Introduction
Blue Hat Associates (Blue Hat) is a data controller for the purposes of the UK Data Protection Act (DPA) 2018 and the EU General Data Protection Regulation (GDPR) and is registered as such with the Information Commissioner’s Office (ICO).
Blue Hat is committed to protecting the privacy of our clients. This privacy notice is intended to set out the basis upon which any personal data or information we collect from you, or that you provide to us, may be collected and processed by (or on behalf of) Blue Hat.
It applies to use of our website, our professional services or during any communications with you.
How we collect your information
Your personal information such as name, address, email address and phone number, or any other personal data which may reasonably identify you, may be collected by:
- Attending meetings and/or during telephone calls to us;
- Corresponding with us by email, in which case we may retain the content of your email messages together with your email address and our responses;
- Supplying us with your personal information by signing up to receive a newsletter or to attend an event;
- Supplying us with your personal information as part of the recruitment process;
- Using our website, during which other personal data may be automatically collected, such as your IP address (please see section on cookies, below).
Sensitive information
We will not collect sensitive (special category) personal information from visitors to our website, clients or our employees, except where necessitated by the terms of our engagement. ‘Sensitive personal information’ includes information about racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation.
Any sensitive personal information collected as part of our lawful processing obligations will be protected using best practice information security controls.
How we use your personal information
We will use your personal information solely for the purpose for which it was provided and share it with BHA partners, staff and consultants on a ‘need to know’ basis. We will not use your data for other purposes without your explicit consent.
We use cloud based applications and providers for information storage. Data is stored in the EU. We will only send data outside of the EU where an organization employs data protection rules that are recognised as being equivalent. We only use suppliers who implement the same level of security controls (or stronger) as we do ourselves.
We may use your personal information for the following purposes:
- To communicate with you regarding your query or application. We may contact you by post, email, telephone or text message. You may opt out/unsubscribe from such communications at any time by emailing privacy@thinkbluehat.com;
- To process any job application you may make to us (including any sensitive personal information you provide);
- To provide or administer services;
- To update client records;
- To confirm identity, ascertain credit worthiness and trace whereabouts where necessary;
- To comply with legal and regulatory requirements including verifying the identity of new clients/associates (and in certain circumstances existing clients/associates) to comply with anti-money laundering regulations, ‘right to work’ and other legislative requirements applicable to Blue Hat;
- To comply with law enforcement.
As described in this policy, personal information will be retained by us and will not be sold, transferred or otherwise disclosed to any third party, other than for the purpose of lawful processing. Personal information may be anonymised / pseudonymised for the purpose of research to inform our marketing and development strategies or where such disclosure is required by law or court order.
If your personal information changes or you no longer wish to receive a particular communication from us please let us know and we will correct, update or remove your details. This can be done by emailing privacy@thinkbluehat.com.
Security
In providing services to you, we may process personal data as a controller or on your behalf as a data processor. Where we act as processor on your behalf we will only process personal data for the purposes outlined above or otherwise in accordance with your instructions, and only keep it for as long as it is needed for that purpose.
We use up-to-date data storage and security controls to protect your personal information from unauthorised access, improper use or disclosure, unauthorised modification or unlawful destruction or accidental loss. All our employees and any third parties we engage to process your personal information are obliged to respect the confidentiality of your information.
Disclosing personal information to third parties
We may disclose your personal information to our agents or service providers, where there is a lawful basis, for any of the purposes set out in this policy.
We will not sell your information to a third party.
Cookies
The following cookies are in use on our website:
- Essential cookies – for improving the user’s experience and navigation of the website;
- Google analytics – for monitoring traffic to our website. Knowing how many people have visited and from where can help us build a better site.
We do not currently use any other cookies or other means of tracking your visits to our website. You can turn off cookies in your web browser’s settings.
Your rights
Under the GDPR, you have rights as an individual which you can exercise in relation to the information we hold about you. For further information, please visit ico.org.uk.
If at any time you wish to exercise your rights as a data subject in relation to information we hold about you as an individual please contact us by email to privacy@thinkbluehat.com or by mail to the address below.
Complaints or queries
Blue Hat tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage you to bring it to our attention if you think that our collection or use of your information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.
This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of Blue Hat’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.
If you want to make a complaint about the way we have processed your personal information please do so by email to privacy@thinkbluehat.com. If you are not satisfied with the response we give you then you can contact the Information Commissioner’s Office (www.ico.org.uk), which is the statutory body which oversees data protection law in the UK.
Agreement to terms of Privacy Notice
By using this website and/or providing your personal information to us, you consent to the collection and use of your personal information by us set out in this privacy notice.
If we change our privacy policies and procedures, we will post those changes on our website or otherwise notify you to keep you aware of what information we collect, how we use it and under what circumstances we may disclose it.
Further information
To learn more about how we collect, use and maintain your personal information, please contact:
Data Protection Officer
Blue Hat Associates
15 Bishopsgate
London
EC2N 3AR
Tel: +44 (0)20 7871 9943
Email: privacy@thinkbluehat.com