such as market research activities that we may undertake on occasion.  This may also involve the collection of survey information, involving opinions on our products or may include technical information such as Internet Protocol (IP) address information used to connect your computer to the Internet or traffic data about visits to our website and the products searched for or viewed.

Disclosure of data to third parties

From time to time we might also appoint external third parties to help us with our business functions for example, external consultants and sub-contractors.  These might include delivery contractors, marketing consultants or companies who help us to manage our website.  We therefore, may make your data available to those entities if reasonable to do so as part of our usual business practices.  When we make your personal data available to such third parties for those purposes, we will only make available to them, the data that they need to perform their obligations to us.

If you are an account holder and customer, we will disclose your data to third party credit reference agencies and to any trade referees who you may refer us to so that we can take up appropriate references and perform necessary checks.  We will keep the details of such checks on our records and may also disclose those details to third parties for the purpose of ongoing risk assessment.

We will never disclose any personal data to a third party that has been directly inputted into your organisation login instance of Impact, i.e. any personal beneficiary and/or survey data or any other data you may directly enter into our online platform.

Data breaches

In the event that we discover or suspect a data breach we will notify you as soon as we are able to provide sufficient information as to the nature and extent of the breach. The notice will include, where available at the time of sending, the following:

• The dates and times of the security event
• The details of the event including:
  • A description of the data involved in the event
  • The facts of the event or details of the decision to investigate a suspected event
• The steps we are taking or planning to take to remedy or mitigate the vulnerability.

Your rights

GDPR outlines the following rights for the individual:

• The right to be informed
• The right to access a copy of their personal data
• The right of rectification
• The right of erasure
• The right to restrict processing
• The right to data portability
• The right to object
• Rights in relation to automated decision making and profiling

This privacy notice acts as our method for keeping you informed, along with updates delivered via email when required. You will also find information on how you can access, change or delete your information. At this time we do not use any automated decision making or profiling so you will find no information on this.

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Access or changes to personal information

You have the right under GDPR to request a copy of your data which we hold, the rectification of that data and the erasure of that data. If you would like to request any of these actions please contact info@impactreporting.co.uk

Controlling your personal information

If you do not wish us to collect and use your personal data as set out in this privacy policy then you should refrain from sending any such information to us.  By providing information to us, you will be taken to have given your consent to the use of your personal information in accordance with this privacy policy.

You may choose to restrict the use of your personal information in the following ways:

1. a) Whenever you are asked to fill in a form on the website, look for the box that you can click to indicate that you do not want the information to be used by anybody for direct marketing purposes;
2. b) If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us at hello@impactreporting.co.uk

You may instruct us not to process your personal data for marketing purposes by email at any time.

If you would like a copy of the information held on you please write to The Managing Director, Impact Reporting Ltd, 26 Lever St, Manchester M1 1DW.

Provision of such information may be subject to the payment of a £10.00 administration fee.

If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.

Our rights

We may disclose information about you to any of our employees, officers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes as set out in this privacy policy.

In addition, we may disclose information about you:

1. a) To the extent that we are required to do so by law;
   b) In connection with any legal proceedings or prospective legal proceedings;
   c) In order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
   d) To the purchaser (or prospective purchaser) of any business or asset which we are (or are contemplating) selling.

We may also monitor user and network traffic for site security purposes and may use any information, including personal data to prevent any unauthorised attempts to tamper with our website or cause damage to our property.  We also reserve our rights to disclose your personal information either where you have given us explicit consent to do so or otherwise where we may do so in accordance with applicable data protection legislation.

Except as provided in this privacy policy, we will not provide your information to third parties.

Security of your personal data

We are committed to ensuring that your information is secure. We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information including putting in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

We will store all the personal information you provide on our secure (password- and firewall- protected) servers. All electronic transactions you make to or receive from us will be encrypted using SSL technology.

However, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.

You are responsible for keeping your password and user details confidential. We will not ask you for your password at any time.

Cookies

This website uses cookies.  You can find out more information about cookies and the way in which we use them in our Cookies Policy.

Changes to this policy

We may update this privacy policy from time-to-time by posting a new version on our website.  You should check this page occasionally to ensure you are happy with any changes.

We may also notify you of changes to our privacy policy by email.

Severability

If a provision of this Privacy Policy is determined by any court or other competent authority to be unlawful and/or unenforceable, the other provisions will continue in effect.  If any unlawful and/or unenforceable provision would be lawful or enforceable if part of it were deleted, that part will be deemed to be deleted, and the rest of the provision will continue in effect.

Contact

If you have any questions about this privacy policy or our treatment of your personal data, please write to us by email to hello@impactreporting.co.uk or by post to the Managing Director, Impact Reporting Ltd, 26 Lever St, Manchester M1 1DW.