Privacy Policy
At Northern Reaches Ltd, our top priority is the protection and security of your personal information and that of your customers. In line with the Data Protection Act 2018, this privacy policy explains how we handle the personal data we receive from our clients. Our procedures include collecting, using, keeping, and safely disposing of your personal data when performing data-related services on your behalf.
When you provide us with your customers’ personal data, we act as a “data processor.” This means we handle and manage the data under your direction as the Data Controller. Our role involves various tasks such as examining or consulting on the data provided.
This policy is designed to keep you, our valued clients, fully informed about how we handle and use your personal data. It’s also a guide for our employees, ensuring they know how to correctly manage, use, and dispose of the data that comes into our care at Northern Reaches Ltd. We’ve written this policy in clear, straightforward language so that all our clients and their teams can easily understand our commitment to maintaining the highest standards of privacy and data security.
When Do We Collect Your Personal Data?
Information We Collect
How We Use Your Information
Your Obligations to Your Customers
Automated Decision Making and Profiling
- Contractual Necessity: When such decisions are essential for the performance of a contract with a customer, provided their rights are fully protected.
- Legal Authorization: Where the decision-making process is authorized by laws of the European Union or its member states, applicable to both Northern Reaches Ltd and our clients.
- Explicit Consent: When a customer has given explicit written consent for automated decision-making, again ensuring that their rights are safeguarded.