Call us now on +44 (0)20 8722 8400
Congility is committed to protecting and respecting the privacy of our clients and ensuring the security of their information.
This document constitutes the definition of Congility’s approach to what personal information we hold about our clients, why this information is kept and for how long.
This Policy has been written to conform with the General Data Protection Regulation (GDPR) and to explain when and why we collect personal information about people who are employees of Congility or our clients or potential clients, how the Company uses this information, the conditions under which we may disclose it to others and how we keep it secure. We are registered with the Information Commissioners Office (ICO) and our Registration No. is: Z5886614.
This Policy may be updated from time to time, so it is important to check that the current version is being viewed. If you are using our website, you are agreeing to be bound by this Policy.
Any questions regarding this Policy and our privacy practices should be sent by email to info@congility.com or by writing to us at Mekon Limited, Mekon House, 31 -35 St Nicholas Way, Sutton, Surrey, SM1 1JN. Alternatively, our telephone number is: 020 8722 8400.
We obtain information about our clients when they make an initial enquiry about our services and ongoing through the term of any contract services provided.
This information comes from our clients themselves, who provide it through enquiries into our portal or business cards or contact at conferences and seminars.
The personal information we collect is usually limited to name, address, email address, contact telephone number(s). In relation to our clients, this may also occasionally include details of other 3rd parties involved in the development of a product and their involvement with the client concerned. Personal information is garnered from a range of sources that include conferences and unsolicited client enquiries to our website.
We hold personal information on our systems only for as long as we believe is necessary for the relevant activity or, for the term defined in any relevant contract agreement. We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfil our statutory or regulatory obligations. Any contact information supplied to us by client contacts is held on our CRM (internal contact database) for a minimum period of 6 years. At the end of this term it will be deleted from our system unless contact is still established with the client concerned and there is a relevant and valid reason for maintaining the information.
At any time, a client can contact us and request their information be updated or deleted from the system. In this case we will either update the relevant record in our CRM or alternatively delete it from our records.
We may use this information to:
We maintain recorded CCTV at our offices with cameras located at strategic points throughout the Company’s business premises, principally at the entrance and exit points, but only covering communal or public areas. We retain the camera images for 31 days unless required to be held for evidential reasons.
We will not sell or impart client information to any 3rd parties other than the emergency services or 3rd party alarm receiving centres.
We may, in appropriate cases, voluntarily or where required by law, pass your data to the Police and similar organisations such as law enforcement agencies (including fraud prevention and detection) or other governmental agencies.
We will never share information with 3rd parties for marketing purposes.
We may pass information to our 3rd party service providers, agents subcontractors and other associated organisations for the purposes of completing tasks and providing services on our behalf. However, when we use 3rd party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep all information secure and not to use it for their own direct marketing purposes. We never release any information to 3rd parties beyond the emergency services or approved sub-contractors, for them to use for their own direct marketing purposes in any circumstance unless we are required to do so by law, for example, by a court order or for the purposes of prosecution or prevention of crime.
A client always has a choice as to whether they wish to receive information from us. We will not contact a client for marketing purposes by email, phone or text, if they have specifically requested us not to. The “provision of consent” for marketing exercises is tagged in the CRM for all client contacts. If an expression of consent is withdrawn at any time, this will also be tagged in the CRM to confirm that the consent for direct contact has been withdrawn.
The accuracy of your information is important to us. If you change email address, or any of the other information we hold is inaccurate or out of date, please email us at: info@congility.com or by writing to us at The Data Officer, Mekon Limited, Mekon House, 31 -35 St Nicholas Way, Sutton, Surrey, SM1 1JN. Alternatively, our telephone number is: 020 8722 8400.
You have the right to ask for a copy of the information the Company holds about you (we may charge £10 for information requests to cover our costs in providing you with details of the information we hold about you).
In certain circumstances, such as where you believe that the data is no longer necessary for the purposes for which it was collected, you have a right to require us to erase all personal data held about you. Note: There are exemptions to this right, for example in relation to freedom of expression and compliance with legal obligations.
When you give us personal information, we take steps to ensure that it’s kept securely.
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we will take all reasonable care to ensure its security on our IT Systems (soft copy information) or held securely in our offices (hard copy information).
The GDPR requires Congility to notify any Personal Data Breach to the applicable regulator (unless the breach is unlikely to result in a risk to your rights and freedoms) and, in certain instances, you.
We will notify you or any applicable regulator where we are legally required to do so.
We may make use of the information we hold about you to provide you with information that directly affects you or in the case of system users, their system.
Like many other websites, the Company website does use cookies. We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns and does not permit any individual user to be identified.
For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service. They enable us:
You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our site.
Our website may contain links to other websites run by other organisations. However, these are limited to our Certifications/Accreditations namely, ISOQAR and the like. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access these using links from our website.
In addition, if you linked to our website from a 3rd party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that 3rd party site and recommend that you check the policy of that 3rd party site.
We are concerned to protect the privacy of children aged 18 or under (although under the GDPR this is currently the under 16’s). If you are aged 18 or under‚ please get your parent/guardian’s permission beforehand whenever you provide us with personal information.
As part of the services offered to you, the information which you provide to us may be transferred to countries outside the European Union (“EU”).
These countries may not have similar data protection laws to the UK. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
If you access our services while you are outside the EU, your information may be transferred outside the EU to provide you with those services.
At the time of publication of this Policy, our web site does not use the any web site recording service. Should this change then this Policy will be updated to reflect this change.
You have various rights under data protection legislation:
We keep this Policy under regular review. This Policy was last updated in May 2018.