Loading…

Privacy Policy

Privacy Policy

Who we are

Our website address is: http://www.aresriskmanagement.com.

This website is the property of Ares Risk Management Limited. We take the privacy of all visitors to this Website very seriously. In this privacy and cookies policy we have set out our position regarding certain privacy matters and the use of cookies on this Website.

This policy covers all data that is shared by a visitor with us when visiting our website or when contacting us directly by email or by phone.  This policy has been created by the Cyber Division & Senior Management of Ares Risk Management Limited and is occasionally updated by us, to reflect changes in Data Protection & Online Privacy Legislation, therefore, we suggest you review this page from time to time.

This policy provides an explanation as to what happens to any personal data that you share with us, or that we collect from you either directly via this Website, by phone or via email.

We are required under the Data Protection Act 1998 and General Data Protection Regulation 2016 to have a data controller. For the purpose of the Data Protection Act 1998 and General Data Protection Regulation 2016 our data controller is Anna M Heim and can be contacted via email at info@areriskmanagement.com.

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site (in our blog) on our we collect the data shown in the comments form. This data might include the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

We do not use contact forms on our website and invite you to either phone or email us with your service requests or enquiries.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behave in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

We use Google Analytics to understand how visitors use our website. The analytics data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of service use. The legal basis for this processing is consent  and our legitimate interests, namely monitoring and improving our website and services. You can read Google’s Privacy Policy here: https://policies.google.com/privacy

Who we share your data with

In the main we do not share your data, unless it is absolutely necessary to do so in order to providing our services to you. In situations where this might be the case this will be clearly and fully explained in your contracted services agreement with us. Your service contract explains what data we might have to share, why we might have to share it and how your data might be shared.

When you sign up to to our Mailing List, you will be asked to provide us with your name and your email address which will be stored with our Mailing List Service Provider, MailChimp. Mailchimp is a US based service provider and data sharing is undertaken in line with the EU-US Privacy Shield Framework.  You can read Mailchimps’ Privacy Policy here: https://mailchimp.com/legal/privacy/

When you purchase one of our online training courses or purchase tickets to one of our Workshops, Seminars or Events, we use PayPal to transact your payments. When using PayPal for this purpose you have the choice to sign-up for a PayPal account, use your PayPal account if you are a pre-existing user of the PayPal Service or use PayPal as a “one-time-only” service. PayPal have their own Privacy Policy which can be found here:  https://www.paypal.com/en/webapps/mpp/ua/privacy-full

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

If you sign up to our mailing list, you will find an Unsubscribe link in the footer of every email we send. You are free to unsubscribe from our mailing list at any time. The minute you unsubscribe your name and email address will automatically and instantly be removed from the list.

Transaction data which is processed for us by PayPal will be downloaded to our secure systems and retained for 7-years in accordance with UK Tax Law. PayPal will retain the transaction data they have processed on our behalf in accordance with Banking and Financial Regulations which are detailed in their Privacy Policy https://www.paypal.com/en/webapps/mpp/ua/privacy-full

If you have purchased services from us the data retention period will be indicated in the Data Retention & Deletion Section of your contract with us. Please refer to your contact or contact us directly by email quoting the Service or Project Reference for more information. [info@aresriskmanagement.com]

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

In addition all our clients, subcontractors and suppliers have the following rights to their data under the GDPR:

  1. the right to access;
  2. the right to rectification;
  3. the right to erasure;
  4. the right to restrict processing;
  5. the right to object to processing;
  6. the right to data portability;
  7. the right to complain to a supervisory authority; and
  8. the right to withdraw consent.

Should you at any time wish to exercise your data rights please email us with your request at: info@aresriskmanagement.com

Where we send your data

With the exclusion of visitor comments which may be checked through an automated spam detection service; we don’t send your data anywhere, we keep it safely and securely on our in-house systems or locked away in hard-copy in our filing cabinets.

Your contact information

If you have left a comment on our website which has been approved for publication in addition to the body of your comment, your published entry may include the user name you created when you registered to leave the comment.

If you email us directly we will keep your name, email address and any other contact details you have provide in a secure manner on our systems so that we can respond to your enquiry efficiently and effectively.

If you phone us with a service enquiry, we will ask you for your name, phone or mobile number and email address so that we can respond and deal with your service enquiry efficiently and effectively.

If you sign up to our mailing list, we will collect your name and email address only.

Additional information

How we protect your data

Website: We utilise SiteLock security on our website as provided with advanced threat detection to protect the integrity of our website and any personal data you might submit when you choose to register to leave comments.

Mailing List: We have done our due diligence and trust Mailchip to protect you data in accordance with the highest standards in Cyber security – you can find out more about MailChimp’s Cyber Security measures here https://mailchimp.com/about/security/

Internal Systems: Ares Risk Management utilises CyberSmart Technologies, the guideline offered by UK’s Cyber Essentials Certification Scheme and advance Firewall and file-locking systems to protect any and all data which we might store and process on our internal computer systems.

What data breach procedures we have in place

In the event of a data breach you and the UK Regulatory Authority (The Information Commissioners Office) will be notified within 72 hours of such an event occurring and provided with detailed information on what happened, how it happened and what we have or are doing to put things right and what steps you might need to take (if any).

What third parties we receive data from

We do not accept personal data from third parties unless they can prove they have a contractual agreement with you and you have consented to them sharing your data with us.

What automated decision making and/or profiling we do with user data

Ares Risk Management does not undertake any automated decision making neither do we use any data you might provided to us for profiling.

Industry regulatory disclosure requirements

Ares Risk Management is Registered with the Information Commissioners Office. Our Registration Number is: ZA110791
Ares Risk Management is a Limited Company Registered in England & Wales, our Registered address is: Donnington House, 33 High Street, Shoeburyness, Southend-on-Sea. Essex SS3 9AW UK our Company Registration Number is: 09456375
All our Consultants & Operators are Licenced & DBS checked by the Security Industry Authority (SIA).
Our contact details are in the footer of every page on this website.

 

Updated: 01 May 2018