Privacy Notice
Data Solutions Limited (“DSG”) is committed to protecting the privacy and security of your personal information. This Privacy Notice describes how DSG collects and uses personal information about you during and after your relationship with DSG, in accordance with the Data Protection (Bailiwick of Guernsey) Law 2017 (“DP Law”). DSG is registered with the Office of the Data Protection Authority, registration number DPA10916.
DSG is a Data Controller. This means that DSG is responsible for deciding how data is held and processed. This Privacy Notice sets out information about what data is processed and your rights as a data subject under the DP Law.
DSG will comply with data protection law. This means that personal information held by DSG must be:
- Used lawfully, fairly and in a transparent way.
- Collected only for valid purposes that DSG has clearly explained and not used in any way that is incompatible with those purposes.
- Relevant to the purposes DSG has told you about and limited only to those purposes.
- Accurate and kept up to date.
- Kept only as long as necessary for the purposes DSG has told you about.
- Kept securely.
DSG will collect and process data relating to consultancy services performed to enable the procurement and fulfilment of consultancy services, including contact details of individuals that make enquiries or obtain services from DSG. By sharing your personal data with DSG, you provide consent for your data to be held for the purposes set out above. This may include the following data, and excludes special category data:
- Name.
- Email Address.
- Phone Number.
- Job Title.
- Business Name and Address.
- Other information that is pertinent to the provision or arrangement of consultancy services.
Data may be stored in the form of email correspondence, financial information pertaining to contracts or information on DSG’s own customer relationship management database.
DSG will process data as part of provision of consultancy services within customer systems as a preferred means of processing, and in line with requirements in respect of each consultancy services contract. Where personal data for individual data subjects controlled by a customer needs to be processed outside customer systems as part of provision of consultancy services this will be held securely on a portal agreed with the customer, with technical measures such as two-factor authentication and encryption at rest.
DSG will not share information with third parties for marketing purposes. DSG may share personal data with other providers or sub-contractors as relevant to the provision of consultancy services, which will be specified within any consultancy services contract or associated communications..
To determine the retention period for personal data, DSG considers the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of personal data, and the purposes for which DSG processes personal data. By default DSG will store data in respect of services provided for a maximum period of five years following termination of any consultancy services contract, or relevant preliminary contact if a contract has not been established. Measures will be taken to minimise storage of personally identifiable information.
DSG does not have a dedicated Data Protection Officer. The contact for data protection purposes is the Director, using the email address on the Contact page.
Data Subject rights are set out under the DP Law. This includes the right to request access, the right to request correction to data, the right to request erasure of personal data, the right to object to the processing of personal data (and to complain to the ODPA, as well as to appeal to the outcome of a complaint), the right to restriction of processing of personal data and the right to request transfer to another party. Further information on these rights can be found at www.odpa.gg.
Where consent is used as a basis for storage or processing of personal data, a data subject has a right to withdraw consent at any time.