Privacy Policy

POLICY STATEMENT

Data privacy is the core business of GreenLight DPM, therefore we take it very seriously and recognise the importance of protecting and respecting your personal data. This Privacy Policy describes the information we collect, how we use that information, to whom we pass the information, your rights and key contact information.

1. Overview

In order for us to provide you with consultancy services we need to collect information about you. Our aim is not to be intrusive, and we won’t ask you unnecessary questions. Any information we receive about you will be subject to strict controls to minimise the risk of misuse, including unauthorised access or disclosure.

Please read this notice carefully, together with the Terms of Use of this website. Here we set out the basis on which any information we collect about you or from you, or that you provide to us, will be processed by us and other parties in providing you consultancy services (“GreenLight DPM Services”). GreenLight DPM (“our”, “us” and “we”) commits to using your information only in accordance with the terms of this Privacy Policy.

For the purposes of this Privacy Policy, the term “information” means any confidential and/or personal data or other information related to users of GreenLight DPM Services, including, but not limited to, corporate and individual customers and their connected parties. This includes information you provide when you browse our website, request a quote, register for our newsletter, enter into a contract for the supply of consultancy services, enter a competition, promotion or survey and when you contact us for other reasons.

By visiting this website, our partners’ websites, or providing your personal information to one of our employees or associates, for example by telephone or email, you accept and expressly consent to our use and disclosure of your personal information and direct us to do so in the manner described in this Privacy Policy. Please note that this includes consenting to the processing of any sensitive personal information you provide, as described below in section 2. If you have concerns about any of the terms of this Privacy Policy, please call us so that we can provide further information.

2. What information we collect

Information we may collect from you

We may collect and process the following information about you:

Information you provide to us.

You may provide us with information by filling in forms on our website or by talking with us by over the phone or corresponding with us via email or otherwise. This includes information you provide when you browse our website, request a quote, register for our newletter, enter into a contract for the supply of consultancy services, enter a competition, promotion or survey and when you contact us for other reasons.

Initial information.

To raise a query with us or use GreenLight DPM Services, we ask you to provide your name and a phone number. You may optionally provide details of your company, your role, your email address and your physical address.

When we communicate

When you communicate with us for customer service or other purposes, including by phone, email or using other methods, we retain that information and our responses to you.

We may record calls on our telephone lines for quality control purposes and as evidence of transactions. Any information you disclose to us will be held on these recordings, with the exception of credit and debit card numbers, which are not recorded to comply with The Payment Card Industry Data Security Standard. We also record any phone number used to call us where the number is not withheld.

We ask that you do not disclose sensitive personal information, including the state of your health, in any communication, however if you should do so voluntarily, you consent for us to hold that information in our communication records and phone recordings (see further details below).

Information we collect when you use our website

When you arrive at or leave the GreenLight DPM website, whether connected by a fixed line or wirelessly, we receive the web address of the site that you came from or are going to.

While you are using our website we collect information on the services you search for or view, page response times and length of visits to specific pages, how you interacted with each page (including scrolling, clicks and mouse-overs), and methods used to browse away from the page.

We collect information about the device you are using, such as the type of device, operating system and platform, the type and version of browser, browser plug-in types and versions, the times you access our website and the time zone setting, mobile network information and unique device identifier, which may include your Device’s IMEI number and/or MAC address, and the mobile phone number used by the Device. We do not capture GPS information about you.

Individuals who are not registered users of GreenLight DPM Services

If it is necessary for you to provide personal information about other individuals in the course of dealing with us, for example regarding directors and shareholders of a company, you should do so only where you are authorised by those individuals.
These persons have the same rights to access and correct information about themselves as users of GreenLight DPM Services.

You should bring this Privacy Policy to their attention at the earliest opportunity so they aware of how their information will be processed by us and aware of their rights in relation to that information.

Information about you that we receive from third parties

Background checks

We may conduct a background check on our customers (and, for business customers, also on the business’s directors, shareholders and partners). During this process we will obtain information about you and/or your business, its directors, shareholders and partners, from an identity verification provider.

Information about you from other sources

We may also collect information about you from other sources, including other companies (subject to their privacy policies and applicable law), such as social media companies.

We work closely with third parties (including, for example, business partners and affiliates, refer-a-friend customers, service providers, advertising networks, analytics providers, and search information providers) and may receive information about you from them. This may be combined with the information you provide to us.

We will only use information we receive from business partners for marketing purposes if you have provided your consent to do so, either to the third party which collected the information, or to ourselves.

Sensitive data

Data privacy regulations prohibit the processing of ‘special categories of personal data’, also called ‘sensitive data’ unless you have given your consent.

Sensitive data includes information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, and data concerning health, sex life or sexual orientation. There are also restrictions on processing of criminal convictions and offences.

To avoid infringing these restrictions, it is GreenLight DPM’s policy that we do not ask for or collect any of the above data from you or any other party, so we therefore ask that you please do not reveal any sensitive data about yourself or others in any communication with us.

If you do reveal sensitive data, for example by phone or in an email, you will be giving express consent for us to process that information by storing the recording of the telephone call, or the email or other communication.

3. How we use your information

Our primary purpose in collecting your information is to provide you with a safe, smooth, efficient and customised experience. By submitting your information to GreenLight DPM and using GreenLight DPM Services you agree that we may use your information for the following purposes:

Fulfilling your requests

We will use your information to:

  • provide you with the information, products and services that you request from us, including providing you with
    consultancy services and quotes;
  • administer any promotion, survey or competition that you enter via our website.

Communication and customer service

We communicate with our users on a regular basis via email, phone and SMS to provide requested services. These activities include:

  • responding to requests for customer service;
  • resolving customer complaints;
  • carrying out collection activities;
  • resolving disputes about billing; and
  • conducting customer surveys.

We use your email and physical address to send you the following service communications:

  • confirm when you register with us for information about our services or to receive our newsletter;
  • send you information about important changes to our products and services, including notice of any times that our services may not be available; and
  • send notices and other disclosures required by law.

Marketing

We also use your email address to send you other types of communications that you can control, including newsletters, customer surveys and special promotions. These communications are to:

  • provide you with information about services we offer that are similar to those that you have already enquired about or purchased;
  • provide marketing and advertising, provide updates on the services we offer, and deliver promotional offers based on your communication preferences and your activities when using the GreenLight DPM Services;
  • measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you, which may be based on your activity on our website or third parties’ websites;
  • make suggestions and recommendations to you and other users of our website about services that may interest you or them, which may be based on your activity on our website;
  • keep you informed about data privacy events and news; and
  • tell you about new products and features we are developing that you may find useful.

You can choose whether to receive some, all or none of these communications by contacting us at preferences@greenlightdpm.com.

Service improvements

We will use your information to deliver and improve GreenLight DPM Services, including:

  • verifying your identity and performing credit and solvency checks;
  • validating the accuracy of information, and verifying it with third parties;
  • resolving disputes, collecting fees, and troubleshooting problems;
  • allowing us to manage risk and to detect, prevent, and/or remediate fraud or other illegal or prohibited activities;
  • detecting, preventing or remediating violations of our policies, Terms and Conditions or other user agreements;
  • providing you with customer support services including notifying you of changes to our service, including any outages, and to send you service emails;
  • improving our existing, and developing new, products, services, websites, apps and capabilities;
  • administering our website and for internal business administration and operations purposes, including storage, backup, archiving, troubleshooting, data analysis, testing, research, statistical and survey purposes; and
  • as part of our efforts to keep our website safe and secure, including managing and protecting our information technology infrastructure.

Device information

We will use this information to:

  • administer our website for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • improve our website to ensure that content is presented in the most effective manner for you and for your device;
  • to allow you to participate in interactive features of our service, when you choose to do so;
  • as part of our efforts to keep our website safe and secure;
  • to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
  • to make suggestions and recommendations to you and other users of website about goods or services that may interest you or them.

Location information / IP (Internet Protocol) address:

We may use information about your location derived from your IP address to deliver relevant advertising to you, for example, information on tailored consultancy services for your region.

Third party information

We will combine third party information with information you give to us and that we collect about you. We will use all of this information for the purposes set out in the sections above (depending on the types of information we receive).

Questionnaires, surveys, competitions and profile data

From time to time, we may offer you optional questionnaires, surveys and competitions. If you choose to answer our optional questionnaires, surveys or competitions, we may use your information to improve GreenLight DPM Services, send you marketing or advertising information, manage the competitions and for such purposes as collecting demographic information or assessing users’ interests and needs. You will be given notice of how the information will be used prior to your participation in the survey, questionnaire or competition.

Accessing and changing your information

You can review the information you have provided to us and make any desired changes to your information at any time by contacting us at customerservice@greenlightdpm.com.

4. Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our website and to provide interest-based advertising. You may adjust the settings on your browser to refuse cookies but some of the services on our website may not work if you do so. For detailed information on the cookies we use and the purposes for which we use them see our Cookie Policy.

5. Sharing information with third parties

To support our business and provide services to you

GreenLight DPM works with third-party service providers which provide important functions to us that allow us to be an efficient business partner for you. We also work with other business partners under contract with us to support our business operations, such as bill collection, marketing, customer service, contract administration and technology services. We need to disclose user data to them from time to time so that the services can be performed. Our contracts dictate that these business partners only use your information in connection with the services they perform for us and not for their own benefit.

By accepting this Privacy Policy and using GreenLight DPM Services, you expressly consent to the transfer of your data to those third parties for the purposes listed.

Where business partners are independent data controllers, their use of your information will be governed by each business partner’s Privacy Policy and we would encourage you to access those Privacy Policies for further details.

Credit card associations and legal process

Where you purchase our services using a credit or debit card, we may disclose necessary information in response to the requirements of credit card associations or a civil or criminal legal process.

We may disclose or share your information in order to comply with legal obligations, including delivering data to or responding to requests from law enforcement agencies, or in order to enforce or apply the Terms and Conditions and other agreements between you and us or to investigate potential breaches to protect the rights, property, or safety of GreenLight DPM, our customers, or others. This includes exchanging information with other companies and organisations, for example to obtain professional advice.

Where required by law

We may disclose necessary information to the police and other law enforcement agencies, security forces, competent governmental, intergovernmental or supranational bodies, competent agencies, departments, regulatory authorities, self-regulatory authorities or organisations, and other third parties, where we are legally compelled and/or permitted to do so.

Mergers and acquisitions

As with any business, it is possible that in the future GreenLight DPM could buy, merge with, or be acquired by, another company. We may disclose your information to the prospective seller or buyer of such business or assets, along with its professional advisers. If GreenLight DPM or a substantial proportion of its assets are acquired by a third party, information held by us about our customers will be one of the transferred assets, and such successor company would continue to be bound by this Privacy Policy unless and until it is amended.

Analytics and search engine providers

We share your IP address with analytics and search engine providers that assist us in the improvement and optimisation of our website, and also for third party advertising on third party websites. See also our Cookie Policy.

Affiliates

If you are referred to us by a third party – either via our affiliate network or via the refer-a-friend promotion – depending on the arrangement, we may notify them when you engage us for services.

We have a select group of affiliates to whom we occasionally refer customers. If we think you may benefit from these services, we will ask you if you would like us to pass on your details. We will always name the affiliate and ask you for permission before we refer you, and we will pass on your details only where you give us permission to do so. If we refer you, we will typically pass on your name, email address and telephone number.

Third party websites

Our website may, from time to time, contain links to the websites of our business partners, advertisers, affiliates and sources of relevant data privacy information.

Please note that these websites have their own privacy policies and we do not accept any responsibility or liability for those policies. Please check those policies before you submit any information to third party websites.

6. Transferring data overseas

GreenLight DPM is committed to adequately protecting your information regardless of where the data resides and to providing appropriate protection for your information where such data is transferred outside of the EEA.

The information that we collect from you may be transferred to, and stored in, a country outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us or for our suppliers. These staff may be engaged in the fulfilment of your request and the provision of support services. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy. The laws in some countries may not provide as much legal protection for your information as in the EEA, so in these circumstances our policy to protect your data is to rely on findings of adequacy by the European Commission (for countries in scope of those findings), the EU-US Privacy Shield (for transfers to the USA) or standard contractual clauses adopted by the European Commission or the UK Information Commissioner (for all other countries).

By submitting your information and making use of GreenLight DPM Services, you agree to such transfers, storing or processing. We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this Privacy Policy.

We will do our best to protect your information, however we cannot guarantee the security of your information transmitted to our website or sent to us by email or other non-secure electronic methods; any such transmission is at your own risk. Once we have received your information, we will use protective procedures and security features to try to prevent unauthorised access.

7. Data Retention Policy

Our policy is to retain data for seven years after the conclusion of a business relationship. In some circumstances, such as an enquiry from a law enforcement agency, we may have to hold it longer. We may also retain information if required to protect our interests, for example in case of litigation. When data falls outside those retention periods we will take steps to delete it from our system. Where you have asked us not to contact you, we will retain that information on a ‘do not contact’ list to reduce the risk of us contacting you in the future.

8. Customer rights

You have the following rights regarding personal data:

To ask us to correct any information we hold about you if it is incorrect.

Whilst we endeavour at all times to keep your information accurate, we welcome your corrections. You can correct your profile at any time by contacting us at customerservices@greenlightdpm.com, or you can call your personal contact at GreenLight DPM to make any changes.

To ask us to erase your information if we no longer have any reason to hold it, also known as the ‘right to be forgotten’.

Our Data Retention Policy (see section 7) explains the circumstances when we can or are obliged to retain information, however outside of those periods we will delete your information in line with our data retention policy and on request. We will maintain a record that you made an erasure request to reduce the likelihood of us contacting you in the future but we will use that information for no other purpose.

To ask us to return to you information you provided to us, also known as ‘data portability’.

You can ask us to send you in electronic format the information you provided to us under our Terms & Conditions or under consent.

To ask us not to process your information where you previously gave consent or where we are exercising our legitimate interest.

If you make a request for us to stop processing your information, we will investigate to see if there is a compelling reason for processing to continue and will discuss the conclusion of the investigation with you. You cannot object to processing which is a legal obligation or where we must process your information to satisfy a contract to which you are a party. Also, if you previously gave consent and we processed your data on the basis of that consent, you cannot object to that past processing, however you can ask us to stop processing it in the future.

To ask not to be subjected to automated decision making and profiling.

GreenLight DPM puts the human factor at the heart of our customer service, so there are no circumstances when you will be affected by profiling or other automated decision making without a person reviewing and making a decision on the result. If you feel you may have been unfairly impacted by profiling, our team can manually assess whether the decision is fair and discuss the situation with you.

To ask for a copy of the information we hold about you.

We will endeavour to respond to your request within 30 days, however at time of high demand we may need 90 days to compile a full response.

To ask us not to process your information for marketing purposes.

You can do this by checking or unchecking certain boxes on the forms we use to collect your information, or by emailing us at preferences@greenlightdpm.com, or by clicking on the ‘unsubscribe’ link at the foot of every marketing or promotional email.

You may exercise any of the above rights by contacting us at dataprotection@greenlightdpm.com or by calling your personal contact at the company.

9. Contacting us

The Data Controller

The Data Controller is Greenways Services (UK) Limited trading as GreenLight Data Privacy Management, Registered office address Clayton Wickham Cottage, Belmont Lane, Hurstpierpoint, West Sussex, BN6 9EP, Company number 09306493.

Contacting us with questions or requests

If you want to exercise your right to access your information or have any questions about this Privacy Policy, GreenLight DPM’s information practices, or your dealings with GreenLight DPM, you can contact us by emailing us at dataprotection@greenlightdpm.com, or by calling the telephone number located on our website, or by writing to us at the address above.

Data Privacy Complaints

If you believe that we have breached a privacy law with which we should comply, please send an email to dataprotection@greenlightdpm.com. We aim to respond in a reasonable time, normally within 30 days, and will discuss the result of our investigation with you.

Complaints to the UK Information Commissioner

You have the right to complain to the UK Information Commissioner’s Office if you believe we have not handled your request in an appropriate manner. For information on contacting the ICO please see their website.

10. Changes to this Privacy Policy

We may amend this Privacy Policy at any time, as new features are added to the GreenLight DPM Services or as we incorporate suggestions from our customers, so please check back frequently. Your continued use of our website after such amendment will constitute your acceptance of, and agreement to, any changes.