Hive Business is a trading name of Hive Services Ltd, Hive Accountancy Ltd, Hive Healthcare Ltd and Hive Marketing Solutions Ltd. We are a business consultancy and chartered accountancy firm. Hive Services Ltd is registered in England and Wales number 09572505. Hive Accountancy Ltd is registered in England and Wales number 09572514. Hive Marketing Solutions Ltd is registered in England and Wales number 09572612. Hive Healthcare Ltd is registered in England and Wales number 09572416. Registered office for all companies: 75 Daniell Road, Truro, TR1 2DB.
Hive Business aims to meet the requirements of the Data Protection Act 2018, the General Data Protection Regulation (GDPR), the guidelines on the Information Commissioner’s website as well as our professional guidelines and requirements.
Hive Business is, in most circumstances, the ‘data controller’. This means that we are responsible for deciding how we hold and use personal data about you. We are required under the Data Protection Legislation to notify you of the information contained in this privacy notice.
Hive Business may request and store names, addresses and other contact details. Such information will be used by Hive Business for its own administrative and marketing purposes only. Hive Business will not release such information, in whole or in part, to any third parties unless obliged to do so by law.
We have appointed a Data Protection Point of Contact, Ross Martin, who is responsible for assisting with enquiries in relation to this privacy notice or our treatment of your personal data. Should you wish to contact our Data Protection Point of Contact you can do so by emailing Ross Martin, Director at firstname.lastname@example.org.
In providing some of our services including but not limited to marketing and payroll, Hive Business acts as a Data Processor on behalf of our clients. The client is the Data Controller responsible for ensuring protection of their customer information. Where Hive Business receives or otherwise processes personal data within the meaning of the Act, Hive Business will only process that data to the extent needed in order to provide service for our clients.
If we host your email list(s), you entrust us with your list information, including passwords, list membership and message content. Please note that we do not sell, rent, or trade your list information to any third parties. Only employees of Hive Business who are responsible for supporting customers are granted access to the lists we host. However, we may need to release or transfer data in a few, special circumstances, when:
– We respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims.
– We believe it is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, spamming, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our terms of service, or as otherwise required by law.
– We must transfer the information, to a successor company in the event of a sale, merger, liquidation, dissolution, reorganization or acquisition of Hive Business.
If you decide to terminate your hosted list(s), we will erase your list membership once you have settled all outstanding invoices and have secured a copy for yourself.
In addition, the servers we use to deliver the service are protected to attempt to prevent unauthorised access by outsiders.
Hive Business will not use personal data obtained in the course of providing our email management or tracking service for any other purpose and will not release it, in whole or in part, to anyone other than to our client in its capacity as the data controller, unless we are obliged to do so by law.
We obtain personal data about you, for example, when:
– you request a proposal from us in respect of the services we provide;
– you OR your employer OR our clients engages us to provide our services and also during the provision of those services;
– you contact us by email, telephone, post or social media (for example when you have a query about our services); or
– from third parties and/or publicly available resources (for example, from your employer or from Companies House).
The information we hold about you may include the following:
– your personal details (such as your name and/or address);
– details of contact we have had with you in relation to the provision, or the proposed provision, of our services;
– details of any services you have received from us;
– our correspondence and communications with you;
– information about any complaints and enquiries you make to us;
– information from research, surveys, and marketing activities;
– Information we receive from other sources, such as publicly available information, information provided by your employer OR our clients or information from our member network firms.
– Your IP address, which pages you may have visited on our website and when you accessed them
How we use personal data we hold about you:
– We may process your personal data for purposes necessary for the performance of our contract with you OR your employer OR our clients and to comply with our legal obligations.
– We may process your personal data for the purposes necessary for the performance of our contract with our clients. This may include processing your personal data where you are an employee, subcontractor, supplier or customer of our client.
– We may process your personal data for the purposes of our own legitimate interests provided that those interests do not override any of your own interests, rights and freedoms which require the protection of personal data. This includes processing for marketing, business development, statistical and management purposes.
– We may process your personal data for certain additional purposes with your consent, and in these limited circumstances where your consent is required for the processing of your personal data then you have the right to withdraw your consent to processing for such specific purposes.
Please note that we may process your personal data for more than one lawful basis depending on the specific purpose for which we are using your data.
We may use your personal data in order to:
– carry out our obligations arising from any agreements entered into between you OR your employer OR our clients and us (which will most usually be for the provision of our services);
– prevent and detect crime, fraud or corruption
– carry out our obligations arising from any agreements entered into between our clients and us (which will most usually be for the provision of our services) where you may be a subcontractor, supplier or customer of our client;
– provide you with information related to our services and our events and activities that you request from us or which we feel may interest you, provided you have consented to be contacted for such purposes;
– seek your thoughts and opinions on the services we provide; and
– notify you about any changes to our services.
We are required by legislation, other regulatory requirements and our insurers to retain your data where we have ceased to act for you. The period of retention required varies with the applicable legislation but is typically five or six years. To ensure compliance with all such requirements it is the policy of the firm to retain all data indefinitely.
In some circumstances, we may anonymise or pseudonymise the personal data so that it can no longer be associated with you, in which case we may use it without further notice to you.
If you refuse to provide us with certain information when requested, we may not be able to perform the contract we have entered into with you. Alternatively, we may be unable to comply with our legal or regulatory obligations.
We may also process your personal data without your knowledge or consent, in accordance with this notice, where we are legally required or permitted to do so.
If you fill out the online contact form on our site, we will contact you by phone or email. Please inform us of any changes to your contact information; if you prefer not to receive such calls in the future, please let us know and we will record and honour your request.
If you are a Hive Business customer and need to update your contact information, please contact us indicating the change. We may use your contact information in the future to communicate important company and product information.
We will share your personal data with third parties where we are required by law, where it is necessary to administer the relationship between us or where we have another legitimate interest in doing so.
“Third parties” includes third-party service providers and other entities within our group. The following activities are carried out by third-party service providers: IT and cloud services, professional advisory services, administration services, marketing services, accountancy outsourcing service providers, CRM services and banking services.
All of our third-party service providers are required to take commercially reasonable and appropriate security measures to protect your personal data. We only permit our third-party service providers to process your personal data for specified purposes and in accordance with our instructions.
We may share your personal data with other third parties, for example in the context of the possible sale or restructuring of the business. We may also need to share your personal data with a regulator or to otherwise comply with the law.
GOOGLE ANALYTICS AND COOKIES
This website uses Google Analytics to help analyse how users use the site. The tool uses “cookies,” which are text files placed on your computer, to collect standard Internet log information and visitor behaviour information in an anonymous form. The information generated by the cookie about your use of the website (including IP address) is transmitted to Google. This information is then used to evaluate visitors’ use of the website and to compile statistical reports on website activity.
We will never (and will not allow any third party to) use the statistical analytics tool to track or to collect any Personally Identifiable Information (PII) of visitors to our site. Google will not associate your IP address with any other data held by Google. Neither we nor Google will link, or seek to link, an IP address with the identity of a computer user. We will not associate any data gathered from this site with any Personally Identifiable Information from any source, unless you explicitly submit that information via a fill-in form on our website.
When you provide personally identifiable information to Hive Business, we may use it to provide you with ongoing information about our products and services. Hive Business will not rent, sell or lease this personally identifiable information to other companies or individuals. You have a right to access, rectify, modify and delete any data referring to you. In order to exercise this right please contact us.
If you join our mailing list we will use the information you provide to contact you from time to time with news and information about Hive Business and details of the services we offer.
Please be assured you will be able to unsubscribe from our mailing list at any time. We will not provide your details to any other organisation or use our mailing list to promote products and services from anybody else.
RIGHTS OF ACCESS, CORRECTION, ERASURE, AND RESTRICTION
It is important that the personal data we hold about you is accurate and current. Should your personal information change, please notify us of any changes of which we need to be made aware by contacting us, using the contact details below.
Under certain circumstances, by law, you have the right to:
– Request access to your personal data. This enables you to receive details of the personal data we hold about you and to check that we are processing it lawfully.
– Request correction of the personal data that we hold about you.
– Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
– Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this basis. You also have the right to object where we are processing your personal information for direct marketing purposes.
– Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
– Request the transfer of your personal data to you or another data controller if the processing is based on consent, carried out by automated means and this is technically feasible.
If you want to exercise any of the above rights, please email our Data Protection Point of Contact Ross Martin, Director at email@example.com.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
RIGHT TO WITHDRAW CONSENT
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal data for a specific purpose (for example, in relation to direct marketing that you have indicated you would like to receive from us), you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please email our Data Protection Point of Contact Ross Martin, Director at firstname.lastname@example.org.
Once we have received notification that you have withdrawn your consent, we will no longer process your personal information (personal data) for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
CHANGES TO THIS POLICY
Any changes we may make to our privacy notice in the future will be updated on our website at: hivebusiness.co.uk/privacy-policy. This privacy notice was last updated on 23 May 2018.
If you have any questions regarding this notice or if you would like to speak to us about the manner in which we process your personal data, please email our Data Protection Point of Contact Ross Martin, Director at email@example.com.
If you are unhappy with our response or if you need any advice you should contact the Information Commissioner’s Office (ICO). Their telephone number is 0303 123 1113, you can also chat online with an advisor. The ICO can investigate your claim and take action against anyone who’s misused personal data. You can also visit their website for information on how to make a data protection complaint.