Privacy Policy & Data Protection
Everything you need to know about how we treat your data
Scroll for more info
Everything you need to know about how we treat your data
Scroll for more info
At Quarterdeck we take privacy and security incredibly seriously and we're delighted that lawmakers are finally catching up to the values and standards we've long held ourselves.
Rest assured that we take curation of your data as seriously as if it were our own.
We support not only the letter of the law of the General Data Protection Regulation and others but also its spirit and will ensure all services not only comply with its ordinances but go beyond where we feel more security and privacy is required.
Not only is it an important step in protecting the fundamental right of privacy for European citizens, it also raises the bar for data protection and security.
We do everything within our power and intellect to ensure we comply with the law in whichever jurisdictions are appropriate.
This privacy policy is a living document and we will ensure that it is always as up to date as possible and that our policies are continually reviewed to ensure the highest possible standards.
If you have any questions or requests not covered by this privacy policy please contact Kris Northfield, Operations Director, who is the appointed Data Protection Officer.
We have tried as hard as possible to make this privacy policy friendly and understandable but as a business person yourself you will know that there is a certain amount of legalese required in order that we provide the best possible legal cover to our customers, employees, suppliers and ourselves.
Data is only ever collected in service of providing our customers with the best possible experience. We will only use your personal information to administer the relationship you have with us and to provide the products and services you have requested from us.
Our business model is based on providing the best possible service to our clients and as such we only ever collect and use the minimum amount of data required to delight and exceed your expectations.
Information is collected by Quarterdeck Ltd via any of its employees or agents. An agent is a person or legal entity not directly employed by us but contracted to fulfil part of our operating procedures. Any employees/agents working on our behalf are always fully audited and/or briefed about data security and to ensure they are compliant with data protection standards we uphold and laws in the jurisdictions in which we operate or which cover citizens with which we operate.
We live in a complicated world and we can stumble across information about companies and people in a thousand places.
Like all companies in the world we use analytics software to guide the development of our website to ensure it's providing the best possible experience to users and that any errors and bugs are found and fixed as quickly as possible. This is standard operating procedure across the globe, your website will be collecting exactly the same information.
The data collected by analytics software can include: pages viewed, time spent viewing pages, buttons clicked, links clicked etc.
Data could be collected via any communication channel including (but not limited to): email, phone, website, verbal, camera, hand writing and publicly available information from sources including: your website, social media profiles, third party websites, search engines, newspapers etc.
For a full list of data being collected please refer to the section "What information is collected?"
Data will be used to fulfil our contractual obligations to provide you with a product or service in a transactional manner.
As said previously, we like to go beyond purely transactional relationships to exceed expectations and provide meaningful experiences. For legal purposes this could be described as "segmenting" or "personalisation".
We occasionally profile data in aggregate to test or validate the design of services or for research purposes.
We don’t keep data around if there is no point, we don’t hoard data for no reason and of course we don’t retain it if there is no lawful basis. We will retain data until we no longer require it in the execution of our duties or it is requested to be deleted by the data subject.
Please contact the appointed Data Protection Officer identified in the summary of this document if you wish to exercise any of your rights under GDPR or any other relevant regulations, for example if you wish to:
They will deal with your request expeditiously.
We will never share or sell your data to any third parties.
Here is a breakdown of the information we might store.
As part of our standard operating procedures we will retain the data needed to execute the contract we have agreed with a client. This may include: name, name of company, address of company, email, phone number, industry of company, behaviours, attitude and any other areas you identify you need to work on, survey results regarding the course in which you are a participant, feedback you provide about our performance or photographs of our events which you attend.
None of our analytics software records any personal information.
For details review the documentation of our analytics provider, Fathom.
As described in the "Why is it being collected?" & "How is it collected?" sections the information you send us via email is essentially totally open ended and infinite. People are free to send us all kinds of sensitive data about themselves which on the surface is innocent but may reveal personal information.
There is literally no limit to this and therefore impossible to scope within this privacy policy.
Please be assured that our staff are trained to deal with sensitive data with the highest possible standards of privacy and security and treat it as though it were their own.
For more technical information about how our email is handled review the policies of our email service providers: Fastmail and Mailgun.
Like any sophisticated modern business we make use of internet providers and cloud services to enable us to give our customers the best possible experience. We choose providers who have a strong commitment to privacy and stay away from services whose business practices rely on data harvesting (e.g. Google, Facebook). We complete a full privacy audit of all our Data Processors in order to ensure they live up to and operate under our high standards.
We use Digital Ocean for provision of VPS to host our websites and web apps. We use a Digital Ocean data centre located in the United Kingdom.
We use FastMail for hosting our corporate (@quarterdeck.co.uk) email. FastMail is an Australian company.
We use Postmark for automated transactional emails. Postmark is service from Wildbit LLC, an American company.
We use a Synology NAS as our office file server and Synology C2 as an offsite backup mechanism.
Our data centre is located in Frankfurt and meets the high privacy standards required by EU regulations. The security of data being transmitted and stored on C2 can be ensured with the support of our rigorous encryption technologies.
We use Flare and Fathom for website analytics and bug catching. Flare is run in the EU and Fathom is Canadian.
All our company devices have full-disk encryption using XTS-AES-128 encryption with a 256-bit key and are protected with passphrase, passcodes or biometric measures to prevent unauthorised access.
© Quarterdeck Ltd • Company No. 09296060