Privacy Notice
This notice was last updated on: 21-04-2022 and is version 1.0
Welcome, our privacy notice is here to help you understand how we manage and protect your information as you use our website.
Scope
As a visitor to our website, this notice applies to you. We may also refer to you as a User.
Kennedy Business Solutions act as the ‘data controller’, and are responsible for determining the purposes and manner in which your Data is collected.
This notice does not apply to websites outside of our website domain (kennedybusinesssolutions.org) and its subdomains (subdomain.domain.co.uk). This includes any websites we provide links to.
Further information
About Us Kennedy Business Solutions is registered with the UK Information Commissioner as a data controller, our registration number is ZB323584
Links and Social Media This notice does not apply to websites outside of our website domain (kennedybusinesssolutions.org) and its subdomains (subdomain.domain.co.uk). This includes any websites we provide links to social media networks. Please refer to the relevant privacy policy for that website for details about how they process your personal information.
Other Relevant Policies This privacy policy should be read alongside, and in addition to the following additional terms, which also apply to your use of our site:
- Our Terms of Use
- Our Cookie Policy
Definitions We use the following definitions in our privacy notice:
Data aka personal data: Any information you submit to our Website will be considered as Data. This includes where applicable Personal Data, as defined by relevant Data Protection Laws.
Cookies: Are small text files placed on your computer by this Website when you visit certain parts of the Website and/or when you use certain features of the Website. Details of the cookies used by this Website can be found within our Cookie Policy.
Data Protection Laws: Covers any applicable law relating to the processing of Personal Data, including the Data Protection Act 2018, the General Data Protection Regulation (EU) 2016/679, Directive 96/46/EC (Data Protection Directive), and any national implementing laws, regulations and secondary legislation.
Kennedy Business Solutions, we or us: Located at 2 The Ivies, Church Street, Ashbourne, DE6 1AJ.
User or you: Any visitor that comes to see our Website, except for anyone who is either employed by us or is engaged in providing business services to us when accessing this website.
Website: The website that you are currently visiting, and any sub-domains of this site unless expressly excluded by their own terms of use.
General
You may not transfer any of your rights under this policy to any other person. We may transfer our rights under this privacy policy where we reasonably believe your rights will not be affected
If any court or competent authority finds that any provisions of this privacy policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this privacy policy will not be affected.
Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that or any other, right or remedy.
This agreement will be governed by and interpreted according to the law of England and Wales. All disputes arising under the Agreement will be subject to the exclusive jurisdiction of the English and Welsh courts.
Data we collect and how we collect it
Contact Details
Such as your name, email address & telephone number.
— When you enter details into our contact us form or contact us directly via our contact details.
Technical Data
Collected as you use the website, including your IP address, browser type, version, device details.
— Automatically from the use of our website.
Further information
Sensitive or special category data: Just to let you know, we don’t use our website to collect anything categorised as special category information. For example racial or ethnic origin, political opinions, health data etc.
Children’s data: Our website and services are provided to businesses and are intended for use by those 18 or older. We do not knowingly collect personal data from anyone under 16 years old.
Cookies: We will collect your Data automatically via cookies, in line with your decision according to our Cookies Policy. For more information please see our Cookie Policy
How we use Data collected and why
Getting in contact with you
If you show interest in our products and services, for example by completing our contact us form, we’ll reach out and get in contact with you.
Providing our services to you
If you are a customer using our services we will use the information collected to help provide these services to you.
Improving our services and website
Information we collect about how you use our website and services will be used to help us provide a better service and experience for you.
You're in Control
You may change your mind about how we get in contact with you, including opting-out (or into) receiving marketing material from us.
You can contact us via sherril.kennedy@kennedybusinesssolutions.com
Internal record keeping
While operating our business and services we may need to use the information we have captured to evidence our legal compliance with applicable data protection law.
Lawful Basis for processing
Performance of a contract: this means processing your data where it is necessary for the performance of a contract, which you are a party to or take steps at your request before entering into a contract.
Legitimate Interest: where the processing of data is deemed necessary for the legitimate interests of our business, provided those interests are not outweighed by your rights and interests. If you object to our use of data collected you have the right to object in certain circumstances. Please see the section “Your Rights” below
Comply with a legal or regulatory obligation: this means processing your data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
Consent: where you have given clear consent for us to process your personal data for a specific purpose.
Our third-parties
We use a number of suppliers and third parties to help us provide our services and this may involve processing Data we capture. We’ve outlined our third-parties below with some links for further information.
How secure is the data we collect?
We will use technical and organisational measures to safeguard your Data, for example:
- your use of this website is encrypted using secure HTTPS connections;
- we store your data on secure servers;
- we regularly update our website and its components;
- we secure our site logins and services using multi-factor authentication
- we will regularly back up our website.
Technical and organisational measures include measures to deal with any suspected data breach.
Suspect something's wrong?
If you suspect any misuse, loss or unauthorised access to your Data, please let us know immediately by contacting us via sherril.kennedy@kennedybusinesssolutions.com
Data Retention
Unless a longer retention period is required or permitted by law, we will only hold your data on our systems for the period necessary to fulfil the purposes outlined in this privacy policy or until you request that the Data be deleted.
Once we delete your Data, it may persist on backup or archival media for legal, tax or regulatory purposes.
Your Rights
Right to access
You can request a copy of the personal data we hold about you at any time. Including supplementary information about our processing activities.
More information
Will I be charged? No, we won’t charge you for providing you with access to your personal data. The only exception where we would consider a charge for this service is if your request is manifestly unfounded or excessive.
How long will it take for me to receive this information? We will work to provide your requested information within 30 days of your request. If your request is complex or you are making multiple requests at the same time, we may extend this timescale by a further 2 months, if necessary.
Can we refuse a request? Typically we will work with you to provide the information requested, however there some exemptions. If we consider that a request is unfounded or excessive, we may refuse the request where we are legally permitted to do so. If we refuse a request we will write to you and explain the reasons why.
Will I need to provide ID? Yes, we may request you provide sufficient identification to verify you are the intended data subject before we disclose any information to you.
Right to correct
You can correct any personal data we may have if this information is incorrect or inaccurate.
Please keep us updated
It is important that the Data we hold about you is accurate and current. Please keep us informed if your Data changes during the period of time we hold it.
Right to object
The right to object to our use of your personal data, including where we use it for our legitimate interests. For example Direct Marketing activities.
Right to erasure
The right to request that we delete or remove your Data from our systems.
More information
Can I request you delete all my personal data anytime? There are certain circumstances where the right to erasure can be applied and some exemptions as well. For example, where the processing of personal data is no longer required for the purpose it was collected for, or where we are processing your personal data under the lawful basis of Consent or Legitimate interest, you have the right to withdraw and object to the processing of this data, unless we have another overriding legal requirement to continue processing.
What are the exceptions? If we are under a legal obligation to continue processing the personal information we may be required to refuse the request. We will notify you in writing if this is the case.
Where can I find more information? The ICO’s website has guidance relating to the right to erasure and the guidance for organisations and individuals, this can be found at
Right to restrict our use of your Data
You can restrict the way we process your personal information in certain circumstances, such as if you believe the information is inaccurate, or we are not processing the personal data lawfully.
Right to data portability
The right to request that we move, copy or transfer your personal data. We will provide you with this in an open format such as a CSV or PDF file.
Making a complaint
If you have a complaint regarding how we process your Data, please let us know first, so we have a chance to address any complaint you make.
If we fail to address this complaint, you may refer your complaint to the relevant data protection authority. For the UK this is the Information Commissioners Office (ICO). The ICO’s contact details can be found on their website at https://ico.org.uk/
Changes to business ownership and control
Kennedy Business Solutions may expand or reduce our business, including the sale and/or transfer of control of all or part of our business. Data we have collected and are processing as part of our business will be transferred to the new owner or controlling party. The new owner or controlling party under this privacy policy will be permitted to use the Data for the purposes for which it was originally collected by us.
In the event of a change in business ownership, we will take steps with the aim to ensure your privacy is protected during the transfer of ownership.
Updates to this policy
Kennedy Business Solutions reserves the right to change this privacy policy as we deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the Website and you are deemed to have accepted the terms of the privacy policy on your first use of the Website following the alterations.
This privacy notice was created in conjunction with Shout Cyber