Last updated: July 2021
This notice tells you how we look after your personal data when you visit our website at https://www.veritasnoble.co.uk/ (Website) or use our consultancy services (Services).
It sets out what information we collect about you, what we use it for and whom we share it with. It also explains your rights and what to do if you have any concerns about your personal data.
We may sometimes need to update this notice, to reflect any changes to the way the Services are provided or to comply with new legal requirements. We will notify you of any important changes before they take effect.
We are VN Consultancy Limited, registered in England and Wales with company number 12777025 whose registered address is Henleaze House Business Centre, 13 Harbury Road, Henleaze Bristol, BS9 4PN (we / us / our).
For all visitors to our Website and customers who purchase our Services, we are the controller of your information (which means we decide what information we collect and how it is used). We are registered with the Information Commissioner’s Office (ICO), the UK regulator for data protection matters, under number ZA793058.
If you have any questions about this privacy notice or the way that we use information, please get in touch using the following details:
Personal data means any information which does (or could be used to) identify a living person. We have grouped together the types of personal data that we collect from you below:
Type of Personal Data
We are required to identify a legal justification (also known as a lawful basis) for collecting and using your personal data. There are six legal justifications which organisations can rely on. The most relevant of these to us are where we use your personal data to:
The table below sets out the lawful basis we rely on when we use your personal data. If we intend to use your personal data for a new reason that is not listed in the table, we will update our privacy notice.
Providing our Services to you
Contract (you accept our Terms and Conditions)
Asking you to provide a feedback about our Website
Consent (the feedback is always optional)
Providing insight on how our Website is being used
Legitimate interest (necessary to improve and
optimise our Website)
Administering and protecting our Website and
Legitimate interests (necessary to provide our
Services, monitor and improve Website security
and prevent fraud)
Handling requests for technical support and other
Legitimate interests (necessary to provide our
Services to you and ensure the proper functioning
of our Website)
Defending against legal claims
Legitimate interests (to protect our business and
defend ourselves against legal claims)
Notifying you about changes to our privacy notice
Legal obligation (necessary to comply with our
obligations under data protection law)
We may anonymise the personal data we collect (so it can no longer identify you) and then combine it with other anonymous information so it becomes aggregated data. Aggregated data helps us identify trends (e.g. what percentage of users responded to a specific survey). Data protection law does not govern the use of aggregated data and the various rights described below do not apply to it.
We share (or may share) your personal data with:
If we were asked to provide personal data in response to a court order or legal request (e.g. from the police), we would seek legal advice before disclosing any information and carefully consider the impact on your rights when providing a response.
We will only transfer information outside of the UK where we have a valid legal mechanism in place (to make sure that your personal data is guaranteed a level of protection, regardless of where in the world it is located, e.g. by using contracts approved by the European Commission or UK Secretary of State).
If you access our Website or purchase our Services whilst abroad then your personal data may be stored on servers located in the same country as you or your organisation.
We have implemented security measures to prevent your personal data from being accidentally or illegally lost, used or accessed by those who do not have permission. These measures include:
If there is an incident which has affected your personal data and we are the controller, we will notify the regulator and keep you informed (where required under data protection law). Where we act as the processor for the affected personal data, we notify the controller and support them with investigating and responding to the incident.
If you notice any unusual activity on the Website, please contact us at email@example.com.
Where we act as the controller, we will only retain your personal data for as long as necessary to fulfil the purposes we collected it for.
To decide how long to keep personal data (also known as its retention period), we consider the volume, nature, and sensitivity of the personal data, the potential risk of harm to you if an incident were to happen, whether we require the personal data to achieve the purposes we have identified or whether we can achieve those purposes through other means (e.g. by using aggregated data instead), and any applicable legal requirements (e.g. minimum accounting records for HM Revenue & Customs).
We may keep Identity Data, Contact Data and certain Communications Data for up to six years after the end of our contractual relationship with you.
If you browse our Website, we keep personal data collected through our analytics tools for only for as long as necessary to fulfil the purposes we collected it for.
If you have asked for information from us or you have subscribed to our mailing list, we keep your details until you ask us to stop contacting you.
You have specific legal rights in relation to your personal data.
It is usually free for you exercise your rights and we aim to respond within one month (although we may ask you if we can extend this deadline up to a maximum of two months if your request is particularly complex or we receive multiple requests at once).
We can decide not to take any action in relation to a request where we have been unable to confirm your identity (this is one of our security processes to make sure we keep information safe) or if we feel the request is unfounded or excessive. We may charge a fee where we decide to proceed with a request that we believe is unfounded or excessive. If this happens, we will always inform you in writing.
We do not respond directly to requests which relate to personal data for which we act as the processor. In this situation, we forward your request to the relevant controller and await their instruction before we take any action.
If you wish to make any of the right requests listed below, you can reach us at firstname.lastname@example.org.
Your legal rights
Cookies are small text files that are downloaded to your device. Cookies contain a uniquely generated references which are used to distinguish you from other users. They allow information gathered on one webpage to be stored until it is needed for use on another, allowing our Website to provide you with a personalised experience and provide us with statistics about how you interact with our Website.
Cookies are not harmful to your devices (like a virus or malicious code) but some individuals prefer not to share their information (for example, to avoid targeted advertising).
Different types of cookies
Session vs. persistent cookies: cookies have a limited lifespan. Cookies which only last a short time or end when you close your browser are called session cookies. Cookies which remain on your device for longer are called persistent cookies (these are the type of cookies allow websites to remember your details when you log back onto them).
First party vs third party cookies: cookies placed on your device by the website owner are called first party cookies. When the website owner uses other businesses’ technology to help them manage and monitor their website, the cookies added by the other business are called third party cookies.
Categories of cookies: cookies can be grouped by what they help the website or website owner do.
The cookies we use are:
What it does
How long it lasts
This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site’s analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form.
This cookie is used by the website’s WordPress theme. It allows the website owner to implement or change the website’s content in real-time.
Other uncategorised cookies.
This cookie is installed by Google Universal Analytics to throttle the request rate to limit the collection of data on high traffic sites.
You can choose to decline cookies but if you turn off necessary cookies, some pages and functions on our Website may not work properly.
You can also manage cookies through your browser settings or device settings (your user manual should contain additional information).
You can also delete cookies directly with the relevant third parties (for example, you can disable Google Analytics on their website).