Lafferty Holdings Ltd and its subsidiaries and affiliated companies, Retail Banking Institute Ltd, Lafferty Global Limited and Lafferty Research Limited,care about your privacy and are committed to processing your personal information in accordance with fair information practices and applicable data privacy laws.
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller's possession or likely to come into such possession. The processing of personal data is governed by the Data Protection Act 1998 and the General Data Protection Regulation 2016/679 (the "GDPR").
In the case of a corporate contract involving registrations with more than one delegate/user/candidate, it is the responsibility of the client to share this data privacy notice with all the parties involved/registered to inform them of their rights and of how their data will be processed.
Lafferty Group will be what's known as the 'Controller' of the personal data you provide to us. We collect personal data about you which does includes name, address, email, phone number, bank details. This means Lafferty Group decides how your personal data is processed and for what purposes.
Lafferty Group complies with its obligations under the Data Protection Act / GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
For Contract customers
Your personal data will be treated as strictly confidential and will be shared only with contacts you have specifically asked us to share data with. We will only share your data with third parties outside of Lafferty Group with your consent.
We store customer and related data in our CRM system, which is an application running on UK-based servers.
For the purposes of IT hosting, backups, cloud services and maintenance this information is located on secure servers in UK and Ireland.
We have a Data Protection regime in place to oversee the effective and secure processing of your personal data which will continue to be monitored.
We have security arrangements in place to guard against unauthorised access, improper use, alteration, destruction or accidental loss of your personal information. Both hard and soft version of the documents containing personal information are safe, and their access is restricted based on our legal obligations, contract requirements and your consent.
We have previously implemented measures and will continue, to prevent our systems from being used by unauthorised persons. This is achieved by having:
Individuals that are granted access to our systems, are only able to access the data that is required to be accessed within their scope of responsibilities and to the extent covered by their respective access permission; and such data cannot be read, copied, modified or removed without specific authorisation. This is accomplished by:
We are required under UK tax law to keep your basic personal data (name, address, contact details) for a minimum of 6 years after which time it will be destroyed if it is no longer required. Your information we use for marketing purposes will be kept with us until you notify us that you no longer wish to receive this information.
Your rights and your personal data
Unless subject to an exemption under the Data Protection Act / GDPR, you have the following rights with respect to your personal data:
To exercise all relevant rights, queries of complaints please in the first instance contact the Data Protection Officer, Lafferty Group by email at: email@example.com.
All data breaches (accidental disclosures/losses of personal data) MUST be reported to the Data Protection Officer, firstname.lastname@example.org as soon as the breach has been discovered so that appropriate measures can be taken to recover the data and limit any damage. The Lafferty Group is obliged to report any breaches to the Information Commissioner Office (ICO) within 72 hours.
You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.
The following kinds of information may be collected on this site in order to better understand your needs and to provide you with a better service:
a. Information about your computer, your visits and your use of this website. This may include your computer's IP address, its geographical location, your browser type and version, your computer operating system, the referral source, the length of visit, the number of page views and your navigation of the website.
b. Information relating to transactions carried out on this website including information relating to the purchase of goods or services.
c. Information that you provide for the purpose of registering to use services on this website and/or in order to subscribe to our website services such as email notifications and newsletters.
d. Any other information that you specifically choose to send to Lafferty Group.
This website may use 'session' cookies, 'persistent' cookies and 'third-party' cookies including 'Google cookies'.
a. Session cookies
Session cookies help Lafferty Group to track your use of this website as you navigate the pages. Session cookies are automatically deleted from your computer when you close your browser.
b. Persistent cookies
Persistent cookies enable Lafferty Group to recognise you when you make a return visit and may be used to register any preferences set on previous visits. Persistent cookies will remain stored on your computer until they are deleted or until they reach a specified expiry date.
c. Third-party cookies
d. Google cookies
This website may contain links to other websites. Please note that Lafferty Group has no control over other websites and Lafferty Group cannot be held responsible for the protection and privacy of any information which you provide whilst visiting such sites.