Anderson Orr Architects is committed to protecting your privacy. This statement applies to all information collected or submitted by Anderson Orr Architects Ltd and is designed to provide you with details of how we collect and process your personal data regarding the General Data Protection Regulation, (GDPR) and the UK Data Protection Bill 2017.
Anderson Orr Architects Ltd is the data controller therefore responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice
- What information we collect and why we collect it.
- How we use that information.
- The choices we offer, including how to access and update information.
We’ve tried to keep it as simple as possible, but if you’re not familiar with terms, such as cookies, IP addresses, pixel tags and browsers, then read about these key terms first.
INFORMATION THAT WE COLLECT
We collect information to provide better services to our customers and in some cases the information is collected specifically to enable us to carry out our services.
We collect information in the following ways:
INFORMATION YOU GIVE US
For example, signing up to use a service or contracting us to act on your behalf. In such instances you may be subscribed to services that will provide you with updates and information which is relevant to this service. We will always tell you when this happens.
Subscribing to our newsletters, blogs and marketing services
requires you to expressly opt to join that mailing list. When you do, we’ll ask for personal information, like your name, email address or telephone number.
Information we get from your use of our services
We sometimes collect information about the services that you use and how you use them, like when you accessed a service such as our website.
Information we need to supply our services
Some of our services require us to store personal information such as name, email, telephone numbers and other contact details. This information is required to identify you and the services that you have purchased. This information includes:
When you use our services or websites, we may collect and store certain information in server logs. This includes:
- Internet protocol address
- device information, such as browser type, browser language, the date and time of your request and referral URL.
- Cookies that may uniquely identify your browser
COOKIES AND SIMILAR TECHNOLOGIES
We and our partners use various technologies to collect and store information when you visit a website, and this may include using cookies or similar technologies to identify your browser or device. We also use these technologies to collect and store information when you interact with services to improve services, track use of services and customise content.
For more information about how you can access, manage or delete information that is associated with your Account, visit the ‘Your Legal Rights’ section of this policy.
HOW WE USE INFORMATION THAT WE COLLECT
We use the information we collect from all our services to provide, maintain, protect and improve them, to develop new ones and to protect Anderson Orr and our users from fraudulent use. We also use this information to offer you tailored content – like giving you more relevant information relating to your project.
When you contact Anderson Orr, we may keep a record of your communication to help solve any issues you might be facing and ensure our services are appropriately directed. We may use your email address to inform you about our progress in dealing with projects or to inform you about services, such as letting you know about upcoming changes or improvements.
We use information collected from cookies and other technologies to improve your user experience and the overall quality of our services.
We may combine personal information from one service with information, including personal information, from other services – for example, to make it easier to provide support across the different departments.
Anderson Orr processes personal information on our servers in EU data centres or with cloud providers providing GDPR compliant EU hosting. We may process your personal information on a server located outside the country where you live.
We do not transfer your personal data outside the European Economic Area unless it is required of us or we have your consent to do so. Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria unless additional safeguards are put in place by us. We will advise you should it require to transfer your data outside the EEA.
Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; or
- Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe; or
- Where we use providers based in the United States, we may transfer data to them if they are part of the EU-US Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
Please email us at email@example.com if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes. In some circumstances you can ask us to delete your data: see below for further information.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
YOUR LEGAL RIGHTS
People have different privacy concerns. Our goal is to be clear about what information we collect, so that you can make meaningful choices about how it is used.
For example, you can:
• Request access to your personal data.
• Request correction of your personal data.
• Request erasure of your personal data.
• Object to processing of your personal data.
• Request restriction of processing your personal data.
• Request transfer of your personal data.
• Right to withdraw consent.
You can see more about these rights at:
If you wish to exercise any of the rights set out above, please email us at firstname.lastname@example.org
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
You may also set your browser to block all cookies, including cookies associated with our services or to indicate when a cookie is being set by us.
To discuss your use of data or report a potential breach you can contact our Data Protection Officer at the contact details provided at the end of this policy.
INFORMATION THAT WE SHARE
We do not share personal information with companies, organisations and individuals outside of Anderson Orr unless one of the following circumstances applies:
WITH YOUR CONSENT
We will share personal information with companies, organisations or individuals outside Anderson Orr when we have your consent to do so. We require opt-in consent for the sharing of any sensitive personal information
For legal reasons We will share personal information with companies, organisations or individuals outside Anderson Orr if we have a belief in good faith that access, use, preservation or disclosure of the information is reasonably necessary to:
- meet any applicable law, regulation, legal process or enforceable governmental request.
- enforce applicable Terms of Service, including investigation of potential violations.
- detect, prevent or otherwise address fraud, security or technical issues.
- protect against harm to the rights, property or safety of Anderson Orr, our users or the public, as required or permitted by law.
We may share non-personally identifiable information publicly and with our partners – like publishers, advertisers or connected sites. For example, we may share information publicly to show trends about the general use of our services.
We work hard to protect Anderson Orr and our users from unauthorised access to or unauthorised alteration, disclosure or destruction of information that we hold. In particular:
- We encrypt many of our services using SSL.
- We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorised access to systems.
- We restrict access to personal information to Anderson Orr’s employees, contractors and agents who need to know that information to process it for us and who are subject to strict contractual confidentiality obligations. They may be disciplined, or their contract terminated if they fail to meet these obligations.
COMPLIANCE AND COOPERATION WITH REGULATORY AUTHORITIES
When we receive formal written complaints, we will contact the person who made the complaint to follow up.
We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that we cannot resolve with our users directly.
DATA PROTECTION OFFICER
Anderson Orr’s Data Protection Officer Neil Perry, can be contacted via email at email@example.com
What's a cookie?
A "cookie" is a piece of information that is stored on your computer's hard drive and which records how you move your way around a website so that, when you revisit that website, it can present tailored options based on the information stored about your last visit. Cookies can also be used to analyse traffic and for advertising and marketing purposes.
Cookies are used by nearly all websites and do not harm your system.
If you want to check or change what types of cookies you accept, this can usually be altered within your browser settings. You can block cookies at any time by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.
Cookies are either:
- Session cookies: these are only stored on your computer during your web session and are automatically deleted when you close your browser – they usually store an anonymous session ID allowing you to browse a website without having to log in to each page, but they do not collect any personal data from your computer; or
- Persistent cookies: a persistent cookie is stored as a file on your computer and it remains there when you close your web browser. The cookie can be read by the website that created it when you visit that website again. We use persistent cookies for Google Analytics.
Cookies can also be categorised as follows:
- Strictly necessary cookies: These cookies are essential to enable you to use the website effectively, such as when buying a product and / or service, and therefore cannot be turned off. Without these cookies, the services available to you on our website cannot be provided. These cookies do not gather information about you that could be used for marketing or remembering where you have been on the internet.
- Performance cookies: These cookies enable us to monitor and improve the performance of our website. For example, they allow us to count visits, identify traffic sources and see which parts of the site are most popular.
- Functionality cookies: These cookies allow our website to remember choices you make and provide enhanced features. For instance, we may be able to provide you with news or updates relevant to the services you use. They may also be used to provide services you have requested such as viewing a video or commenting on a blog. The information these cookies collect is usually anonymised.