It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during our relationship with you.
You can contact us at:
3rd Floor, The Plaza Building, 100 Old Hall Street, Liverpool, L3 9QJ
Chain Compliance is registered with the ICO, our registration number is ZB523927.
All your personal information will be held and used in accordance with the UK General Data Protection Regulation (“UK GDPR”), the Data Protection Act 2018 and any other legislation relating to the protection of personal information (data protection laws).
We only use your personal information to provide the services you have requested from us. The information you provide will also help us direct your enquiries.
Personal information or personal data, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
Most of the personal information we process is provided to us directly by you for the purpose of providing you with our services. We collect and process your personal information through your use of this website, including any data you may provide through this website when you purchase a product, service or membership.
Personal information we may collect, use, store and transfer about you which we have grouped together, are as follows:
Some personal information is required to set up your Compliance Chain account including your name, contact details, and email address. We may also need to collect some limited employment details for registration purposes.
Your personal information can be managed via our secure Compliance Chain account. You can always review and update your information by accessing your account.
Health and other special categories of personal information
To the extent that information we collect is health data or another type of special category personal information subject to data protection laws, we ask for your explicit consent to process this data.
Children’s personal information
This website is not intended for children, and we do not knowingly collect data relating to children.
We do not provide services directly to children or proactively collect their personal information.
The law on data protection sets out a number of different reasons for which a company may collect and process your personal information.
We will only use your personal information when the law allows us to do so.
We collect personal information about our clients, customers, suppliers, subcontractors, business partners or joint venture partners in order to manage your membership, and any orders or services purchased. We also use personal information to report on tenders and projects.
Most commonly we will use your personal information in the following circumstances:
– Where you have consented before the processing.
– Where we need to perform a contract, we are about to enter or have entered with you.
– Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
– Where we need to comply with a legal or regulatory obligation
In certain circumstances, we need your personal information to comply with our contractual obligations or to pursue our legitimate interests in a way which might be reasonably expected as part of our running our business. For example, in order to deliver the services to you, we need to use the information you provide us to enable us to provide those services and / or goods ordered, to manage your membership and your Compliance Chain account.
Whenever you have given us your consent to use your personal information, you have the right to change your mind at any time and withdraw that consent. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.
We strive to provide you with choices regarding certain personal information uses, particularly around marketing and advertising.
If you have given your consent to receive marketing emails you can withdraw this at any time, or if we are relying on our legitimate interests to send you marketing you can object. In either case, just let us know. If you have received a direct marketing email from us and no longer wish to do so, the easiest way to let us know is to click on the unsubscribe link at the bottom of our marketing emails.
We may process your personal information to process any payments made for the provision of services. The information may include information for identification and verification, such as your name, credit, debit or other card number, card expiration date, and CVV code.
Any payment transactions carried out by us, or our chosen third-party provider of payment processing services will be kept secure and encrypted where possible.
Where we need to collect personal information by law, legitimate interest or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with services). In this case, we may have to cancel a service you have with us, but we will notify you if this is the case at the time.
When you visit our website, we may collect certain information by automated means, such as using cookies.
A cookie is a piece of data stored locally on your computer containing information about your activities on the Internet. Each website can send its own cookie to your web browser if your browser’s preferences allow it. Many websites do this whenever a user visits their website in order to track online traffic flows.
We use the following types of cookies:
Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, or make use of services.
Analytical or performance cookies. These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
These are the cookies we use and why:
Cookies We Use
Why We Use Them
To improve performance of our website and ensure that content remains relevant and interesting to our audience.
To ensure that content remains interesting to our audience.
If you use your browser settings to block all cookies (including necessary cookies) you may not be able to access all or parts of our website.
Unless otherwise agreed with you, we will not use any of your personal information for automated decision-making or profiling.
We only ever share your personal information with trusted third parties.
We only provide third parties with the information they need to know to perform their specific services. Where personal information is shared with a managed service provider or other third-party supplier, we work closely with them to ensure that your personal information is secure and protected at all times. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.
Our contracts with third parties make it clear that they must hold personal information securely, abide by the principles and provisions of data protection rules, and only use information as we instruct them to. In all instances where we disclose your information to third parties, we will ensure that your information is appropriately protected. If we stop using their services, any of your personal information held by them will either be deleted or rendered anonymous.
We may also disclose your personal information to comply with a regulatory or legal duty, or if it is necessary to disclose personal information in connection with an investigation of suspected or actual fraudulent activity or is based on a lawful disclosure request. We may also disclose personal information where such disclosure is necessary to protect the safety or security of any persons, and/or otherwise as permitted under applicable law.
We will never:
Your personal information will be stored on systems with technical and organisational security measures and controls located within the UK.
Sometimes we will need to share your personal information with third parties and suppliers outside the UK such as Europe and the USA.
If we do this, we have procedures in place to ensure your personal information receives the same protection as if it were being processed inside the UK. For example, our contracts with third parties stipulate the standards they must follow at all times.
We will only retain your personal information for as long as is necessary for the purpose or purposes for which we have collected it.
In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality.
Details of retention periods for different aspects of your personal information are available upon request.
In some circumstances we will anonymise your personal information (so that it can no longer be associated with you) for analytical or statistical purposes, in which case we may use this information indefinitely without further notice to you.
We work hard to keep your information safe. We use a combination of technical, administrative, and physical controls to maintain the security of your personal information and protect against accidental, unlawful or unauthorised destruction, loss, alteration, access, disclosure or use.
Where we have given you (or where you have chosen) a password that enables you to access certain parts of our services, including our platform or website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
We have put in place procedures to deal with any suspected personal information data breach and will notify you and any applicable regulator when we are legally required to do so.
You are also able to exercise your rights which include:
In some circumstances you can stop the processing of your personal information for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal information.
Where your details are used for marketing, you can opt out at any time. You are able to unsubscribe from marketing on each contact or you can contact us to object to any processing.
You have the right to request the correction of your personal information when it is incorrect, out of date or incomplete. If you notify us that the personal information, we hold is complete or inaccurate we will correct or complete the information as soon as possible.
You have the right to request that your personal information be deleted; including if we no longer need it for the purpose we collected it, you withdraw your consent or you object to its processing.
Following your request, we will erase your personal information without undue delay unless the continued retention is necessary and permitted by law. If we make the personal information public, we shall take reasonable steps to inform other data controllers processing about your erasure request.
You have the right to request that we restrict the processing of your personal information. This can be done in circumstances where we need to verify the accuracy of the information, if you do not wish to have the information erased or you have objected to the processing of the information, and we are considering this request. Once the processing is restricted, we will only continue to process your personal information if you consent, or we have another legal basis for doing so.
You have the right to access the personal information we hold about you. Any access request will usually be free of charge and responded to within one month. We will endeavour to provide information in the format requested, but we may charge you a reasonable fee for additional copies.
You have the right to receive a copy of your personal information which you gave to us. The copy will be provided in a commonly used and machine-readable format. You can also have it transmitted directly from us to another data controller, where technically possible.
You will not have to pay a fee to exercise any of the rights listed above. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information or to exercise any of your other rights. This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
If you have any questions that haven’t been covered, or you have any concerns about our use of your personal information, you can make a complaint to us by contacting us at firstname.lastname@example.org or by post using our postal address.
For further information on data protection please visit the Information Commissioner Office (ICO) website.
The Information Commissioner Office regulates data protection. If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal information, you have the right to lodge a complaint with the Information Commissioner’s Office.
You can contact them by calling 0303 123 1113 or visit the website.
Are you a principal contractor or client organisation looking to find out more or would like a demo?
If so, please contact us today!