Who we are
Our website address is: http://www.aresriskmanagement.com.
This policy covers all data that is shared by a visitor with us when visiting our website or when contacting us directly by email or by phone. This policy has been created by the Cyber Division & Senior Management of Ares Risk Management Limited and is occasionally updated by us, to reflect changes in Data Protection & Online Privacy Legislation, therefore, we suggest you review this page from time to time.
This policy provides an explanation as to what happens to any personal data that you share with us, or that we collect from you either directly via this Website, by phone or via email.
We are required under the Data Protection Act 1998 and General Data Protection Regulation 2016 to have a data controller. For the purpose of the Data Protection Act 1998 and General Data Protection Regulation 2016 our data controller is Anna M Heim and can be contacted via email at firstname.lastname@example.org.
What personal data we collect and why we collect it
When visitors leave comments on the site (in our blog) on our we collect the data shown in the comments form. This data might include the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
We do not use contact forms on our website and invite you to either phone or email us with your service requests or enquiries.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behave in the exact same way as if the visitor has visited the other website.
Who we share your data with
In the main we do not share your data, unless it is absolutely necessary to do so in order to providing our services to you. In situations where this might be the case this will be clearly and fully explained in your contracted services agreement with us. Your service contract explains what data we might have to share, why we might have to share it and how your data might be shared.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
If you sign up to our mailing list, you will find an Unsubscribe link in the footer of every email we send. You are free to unsubscribe from our mailing list at any time. The minute you unsubscribe your name and email address will automatically and instantly be removed from the list.
If you have purchased services from us the data retention period will be indicated in the Data Retention & Deletion Section of your contract with us. Please refer to your contact or contact us directly by email quoting the Service or Project Reference for more information. [email@example.com]
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
In addition all our clients, subcontractors and suppliers have the following rights to their data under the GDPR:
- the right to access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to object to processing;
- the right to data portability;
- the right to complain to a supervisory authority; and
- the right to withdraw consent.
Should you at any time wish to exercise your data rights please email us with your request at: firstname.lastname@example.org
Where we send your data
With the exclusion of visitor comments which may be checked through an automated spam detection service; we don’t send your data anywhere, we keep it safely and securely on our in-house systems or locked away in hard-copy in our filing cabinets.
Your contact information
If you have left a comment on our website which has been approved for publication in addition to the body of your comment, your published entry may include the user name you created when you registered to leave the comment.
If you email us directly we will keep your name, email address and any other contact details you have provide in a secure manner on our systems so that we can respond to your enquiry efficiently and effectively.
If you phone us with a service enquiry, we will ask you for your name, phone or mobile number and email address so that we can respond and deal with your service enquiry efficiently and effectively.
If you sign up to our mailing list, we will collect your name and email address only.
How we protect your data
Website: We utilise SiteLock security on our website as provided with advanced threat detection to protect the integrity of our website and any personal data you might submit when you choose to register to leave comments.
Mailing List: We have done our due diligence and trust Mailchip to protect you data in accordance with the highest standards in Cyber security – you can find out more about MailChimp’s Cyber Security measures here https://mailchimp.com/about/security/
Internal Systems: Ares Risk Management utilises CyberSmart Technologies, the guideline offered by UK’s Cyber Essentials Certification Scheme and advance Firewall and file-locking systems to protect any and all data which we might store and process on our internal computer systems.
What data breach procedures we have in place
In the event of a data breach you and the UK Regulatory Authority (The Information Commissioners Office) will be notified within 72 hours of such an event occurring and provided with detailed information on what happened, how it happened and what we have or are doing to put things right and what steps you might need to take (if any).
What third parties we receive data from
We do not accept personal data from third parties unless they can prove they have a contractual agreement with you and you have consented to them sharing your data with us.
What automated decision making and/or profiling we do with user data
Ares Risk Management does not undertake any automated decision making neither do we use any data you might provided to us for profiling.
Industry regulatory disclosure requirements
Ares Risk Management is Registered with the Information Commissioners Office. Our Registration Number is: ZA110791
Ares Risk Management is a Limited Company Registered in England & Wales, our Registered address is: Donnington House, 33 High Street, Shoeburyness, Southend-on-Sea. Essex SS3 9AW UK our Company Registration Number is: 09456375
All our Consultants & Operators are Licenced & DBS checked by the Security Industry Authority (SIA).
Our contact details are in the footer of every page on this website.
Updated: 01 May 2018