Our policies
Privacy and cookies policy
This document outlines how College Green Group processes and manages personal data and:
- Identifies the data controller.
- Explains the lawful basis for processing personal data.
- Outlines the personal data held and processed.
- Outlines the scope of the special category personal data held and processed.
- Outlines the process of Subject Access Requests.
- DATA CONTROLLER
The Data Controller is College Green Group
- CONTACT
If you have any questions about this policy or for more information about how we use your data or would like to exercise any of your rights contact College Green Group. by any of the methods set out below.
- LAWFUL BASIS FOR PROCESSING
All processing is carried out by consent, under the legitimate interest of College Green Group, or public interest. These cover processing to conduct casework, campaigning, advertising, marketing and communication. Where processed under the lawful basis of a task carried out in the public interest, it is to support or promote democratic engagement, including fundraising activity in order to support democratic engagement.
Processing may also be carried out for one or more of the purposes set out in the following table:
Purpose/Activity | Type of data | Lawful basis for processing including basis of legitimate interest |
To register you as a new customer |
(a) Identity (b) Contact |
Performance of a contract with you |
To deliver our products/services including: (a) Manage payments, fees and charges (b) Collect and recover money owed to us |
(a) Identity (b) Contact (c) Financial (d) Transaction |
(a) Performance of a contract with you (b) Necessary for our legitimate interests (to recover debts due to us) |
To manage our relationship with you which will include: (a) Notifying you about changes to our terms or privacy policy |
(a) Identity (b) Contact (c) Profile |
(a) Performance of a contract with you (b) Necessary to comply with a legal obligation (c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services) |
To administer and protect our business |
(a) Identity (b) Contact |
(a) Necessary for our legitimate interests (for running our business, provision of administration services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise) (b) Necessary to comply with a legal obligation |
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you |
(a) Identity (b) Contact (c) Profile (d) Usage (e) Marketing and Communications (f) Technical |
Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy) |
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences |
(a) Technical (b) Usage |
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy) |
To make suggestions and recommendations to you about products or services that may be of interest to you |
(a) Identity (b) Contact (c) Technical (d) Usage (e) Profile (f) Marketing and Communications |
Necessary for our legitimate interests (to develop our products/services and grow our business) |
- DATA SOURCES
Data held is that provided by you when you contact us and correspondence with third parties in response to cases taken up on your behalf. The Register of Electors that councils provide to authorised persons under the Representation of the People Act is also used for electoral purposes. You may also provide data to us if you interact with us on social media such as Facebook or Twitter, and in such case you should consult the privacy terms and options for those services.
- DATA SECURITY
Personal data is stored electronically and securely. We ensure that our service providers comply with the same high standard that we do, and are in the UK. We also have policies and procedures in place to deal with the unlikely event of a data breach.
- SPECIAL CATEGORY DATA
Special category data will be processed under the lawful basis indicated in section 3. In relation processing for a task carried out in the public interest, such processing is permitted under clauses 22, 23 and 24 of schedule 1 of the Data Protection Act, where the client is a political party, or elected representatives. For other clients, data will be processed based on consent and/or contractual provisions.
- TRANSFERRING YOUR DATA OUTSIDE OF THE EUROPEAN ECONOMIC AREA
Some service providers are located outside of the European Economic Area (EEA) and therefore it may be necessary to transfer your personal data outside of the EEA. Where
the transfer of your data outside of the EEA takes place we will make sure that it is protected in the same way as if the data was inside the EEA, and it only occurs with your consent.
We will use one of the following safeguards to ensure this:
- Where the European Commission has issued an adequacy decision determining that a non-EEA country or organisation ensures an adequate level of data protection.
- A contract is put in place with the recipient of the data obliging them to protect the data to the same standards as the EEA.
- The transfer is to an organisation that complies with the EU-US Privacy Shield.
Legally it is not permitted to transfer certain types of data, such as Electoral Register Data, outside of the EEA, and we honour that obligation.
- DATA RETENTION POLICY
Personal data will be held for no longer than necessary. Some types of data may be held for longer than others. Typically the maximum retention is two election cycles. Review of the data held will occur in each election cycle to determine whether it should be maintained or put beyond use.
- SUBJECT ACCESS REQUESTS
Subject Access Requests are dealt with in line with the guidance given by the Information Commissioner’s Office (ICO):
- We will request verification of the identity of any individual making a request, and ask for further clarification and details if needed.
- We will respond within one month once we have confirmed it is a legitimate request.
- Data subjects have the right to the following:
- To be told whether any personal data is being processed
- To be given a description of the personal data, the reasons it is being processed and whether it will be given to another organisations or people.
- To be given a copy of the information comprising the data, and given details of the source of the data where this is available.
- WILL WE SHARE YOUR DATA WITH ANYONE ELSE?
If you have contacted us about a personal or policy issue, your data may be passed on to a third-party in the course of dealing with your enquiry, such as local authorities, government agencies, public bodies, health trusts, regulators, and so on. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only for the basis upon which they were originally intended. We only share your data with a third party if required to do so by law.
Data may also be shared with entities of Political Party associations, federations, branches, groups and affiliates in order to assist you or maintain contact with you in support of democratic engagement, where they are affiliated with our client who is the data controller. Your personal data is only used as outlined here and within your reasonable expectations based on the nature of the communication, and recognising the need of politically related engagement in wider support of democratic engagement.
- COOKIES
Cookies are small text files placed on your device when you visit our website. They allow us to make the website easier to use, to provide you with a more personalised experience, to guard against malicious activities and to ensure any login feature functions correctly. They do not collect personal information about you.
You can remove or block cookies by changing the settings in your browser, but the functionality of the website may be adversely affected.
By using our website, you are consenting to our use of cookies in accordance with this notice. If you do not agree to our use of cookies then we advise you to set your browser settings accordingly. You can find out more about cookies at www.allaboutcookies.org.
- OTHER WEBSITES
Our websites will contain links to other websites not under our control. As such, we cannot be responsible for the protection and privacy of any information you may provide while visiting other websites, nor are those websites governed by this privacy policy. If you have any concerns please refer to the privacy policy of the website in question.
- CUSTOMISED ADVERTISING
We use advertising to show advertisements on various websites as well as advertisements on search engine results pages. This drives traffic to our website, but also enables us to show specific advertisements to users who have visited our website. Information about how Google uses personal information for ad personalisation is available here, and you can manage your preferences of advertisement personalisation by following the steps set out here. Information about advertisement preferences on Facebook can be found here, and for Twitter here.
- DATA RIGHTS
At any point you have the following rights:
- Right of access – you have the right to request a copy of the information held about
- Right to withdraw consent – where we rely on your consent as the legal basis for processing, you can withdraw that consent at any time.
- Right of rectification – you have a right to correct data held about you that is inaccurate or incomplete.
- Right to be erasure – in certain circumstances you can ask for the data held about you to be erased from our records.
- Right to object – you have the right to object to certain types of processing, such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right not to be subject to the legal effects of automated processing or profiling.
- Right to data portability – the right in certain circumstances to request that we transfer personal data held to another organisation.
- MAKING A COMPLAINT
If you are unhappy with the way that we have processed or handled your data then you have a right to complain to the Information Commissioner’s Office (ICO). The ICO is the supervisory body authorised by the Data Protection Act 2018 to regulate the handling of personal data within the United Kingdom. The contact details for the ICO are:
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF
Telephone: 0303 123 1113
Website: https://ico.org.uk/concerns/
If you have any questions about the data held please contact our Data Protection Officer,
at: 77 Victoria Street, Westminster London SW1H 0HW
Email: Compliance@Collegegreengroup.com
Please note that proof of identity is required should you choose to exercise any of the above rights in relation to personal data.
We retain the right to update this policy at any time. If there are changes that significantly impact your rights, we will contact you in advance.
Slavery and human trafficking statement
Pursuant to section 54(1) of the Modern Slavery Act 2015 it is College Green Group’s intention to act a as responsible business that meets the highest standards of ethics and professionalism.
College Green Group is committed to ensuring modern slavery is not present in its supply chains and has introduced, and will continue to develop policy and procedures to manage the way it obtains goods and services to keep its supply chains robust.
College Green Group works with many organisations which promote social and ethical awareness of a range of issues, including modern slavery.
College Green Group has a number of existing policies which aim to minimise the risk of modern slavery in our supply chain including: Whistle Blowing Policy, and Corporate Social Responsibility Policy.
College Green Group encourages the reporting of any concerns so that they can be dealt with appropriately in accordance with our policies and procedures.
Anti-bribery and corruption policy
We are committed to maintaining the highest standards of ethical conduct and compliance with anti-bribery and corruption laws. Our policy is designed to prevent bribery and corruption in all forms, whether direct or indirect, by any party, including our employees, contractors, and business partners.
Our policy includes the following key principles:
- Not accepting or offering bribes: We do not accept or offer bribes or any other form of improper payment or inducement in exchange for business or personal gain. We ensure that all transactions are conducted transparently and fairly.
- Due diligence: We conduct due diligence on our employees, contractors, and business partners to ensure that they are reputable and do not pose a corruption risk to our business.
- Gifts and hospitality: We do not offer or accept gifts or hospitality that could be perceived as an attempt to influence business decisions or create a sense of obligation.
- Reporting and investigation: We encourage our employees, contractors, and business partners to report any suspected or actual bribery or corruption. We investigate all reports thoroughly and take appropriate action, including disciplinary action and termination of relationships.
We understand that bribery and corruption can have serious consequences for our business, reputation, and the communities we serve. By adhering to this policy, we aim to promote a culture of integrity, transparency, and accountability in all our operations.
Updated 03/05/2023
Armed Forces Covenant
Supporting the military has been a constant theme throughout our careers at College Green Group. We are delighted to announce that we have now pledged our support through signing the Armed Forces Covenant.
Career Transition Service
To those who proudly protect our nation, and do so with honour, courage, and commitment, the Armed Forces Covenant is the nation’s commitment and promise to you.
It is a pledge that we acknowledge and understand that those who serve or who have served in the armed forces, along with their families, should be treated with fairness and respect in the communities, economy, and society they serve with their lives.
The covenant focuses on helping members of the Armed Forces community to have the same access to government and commercial services and products as any other citizen.
College Green Group will:
- Promote the Armed Forces Covenant, and that we are an armed forces-friendly organisation.
Support the employment of veterans and service leavers. - Offer flexibility in leave for service spouses and partners before, during and after deployment.
- Support reservist employees, allowing leave for training and deployment.
- Offer discounts to members of the armed forces community (and their families) – for training, coaching or consultation services.
Now that we have been fully recognised and have signed the Covenant, we are also eligible for the Defence Employer Recognition Scheme (ERS). The scheme encompasses Bronze, Silver and Gold awards for organisations that pledge, demonstrate and advocate support to Defence and the Armed Forces community.