Who we are
The DD Group is committed to maintaining the highest standards of customer service and working in partnership with you to understand your business. The information you provide to us is an essential component of that partnership and we are committed to using it only for clearly described purposes and in accordance with your data protection rights.
We are committed to complying with data protection laws so that the personal information we collect about you is relevant to the purposes we have told you about and is:
collected and used lawfully, fairly and in a transparent way;
accurate and up to date;
kept securely and only for so long as needed for those purposes.
If you have any concerns, questions or requests concerning this policy or the information you share with us, then in the first instance please contact:
Saul Stevens, DD Group, 6 Perry Way, Witham, Essex, CM8 3SX
The information we collect from or about you and the uses we make of it
Information we need when taking an order, enquiry or membership application from you and/or to satisfy any contract we subsequently enter into with you. This will or, according the products/services you order or enquire about, may include:
- Contact details – name(s), address(es), telephone number(s), email addresses;
- Sales and Service information - relating to orders, products and services provided, invoices raised and payments made;
- Credit and anti-fraud information – copies of documents you provide, or entries in registers we search, to establish your identity and/or creditworthiness, bank details, credit reports;
- Details of your professional membership(s), including membership identification number(s), currency of GDC registration, practising or other certificates;
- Information about your practice, for example information related to equipment or for the purposes of compliance-related action plans.
Information about you that is necessary for our legitimate interests and purposes, including:
- Marketing our services and keeping you and your practice informed of new products and services;
- Managing our relationship with you and your practice, including: notification of changes to terms and conditions, this policy, or to third party providers; organising usage and satisfaction surveys; collecting and collating feedback in relation to training we provide to you and/or your practice; competitions; product and service reviews;
- Maintaining the systems that support or are integral to our services, including: security and safeguarding; billing; fraud prevention; reorganisation and general administrative purposes.
Information we are required to obtain, keep, process and/or share to meet our legal obligations, including any imposed by relevant regulatory bodies.
People with whom we may share your information
We offer a wide range of services to our customers to support them in meeting aspects of their professional, business and compliance needs. Many of these services are provided in partnership with specialist advisers and providers and for those purposes it is necessary or helpful to share your information with them. We provide you with a list of these providers at the time of entering into a contract with you and will keep you informed of any changes we may make to that list from time to time.
We may also share your information with other members of the DD group of companies. This will happen where:
- aspects of customer service or product provision to you are undertaken by another group company on our behalf;
- we wish to make you aware of additional or complementary services/products relevant to you but provided by another group company;
- accounting, marketing, information technology or other business systems are provided or managed by another group company on our behalf; or
- any aspect of customer service or product provision to you is transferred to another group company due to group reorganisation.
When we share your information with these third parties, we do so in accordance with this policy and our duties under the data protection legislation.
Storage and retention
We ensure there are systems in place designed to prevent unauthorised access, use, or disclosure of your information and to protect it against loss or accidental destruction. Like many businesses we store information using cloud-based technologies, which means that your information may be stored on computers that are not physically located on our premises. In most such cases these are located in the European Economic Area (‘EEA’). Where they are not, e.g. Google Cloud, we ensure through the use of contracts and security reviews that a similar degree of legal and physical protection is given to your information as would be given to it when stored in the EEA.
We retain your information only for so long as is:
- necessary to serve the purposes for which we collected it e.g. for managing and developing the ongoing business relationship between us; or
- required by law or regulation, e.g. for tax and accounting purposes
Where your information has been anonymised so that it can no longer be associated with or serve to identify you, we may keep that information for research or statistical purposes and for longer periods.
Cookies allow us to add important site functionality so that you don’t have to re-enter the same information as you navigate around or revisit our website. They help us to remember which links and pages have been visited in a browsing session and, where you have provided personal information in an on-line contact or application form, to identify and record what is most relevant to you.
Your right of access to the personal information we hold about you.
You have the right to ask for a copy of any personal information we hold about you and to ask that any inaccurate information we hold about you is corrected.
You also have the right to ask us to remove any personal information about you if there is no longer a valid reason for our continuing to process it, or to restrict the processing of it while we investigate the accuracy of the information and/or our right to continue to hold it.
Where personal information we hold about you is collected and used on the basis of your consent, rather than for the necessary purposes of managing your account with us or on another lawful basis, you have the right to withdraw that consent and to notify us accordingly.
In certain circumstances, you can ask for personal information we hold about you, and which is processed in an automated way for the purposes of performing a contract with you, to be transferred to another party. This is referred to as ’data portability’.
Where, following a request, we are not able for specific legal reasons to provide you with copies of your personal information or to erase such information, we will advise you of that and provide those reasons.
If at any time you are unhappy with our responses to requests concerning your personal information, you have the legal right to lodge a complaint with the Information Commissioner’s Office (ICO).
Further information about your legal rights under the data protection legislation can be found on the website of the ICO: https://ico.org.uk/your-data-matters