The ICG is an information technology company and our core business relates to enterprise software systems development (our ‘Services’). For the purposes of data protection law and for the vast majority of personal data processing, we are a data processor acting upon the instructions of our clients (‘Clients’). However, in certain circumstances we also act as a data controller. This Policy addresses personal data processing we carry out in these circumstances.
By submitting personal data to ICG you acknowledge and accept the practices described in this Policy. We will endeavour to bring this Policy to your attention every time we ask for your personal information. We will seek your specific consent whenever this is required.
The following table summarises the types of data processing activities we undertake in relation to personal information subject to this Policy:
Information we process
Purposes for Processing
Legal Basis for Processing
Publicly available information
To contact businesses to enquire whether they are interested in using our Services
Our legitimate interests, namely the pursuit of our own marketing and business development efforts
Any information you provide to us, such as names, contact details, occupation, purchase history, etc.
1. To help deliver our Services by:
2. To deliver promotional materials when:
3. To publish testimonials.
Information you generate when you visit our website
Our legitimate interests, namely monitoring and improving our website and services, and your consent whenever required
Purposes for Processing
Legal Basis for Processing
Companies within the ICG (including affiliates and ultimate beneficial owners)
To facilitate the provision and promotion of the Services and to monitor business development.
The performance or negotiation of the contractual relationship between us and our Clients, our legitimate interests, namely the pursuit of our own marketing and business development efforts, and your consent whenever required
Suppliers, such as CRM systems and marketing agencies
To facilitate the provision and promotion of the Services.
The performance or negotiation of the contractual relationship between us and our Clients and our legitimate interests, namely the pursuit of our own marketing and business development efforts
Professional advisors, such as accountants and solicitors
Only when necessary, limited to what is necessary.
Our legitimate interests, namely the proper administration of our business, or fulfilling our legal obligations or in relation to enforcing or defending legal claims.
Competent authorities, such as regulatory authorities, the Police and HMRC
Only when compelled to and/or when under an obligation to do so.
Compliance with legal obligations
We work solely with world-class suppliers, some of whom have branches outside the European Economic Area (‘EEA’). Any transfers of your personal data outside the EEA take place only subject to appropriate safeguards as provided in data protection law. These safeguards are intended to secure your rights as a data subject with respect to any relevant non-EEA domiciled entities.
Personal data may in limited circumstances be shared with our affiliates in order to provide and/or develop our Services or where one of the other legitimate interests identified above applies. Personal data collected in the EEA may be accessed from us. This is usually carried out for the purposes of providing 24/7 customer support or in relation to product development. ICG assumes responsibility for the security of personal data that is accessible by our overseas affiliates.
We are committed to guaranteeing the statutory rights of individuals. If you send us a request regarding your rights under data protection law we will respond within 30 calendar days of receipt and, where possible, address your request within such time. Where necessary, this period may be extended by up to a further 60 days.
The persons to whom this Policy to applies are under no statutory or contractual obligation to provide personal data to ICG. However, should you decide to submit personal data to us, you will have the following rights, as a data subject, under data protection law as summarised below¹:
the right to be informed
the right to access
the right to rectification
the right to erasure
the right to restrict processing
the right to object to profiling
the right to data portability
the right to complain to the Information Commissioner’s Office
the right to withdraw consent
¹This summary provides an overview of data subject rights under data protection law and shall not create any rights or obligations additional to those contained in the Data Protection Act 2018.
ICG does not engage in profiling which is capable of producing legal or other significant effects for individual data subjects.
Detailed information on the content and the means to exercise your rights is provided by the United Kingdom’s Information Commissioner’s Office, available here.
ICG operates an internal Data Retention Policy. In respect of all personal data within the scope of this Policy, ICG will retain such personal data until you advise us to securely dispose of it, or until it becomes outdated, or it is no longer appropriate for us to retain such data. You shall inform ICG of any material changes to your personal data to ensure it is accurate. Outdated personal data is periodically deleted in accordance with our Data Retention Policy which is available for review upon request.
ICG operates an internal Information Security Policy. We have taken technical and organisational measures to ensure our own and our suppliers’ information security standards are appropriate to the risks associated with the personal data processing we undertake. Our security objectives include guaranteeing the confidentiality, integrity and availability of personal data and the resilience of the systems that process it. Our Information Security Policy is available for review upon request.
Cookies are small text files that are stored in your browser when you visit some websites.
Cookies are used for numerous purposes. This website utilises three categories of cookie as defined by the International Chamber of Commerce guide for cookie categories:
The following table lists the cookies used on this website and sets out the name, function, duration and origin of each. The social networking cookies function through integration with 3rd party web sites, but are included here for completeness as this functionality is fairly integral within our web site.
The General Committee of the Club (the ‘General Committee’) shall exercise the powers given to it by these rules and such other powers of management as it may undertake at the request of the Proprietor.
Universal Analytics (Google)
These cookies are used to collect information about how visitors use our website. We use the information to compile reports and to help us improve the website. The cookies collect information in an anonymous form, including the number of visitors to the website, where visitors have come to the website from and the pages they visited.
Measures the number of times an embedded element from a third party service has been used.
We reserve the right to amend this policy from time to time. You will be informed of any material changes without delay.
We reserve the right, in the event that we buy or sell all or part of our business or assets, to disclose personal information held by us to the prospective seller or buyer of such business or assets.
In relation to any queries about this Policy or any other data protection matters, please contact: firstname.lastname@example.org
Last updated: 22/06/19