top of page

Privacy Policy


This Privacy Policy explains when and why we collect personal information about people who visit our Website, what we collect, how we use it, the conditions under which we may disclose it to others and how we keep it secure. We may change this Privacy Policy from time to time so please check this page occasionally to ensure that you are happy with any changes. By using our Website www.graftilo.com, you are agreeing to this Privacy Policy. Any questions regarding this Privacy Policy and our privacy practices should be sent by email to info@graftilo.com

In this Privacy Policy, Data Protection Legislation means all applicable law relating to the processing of personal data including the Data Protection Act 1998 (“DPA”), the General Data Protection Regulation 2016/679 (“GDPR”), the Privacy and Electronic Communications (EC Directive) Regulations 2003 (“PECR”) and any statutory instrument, order rule or regulation made, as amended, extended, re-enacted or consolidated from time to time and any successor legislation to the GDPR, PECR and DPA. The terms “Personal Data”, “Sensitive Personal Data”, “Data Controller”, “Data Processor”, Data Subject and “process” (in the context of usage of Personal Data) shall have the meanings given to them in the applicable Data Protection Legislation.

Who are we?


Graftilo Consulting Ltd is a company registered in England and Wales under company number 14009502. We are a consultancy business specialising in the end-to-end delivery of RDF-based technologies, including training.

How do we collect information from you?


You can visit our Website without telling us who you are or giving us any personally identifiable information. We do not capture and store any Personal Data, except where you voluntarily choose to give Us your personal details via email, by using an electronic form, or by registering with and using our Platform. We may collect Personal Data if you complete a survey that we have sent to you for research purposes – you are not obliged to complete such surveys. Any Personal Data that you provide to us will be used for providing you with the information or services you have requested from us.

What type of information is collected from you?


The Personal Data we collect might include your name, address, email address, your curriculum vitae, your profile information, IP address, and information regarding what pages are accessed and when. This includes information provided at the time of registering or subscribing to our Services, posting material or requesting further services from us. We may also ask you for information when you report a problem with our Website. We do not collect or store any Sensitive Personal Data about ethnicity, political opinion, religious or other beliefs, trade union membership, health, sexuality, criminal proceedings/convictions. It is important that the Personal Data that we store is relevant and up-to-date. To maintain it, we ask that you notify us of any changes to data that you have provided us with in the past, or if you become aware of anything inaccurate.

Our lawful basis of processing – legitimate interests


We may process Personal Data for a Legitimate Interest in order to provide you with the business service and products that you receive from us or with your express Consent (both as defined in applicable Data Protection Legislation). Our Legitimate Interests for the processing and retention of Personal Data includes:

  • Connecting potential candidates for employment opportunities with us

  • The delivery of services to you

  • Exercising and enforcing our rights after the conclusion of any contract we have had with you

  • Circumstances where it is appropriate as part of our business relationship (for example, keeping client contact details in order to file work produced for potential future reference)

  • Recording your request not to receive direct marketing

Our primary interest in processing Personal Data is the performance and administration of the services you ask us to provide for you, the proper tracking of requests made by you, the services we complete for you, prompt communication between us and the provision of support

Our lawful basis of processing – consent


We will only request your explicit consent when we have deemed that it is the most appropriate lawful basis for processing your data. Where we do make requests for your consent, we will do so in such a way as to make the request prominent and kept separate from our terms and conditions. Once you have given consent, we will keep a record of when and how you gave consent, including exactly what you were told at the time. We regularly review consent to check that our relationship, the way we use your data and the reasons for using it have not changed. If there has been a change to any of these factors, we will contact you to inform you of any changes and request your consent. We may contact you to request renewal of your consent from time to time, if we feel this is appropriate. You can withdraw your consent at any time by contacting us at info@graftilo.com We will always act upon requests to withdraw consent as soon as possible within our business hours.

How is your information used?


We use information held about you in the following ways:

  • To provide you with information or services that you request from us, or which we feel may interest you.

  • To allow you to participate in interactive features of our service, when you choose to do so.

  • To notify you about changes to our service.

We may analyse your Personal Data to create a profile of your interests and preferences so that we can contact you with information relevant to your job seeking. To ensure that content from our Website and/or Platform is presented in the most effective manner for you and for your computer.

Non-personal information collected automatically


We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration. This is statistical data about our users’ browsing actions and patterns and does not identify any individual. For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service. They enable us to:

 

  • Estimate our audience size and usage pattern.

  • Store information about your preferences and so allow us to customise our site according to your individual interests.

  • Recognise you when you return to our site.


You may refuse to accept cookies by activating the setting on your browser that allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you access our Website.

Security


We are committed to ensuring that your Personal Data is secure and comply fully with all applicable Data Protection Legislation. In order to prevent unauthorised access, use or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. Our security technologies and procedures are regularly reviewed to ensure that they are up to date and effective. Security measure shall, amongst other things, include:

 

  • The pseudonymisation and encryption of personal data

  • The ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services

  • The ability to restore the availability and access to personal data in a timely manner in the event of physical or technical incident

  • Processes for regularly testing, assessing and evaluating the effectiveness of technical and organisations measures to ensure the security of the processing


Non-sensitive details, for example, your email address, etc., are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your Personal Data we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Who has access to your information?


We do not pass any of your Personal Data to outside organisations and/or individuals, except those that assist us in providing the services to you and then only to the extent necessary. Other than as stated above, we will not disclose, sell, distribute or lease your Personal Data to third parties unless we have your permission or are required by law to do so.
We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.

Third-party processing


Where Personal Data is processed by a third party on our behalf, we will have a contract in place to govern that relationship in accordance with Data Protection Legislation. We will remain responsible for the protection and safe processing of your data, even if we use a third party to help us process it. We will only give access to your Personal Data to a third party for them to support us in delivering our services to you (as under our Legitimate Interests, described above), or if we are required to by law.

Your rights


When reading this policy, it might be helpful to understand that your rights arising under Data Protection Legislation include:

 

  • The right to be informed of how your Personal Data is used (in part, through the notices found in this policy).

  • The right to access any Personal Data held about you.

  • The right to rectify any inaccurate or incomplete Personal Data held about you.

  • The right to erasure where it cannot be justified that the information held satisfies any of the criteria outlined in this policy, or where you have withdrawn consent.

  • The right to prevent processing for direct marketing purposes, scientific/historical research or in any such way that is likely to cause substantial damage to you or another, including through profile building.

  • The right to object to processing that results in decisions being made about you by automated processes and prevent those decisions being enacted.


All queries, requests to exercise a right, or complaints regarding your Personal Data should be forwarded to info@graftilo.com

Data retention


We will keep data long enough as is necessary to fulfil any contract we may have with you, but also to meet our legal obligations. In retaining data we will strike a balance between (1) retaining data long enough to:

  • Undertake any remedial work for you.

  • Provide any information required by a regulator, HMRC or other law enforcement agency.

  • Defend any legal action which may be made against us.


And (2) not keeping data longer than the applicable Data Protection Legislation allows.

 

We have in place ongoing systems which destroy or delete data which is no longer required. Where possible we will put in place automatic systems to delete electronic data which is no longer required.


You have the right to request the erasure of your Personal Data where:

  • The original purpose for which it was collected has expired.

  • You have withdrawn consent for its processing.

  • Your data has been processed unlawfully.

  • Erasure is required to comply with a legal obligation.

  • It is not subject to any Legitimate Interests for continued processing as set out in this Privacy Policy.


Legitimate Interests will only be used as the foundation for our continued processing while the processing of your Personal Data does not pose a greater threat to you than the likely benefit to be gained. In this policy, we refer to the assessment we conduct to determine this as "Balancing". Where we are obliged, by law, to retain and/or process your data, we will not carry out a Balancing assessment and instead rely upon Art 6, S1 of the GDPR. Where required to retain data for legitimate audit and compliance interests we will anonymise any personal data that we retain. The anonymisation will not provide a route for personal data to be reconstituted. The data will be retained on a log to allow for analysis of services where required. If at a point in the future all data can be deleted, it will be.


Changes of business ownership and control


We may, from time to time, expand or reduce our business and this may involve the sale of certain divisions or the transfer of control of certain divisions to other parties. Data provided by you will, where it is relevant to any division so transferred, be transferred along with that division and the new owner or newly controlling party will, under the terms of this Policy, be permitted to use the data for the purposes for which it was supplied by you. In the event that any Data you submitted will be transferred in such a manner, you will be contacted in advance and informed of the changes. When contacted, you will be given the choice to have your Data deleted or withheld from the new owner or controller.


Changes to this Policy


Graftilo Consulting Ltd reserves the right to change this Privacy Policy as we may deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the Website and you are deemed to have accepted the terms of the Policy on your first use of the Website following the alterations.


Contacting us


If there are any questions regarding this Privacy Policy you may contact us at info@graftilo.com

bottom of page