GDS Group Limited (GDS) head office is located at the following address:
Bristol (Head Office)
Queen Square House
18-21 Queen Square
Under the EU’s General Data Protection Regulation (“GDPR”): Personal Data is defined as “any information relating to an identified or identifiable natural person (‘data subject’); by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
The Data Controller
The Data Controller is the individual and/or legal entity responsible for the processing of personal data in paper or electronic files. GDS is the data controller as defined by relevant controls data protection laws and regulation.
The lawful bases for processing are set out in Article 6 of the GDPR. At least one of these must apply whenever personal data is to be processed:
- Consent: you have given GDS clear consent for your personal data to be processed for a specific purpose.
- Contract: the processing is necessary for a contract you have with GDS has asked you to take specific steps before entering into a contract.
- Legal obligation: the processing is necessary for GDS to comply with the law (not including contractual obligations).
- Vital interests: the processing is necessary to protect someone’s life.
- Public task: the processing is necessary for GDS to perform a task that is in the public interest or for its official functions, and the task or function has a clear basis in law.
- Legitimate interests: the processing is necessary for GDS legitimate interests, or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data that overrides those legitimate interests.
- The right of access
- The right to rectification
- The right to erasure or right to be forgotten
- The right to restriction of processing
- The right to be informed
- The right to data portability
- The right to object
- The right not to be subject to a decision based solely on automated processing
You can exercise your right to prevent processing by contacting us at email@example.com.
Information we may collect from you:
We may collect personal information from you in the following ways:
- When you make a phone call or send an e-mail to seek information about our services;
- Recruitment and employment;
- When you have made a referral or been referred to us via any method whether directly or indirectly;
- You have used our services or benefited from our services in any ways;
- Through our use of the Cookies on our website (please see the Cookies section below);
- Through your request for publications and other marketing materials;
- Through your request for information about our services and related topics and events;
- Through your registration for events;
- Through making a purchase online;
- Through reservations
- Through you contacting us with enquiries and comments
If you take one the steps mentioned above, we may collect and process personal information about you such as:
- Your name, address, email address and other contact information;
- Records of your correspondence with us, if you have contacted us;
- Health data;
- Details of your visit to the website;
- Multimedia files such as photographs and video footages;
- Information about your service user experiences and
- Any other information provided to us when you contacted us for using our services
- Information others may share with us about you
We never buy personal data from third parties or trade data with other companies. However, there are times when we must collect debt and we may share your information with our appointed debt collection agents.
We will share your personal data with our group companies and or partners (including those based outside the EEA) where it is in our legitimate interests to do so.
Where we store your personal data:
The data that we collect from you will be processed at our servers in the UK. It may also be processed by organisations operating in the EEA that GDS has instructed.
If Personal Data is transferred outside the UK or EEA to a country without a designated adequacy rating GDS will request the data subject’s consent before processing the data, unless the Processor’s Binding Corporate Rules and/or Model Clauses, stipulate that the data will be processed in accordance with GDPR.
Third party sites
Our Site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Uses made of the information:
We will process any of your personal data, in accordance with our obligations under applicable data protection laws and regulations, for the following reasons: to provide you with the services you have requested; to comply with applicable laws and regulations; for administrative purposes; to assess enquiries; and to provide you with information about us and our services. If, at any time, you do not wish to receive further information about us and our services, contact us at firstname.lastname@example.org.
How long we keep your information:
We retain the personal data processed by us in a live environment for as long as is considered necessary for the purpose(s) for which it was collected (including as required by applicable law or regulation.
In addition, personal data may be securely archived with restricted access and other appropriate safeguards where there is a need to continue to retain it.
Disclosure of your information:
We may disclose your personal information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply any agreements; or to protect the rights, property, or safety of GDS, or others.
GDS may collect information about your computer, including where available your IP address, operating system and browser type, for system administration. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.
Any complaints about our use of personal data, please send an email to email@example.com. You also have the right to lodge a complaint with the UK data protection regulator, the Information Commissioner’s Office (“ICO”) at https://ico.org.uk/concer
Information Commissioner’s Office
Tel: 0303 123 1113 (local rate)