0207 370 0027 info@bbfi.org.uk

BBFI CIC Privacy Policy

This privacy policy was last updated on 3rd December 2020

Who we are

BBFI CIC is a Community Interest Company offering specialist investigation services to the public sector. We specialise in Blue Badge and Social Housing misuse and government employee fraud.

What is the purpose of this policy?

To let our customers and website visitors know the following:
o What personal data we collect when you visit our website
o How we use your personal data
o How we make sure your privacy is maintained
o Your legal rights regarding data collection, storage and deletion

What is personal data?

Personal data is anything that discloses your identity; that is unique to you. For a more detailed breakdown of what constitutes personal data, please visit this page: https://eugdprcompliant.com

What personal data do we collect?

We collect personal data if you fill out a contact form or email us directly. Some plugins used on the site automatically collect data which is classified in the GDPR as ‘Personal Data’.

Personal Data – Contact Forms and Email

Personal data we collect from direct emails or from our contact forms may include the following:
o First Name
o Last Name
o Email Address
o Date of birth
o Address
o Phone Number

Personal Data – Cookies, Analytics and Plugins

Some plugins such as social media plugins, performance plugins (e.g. caching engines), and Google Analytics collect data via automated methods. Please view our Cookie Policy page for further details of which cookies this site runs and how to control them.

The data collected by these plugins may include:
o Your IP address (An IP address is a number that can uniquely identify a specific computer or other network device on the internet).
o Browser type
o Search engine used (if applicable)
o System type (type of computer or device)
o The content and pages that you access on our website
o The frequency and duration of your visits to our website
o The “referring URL” (i.e., the page from which you navigated to our website)
o Cookie information

The GDPR states that IP addresses should be considered personal data as they enter the scope of ‘online identifiers’.

The information collected in this automated manner can be used to:
o Speed up performance and improve user experience
o Analyse your use of our website
o Allow users to like and share content on social media
o Analyse our website’s performance

How do we use your personal data?

We use the information you give us to contact you directly about any important news or information. Other data collected is used to analyse our website’s performance and improve your user experience.

Do we share your data with third parties?

Technically some of what the GDPR classifies as personal data collected by us is shared with third parties in conjunction with our mailing list, website analytics and our website’s functionality.

Also, please see our note in Personal Data – Cookies, Analytics and Plugins about how IP addresses (classed by the GDPR as personal data) may be automatically collected and used by third party plugins on this website.

We do not share your details with third parties for any purpose other than to provide you with direct marketing from us, to understand how you are using our website and to improve your user experience.

We will never sell your data to any marketing companies.

Data Security – protecting your privacy

We protect personal data with appropriate security.

All of our data stored on computers is protected by technical security such as firewalls, anti-virus software and passwords.

We understand the importance of data security and what procedures should be followed in case of a data security breach.

Our website has an SSL certificate and powerful security software to protect and secure your connection.
Our email clients are configured to use secure email connections.

Security breaches – our security procedure

Under GDPR law, if personal data has been put at risk we are required to report the breach to the Information Commissioners Office within 72 hours.

Certain types of data breach do not need to be reported if they are considered harmless and poses no risk to individual data.

If a breach is considered high-risk, we will inform all individuals who are impacted right away. We will do this via direct email or telephone depending on your contact preferences.

Your legal rights regarding data collection, storage and deletion

The GDPR includes the following rights for individuals or ‘data subjects’:
o The right to be informed
o The right of access
o The right to rectification
o The right to erasure
o The right to restrict processing
o The right to data portability
o The right to object
o The right not to be subject to automated decision-making including profiling

Requests for amendments, copies or deletion

If you would like us to update or delete any details we hold about you, or would like a copy of your personal data, simply send a request via email to info@bbfi.org.uk

In accordance with the GDPR, any requests for amendments, deletion or copies of data will be fulfilled within 30 days (though usually much quicker).

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Links to other websites

This privacy policy is for this website only and does not cover any other sites that we link to. If you have questions about how another website uses your information, you’ll need to check that site’s privacy statement.

Access to previous privacy policies are available on request. Please email info@bbfi.org.uk