Civico Privacy Statement
Latest Update 15.12.2020
This statement outlines how we collect, use, share, and protect your personal data that relates to you or which makes you identifiable within our systems.
When you use this website [the Council] and Civico collect relevant information about you and how you use the site. This data is collected when you authorise the prefill or directly input information into forms, use our website, email or phone us. Your personal data can only be viewed and processed by authorised members of staff from [the Council] and Civico.
Civico will process your personal data in a transparent and lawful way. Any personal data you provide when using this website or our products and services will be used only in accordance with this privacy statement.
If you have any questions about this statement or if you would like to exercise any rights you may have in relation to your personal data, please contact us at [email protected] If you have additional questions please use the below details to contact our Data Protection Officer (DPO).
20.9 iCentrum, Love Lane, Aston, Birmingham, B7 4BB
Data Protection Officer: Richard Wallman
Email address: [email protected]
You have the right to make a complaint at any time to your data protection supervisory authority in the EU member state in which you reside. In the first instance Civico will Civico to directly address any concerns you may have so please contact us in the first instance.
Personal data we process
In order to improve our products, services and marketing efforts, we may collect and process your personal data where and when the law allows us to. This data is generally collected directly from you through forms on our website, or over the phone or automatically using cookies and Google Analytics when you visit and use the website, which enables us to analyse trends and administer the site.
We may also collect data about you from publically accessible sources, or third party lists, or when you authorise a social media network to prefill a form on our website or you interact with social media features on our website.
Your IP address may also be utilised to infer your general location, which we may use to access user engagement. We process your personal data where you consent; or where it is necessary or legitimately reasonable and where your interests and fundamental rights are upheld.
The personal data we process is dependent on the type of user. Here is a list of personal data we process:
- First and last name
- Company name or associated Council
- Job positions
- Email Address
- Address details
- Phone number
- Internet Protocol (IP) Address
- Browser type
- Internet Service Provider (ISP)
- Referring/exiting pages
- Files viewed
- Operating system
- Internet protocol (IP) addresses,
- Internet service provider (ISP),
- Referring/exit pages,
- The files viewed on our site (e.g., HTML pages, graphics, etc.),
- Operating system, Date/time stamp,
- and/or clickstream data.
- Feedback comments
- Language preference
- Login ID’s for Social Media sites
For what purpose do we process your personal data
We process personal data for the following reasons:
- Providing high quality customer service.
- Complying with laws or regulations that apply to us.
- Developing our products and services.
- Defining customers for our products and services.
- Seeking your consent when we need it to contact you.
- Providing our council customers with relevant product marketing and service features.
- Keeping our marketing updated and relevant.
Share personal data
Civico will not sell, distribute, lease, or provide any of your personal data to any third parties unless we are required by law or have your permission to do so, who are equally obligated to use that personal data in accordance with the terms of this privacy statement.
We share your personal data with the following categories of recipient:
- Customer Relationship Management (CRM) service provider.
- Marketing automation and analytics provider.
- Cyber security and penetration testing service provider.
- Government agency regulators, or
- Law enforcement authorities.
- As necessary for other legal purposes.
- As part of a business transaction.
Civico is committed to ensuring your personal data is secure. The data that we collect from you is stored on secure servers located in the United Kingdom with backup redundancy servers located in the European Economic Area (“EEA”). To prevent unauthorised access or disclosure we have put in place procedures and technical features to safeguard the security of your personal data. All of our employees are required to follow confidential personal data protection policies and procedures and regularly complete data protection, security and ethics compliance training.
Personal data we collect will not be retained for a period longer than is necessary for the purpose for which we have collected and processed your data, other than where there are legal purposes. Data processed for marketing purposes can be retained for existing clients for upto 5 years after the account has ended. Notwithstanding any unintended retention of residual data held on our redundancy backup servers, Civico will erase your personal data from our systems after 5 years of none engagement with our products, services and websites.
Right of access and portability
You have the right to request details and a copy of your personal data we hold. We will provide you with a copy of this data within a reasonable amount of time after you have submitted a legitimate request, typically one month. Please note that this process may take longer for the more complex requests. For security purposes we will ask you to confirm your identity and right to access the requested data.
Where we have been notified and accept that any of your personal data we are processing is incorrect or incomplete we commit to the rectification of this data as soon as is practically possible once the proposed data has been identified and validated as incorrect or incomplete.
We will uphold your right to object to the processing of your personal data where you feel it infringes your fundamental rights and freedoms. In some circumstances we may acert and articulate with you our legitimate grounds for continuing to process your data as may be necessary.
You have the right to receive a copy of your personal data we hold in a transferable machine-readable format to another entity, upon request in writing, and where technically possible.
Right to remove personal data
To the extent permissible by law, you may be entitled to have certain personal data removed from our systems in the following circumstances:
- The personal data is no longer needed for the purposes for which it was collected or processed.
- You object to the collection or use of your personal data and there are no legitimate grounds for the processing.
- The personal data has been unlawfully processed.
- The personal data has reached the defined retention period or for compliance.
Right to restrict processing of personal data
You may have the right to restrict the processing personal data in the following circumstances:
- You challenge the accuracy of the personal data processed.
- The processing of the data is unlawful.
- The personal data has reached the defined retention period.
- You seek to verify our legitimate grounds for processing data that you have previously objected to being processed.
Right to revoke consent
You have the right to revoke your consent to the processing of your personal data given via checkbox associated input forms on our website, by unchecking the consent checkbox or by contacting us at [email protected].