Privacy Notice

Data Solutions Limited (“DSG”) is committed to protecting the privacy and security of your personal information. This Privacy Notice describes how DSG collects and uses personal information about you during and after your relationship with DSG, in accordance with the Data Protection (Bailiwick of Guernsey) Law 2017 (“DP Law”).

DSG is a Data Controller. This means that DSG is responsible for deciding how data is held and processed. This Privacy Notice sets out information about what data is processed and your rights as a data subject under the DP Law. 

DSG will comply with data protection law. This means that personal information held by DSG must be:

• Used lawfully, fairly and in a transparent way. 
• Collected only for valid purposes that DSG has clearly explained and not used in any way that is incompatible with those purposes. 
• Relevant to the purposes DSG has told you about and limited only to those purposes. 
• Accurate and kept up to date. 
• Kept only as long as necessary for the purposes DSG has told you about. 
• Kept securely.

DSG will collect and process data relating to consultancy services performed to enable the procurement and fulfilment of consultancy services, including contact details of individuals that make enquiries or obtain services from DSG. By sharing your personal data with DSG, you provide consent for your data to be held for the purposes set out above. This may include the following data, and excludes special category data:

• Name.
• Email Address.
• Phone Number.
• Job Title.
• Business Name and Address.
• Other information that is pertinent to the provision or arrangement of consultancy services.

Data may be stored in the form of email correspondence, financial information pertaining to contracts or information on DSG’s own customer relationship management database.

DSG will process data as part of provision of consultancy services within customer systems, and in line with requirements in respect of each consultancy services contract. DSG does not process data in respect of data subjects controlled by a customer within DSG’s own systems.

DSG will not share information with third parties for marketing purposes. DSG may share personal data with other providers or sub-contractors as relevant to the provision of consultancy services, which will be specified within any consultancy services contract.

To determine the retention period for personal data, DSG considers the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of personal data, and the purposes for which DSG processes personal data. By default DSG will store data in respect of services provided for a maximum period of five years following termination of any consultancy services contract, or relevant preliminary contact if a contract has not been established.

DSG does not have a dedicated DPO. The contact for data protection purposes is the Director, using the email address on the Contact page.

Data Subject rights are set out under the DPO Law. This includes the right to request access, the right to request correction to data, the right to request erasure of personal data, the right to object to the processing of personal data (and to complain to the ODPA, as well as to appeal to the outcome of a complaint), the right to restriction of processing of personal data and the right to request transfer to another party. Further information on these rights can be found at www.odpa.gg.

Where consent is used as a basis for storage or processing of personal data, a data subject has a right to withdraw consent at any time.