Privacy Policy

Goddard Littlefair respects your privacy and is committed to protecting the personal data you share with us.

This privacy notice will explain how we look after your personal data, whether you are a client, interested party, a visitor to our website, a contact who subscribes to our quarterly newsletters & project updates, or all four. It is in two parts.

Part 1: Under the EU General Data Protection Regulations (GDPR), we are required to update the data protection references in our engagement letters with clients and, provide certain details regarding the collection and use of your personal data. This is set out in more detail below.

Part 2: This sets out in relation to information we collect from this Site, and information we collect from our newsletters and updates, the practices we follow to respect the privacy of everyone who visits our website or receives our marketing communications.

Part 1

The address of Goddard Littlefair is The Fifth Floor, 32-38 Saffron Hill, London EC1N 8FH. If you have any questions about this privacy notice, including any requests regarding data you share with us, please contact: info@goddardlittlefair.com

What are your rights?
If you believe the information we process on you is incorrect you can request to see this information and even have it corrected or deleted. If you wish to raise a complaint on how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office at https://ico.org.uk/concerns or on 0303 123 1113. We would, however, appreciate the opportunity to deal with your concerns before you approach the ICO so please contact us at info@goddardlittlefair.com in the first instance.

Unless otherwise agreed with you, we will only collect basic personal data about you, which does not include any ‘sensitive personal data’ or “special category data”. This information does, however, include the likes of your name, work address, email address and job title.

A full list of your rights under GDPR can be found here: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

Data Collection
We need to know basic personal data in order to provide you with: 

  • Our marketing communications, including our project updates, quarterly newsletters, news announcements, and information about the services we offer. For this purpose we use Mailchimp. Mailchimp’s Privacy Policy describes what personal data it collects and how it uses it. Mailchimp processes your data in accordance with its privacy policy. Mailchimp are certified under the EU-US Privacy Shield Framework. They store data in the US. Accordingly, your data you share with us here will be transferred to their secure servers in the US. Mailchimp’s privacy shield certification permits this transfer in accordance with GDPR. 
  • Mailchimp uses technologies such as pixels and web beacons that allow us to track whether you have opened or clicked on our emails. This indicates how helpful our content is and helps us plan future content. 
  • You may contact Mailchimp directly to request access to information that Mailchimp may hold about you. 
  • Our services, and our right to collect payments in return for our services, under our contract we have with you. If you do not provide this information then we will be unable to provide the services you have requested. 

We collect personally identifiable information that is voluntarily provided by subscribers to our newsletter. This user data includes name, email address, IP address and details of the clicks into links in our newsletters. 

We will not collect any personal data from you that we do not need in order to provide our marketing and informational communications as referred to above or to provide our services we have agreed to provide you with. 

We use Pipedrive to store and manage the personal data of our clients, potential clients and any other interested parties. This data includes names, email addresses and telephone numbers. 

  • Pipedrive does not own, control or direct the use of any of the Client Data stored or processed by a Client or User via the Service. Only the Client or Users are entitled to access, retrieve and direct the use of such Client Data. Pipedrive is largely unaware of what Client Data is actually being stored or made available by a Client or User to the Service and does not directly access such Client Data except as authorized by the Client, or as necessary to provide Services to the Client and its Users.
  • Pipedrive is hosted in the United States or Germany. EU customers’ databases will be hosted in Pipedrive’s EU datacenter located in Frankfurt, Germany. Pipedrive may transfer Client Data and Personal Data to the United States for storage and processing by their service providers listed in the Pipedrive Terms of Service. Pipedrive will comply with GDPR requirements providing adequate protection for the transfer of personal information from Europe to the U.S. 
  • For more information about how Pipedrive process their data, please refer to their Privacy Policy. 

Use of Data
Except in relation to our transfer of your personal data to Mailchimp and Pipedrive, as described above for the purposes of providing marketing communications and contact management, all the personal data we hold about you will be processed by us in the United Kingdom and no third parties will have access to your personal data unless there is a legal obligation for us to provide them with this. We have set out below the legal bases for Goddard Littlefair to process your data. 

Some of our processing is necessary for compliance with legal obligations. For example we may be obliged to report certain matters to law enforcement agencies. 

We may also process data if it is necessary for the performance of a contract with you, or to take steps to enter into a contract. An example of this would be processing your data in connection with providing you with services you agree you want us to provide to you. 

We will also communicate with you information about other services we can offer you and update you about our activities. 

Where your information is used other than for one of these purposes, we will first obtain your consent to that use. 

We take all reasonable steps to ensure that your personal data is processed securely. 

How long we keep it
We will generally keep your personal data for a minimum of 7 years, after which time it will be destroyed if it is no longer required for the lawful purpose(s) for which it was obtained. If you consent to marketing, any information we use for this purpose will be kept with us until you notify us that you no longer wish to receive this information. 

Sharing your personal data
Your personal data will only be shared with third parties including other data controllers where it is necessary for the performance of the data controllers’ tasks or where you first give us your prior consent. It is likely that we will need to share your data with our agents, suppliers and contractors. For example, we may ask a supplier to send out newsletters on our behalf (for example Mailchimp as referred to above) under the heading Data Collection above, to maintain our database software, or to provide us with administration, IT and other related services; 

Any personal data transferred to countries or territories outside the European Union will only be placed on systems complying with measures giving equivalent protection of personal rights either through international agreements or contracts approved by the European Union. 

Part 2 

At Goddard Littlefair we have focused on implementing practices that are designed to protect your privacy. If you have questions or you do not feel that your concerns have been addressed in our privacy statement, or you just want to talk with us, feel free to contact us by email at info@goddardlittlefair.com 

Data Collection from the website
We collect personally identifiable information that is voluntarily provided by visitors to this Site (User Data). The User Data that Goddard Littlefair receives from Site visitors includes name, title, address, email address, screen name, telephone and any other information provided by visitors in email messages or attachments thereto. 

Typically, user Data is collected in order to assist visitors to: 

  • register for certain areas of the Site
  • distribute requested reference materials 
  • contact us for further information 
  • register for events, courses and conferences. 

It is Goddard Littlefair’s policy to limit the information collected to only the minimum information required to complete a Site visitor’s request. 

We collect personally identifiable information that is voluntarily provided by subscribers to our website. This user data includes name, email address, IP address and visitors who click on links in the website. 

Goddard Littlefair’s intention is not to seek any sensitive personal information or special category data through our Site unless legally required. Sensitive information and special category data includes a number of types of data relating to race or ethnic origin, political opinions, religious or other similar beliefs, trade union membership, physical or mental health, sexual life, or criminal record. 

Use of User Data
User Data obtained by the Site is used for internal business purposes of Goddard Littlefair and in connection with a visitor’s request. This data is not shared with others for unrelated purposes unless stated in this Privacy Policy or otherwise communicated to the Site visitor. 

Except for instances where visitors explicitly choose to receive specific Goddard Littlefair marketing or other informational materials, Goddard Littlefair will not use personal data collected from our Website to distribute marketing or informational materials. 

Third Parties
It is Goddard Littlefair’s policy only to disclose User Data to third parties under the following circumstances: 

  • when explicitly requested by the visitor 
  • when requested to deliver marketing or other informational materials to the visitor which we will do using Mailchimp who send out these materials on our behalf in accordance with the provisions of the Data Collection and Sharing your Personal Data sections in Part 1 of this Privacy Policy above 
  • when required to deliver publications or reference materials requested by the visitor 
  • when required to facilitate conferences or events hosted by a third party 
  • when required to meet any other request of a visitor. 

Categories of third parties that Goddard Littlefair may share personally identifiable information with include federal, state, and local government entities and Mailchimp who send out marketing communication emails on our behalf in accordance with the provisions of the Data Collection and Sharing your Personal Data sections in Part 1 of this Privacy Policy above. This Site does not collect or compile personally identifying information for dissemination or sale to outside parties for consumer marketing purposes, or host mailings on behalf of third parties. 

Use of Cookies
A cookie is a tiny element of data that a website can send to a visitor’s computer’s browser so that this computer will be recognised by the site on their return. Cookies allow our web server to recognise a computer on connection to the Site, which in turn allows the server to make downloading of pages faster than on first viewing. In addition, cookies may also be used by us to establish statistics about the use of the Site by visitors by gathering and analysing data such as: most visited pages, time spent by users on each page, site performance, etc. By collecting and using such data, we hope to improve the quality of the Site. 

The data collected by our servers and/or through cookies that may be placed on your computer will not be kept for longer than is necessary to fulfil the purposes mentioned above. In any event, such information may not be kept for longer than one year. 

Navigation data about site viewers is automatically collected by our servers. If you do not wish to have this navigation data collected, we recommend that you do not use the Site. A visitor can also set their browser to block the recording of cookies on their hard drive to minimise the amount of data that may be collected about your navigating on the Site. The browser on a computer can be set to notify the user when a cookie is being recorded on their computer’s hard drive. Most browsers can also be set to keep cookies from being recorded on their computer. However, for optimal use of the Site, we recommend that visitors do not block the recording of cookies on their computer. 

Goddard Littlefair’s servers and computer systems are protected from outside intrusions. As a result, all data that may be collected about Site viewers through the use of cookies will be protected from unauthorised access. The servers are located in the UK. 

Cookies used on the Site are only active for the duration of the visit. Cookies used on this site are not stored on visitor’s computer once you have closed your web browser. Information generated by the use of cookies may be compiled into an aggregate form so that no individual can be identified. 

We may at some stage use cookies to identify users when they visit the Site to use personalised services. In such circumstances these cookies may be kept on the hard drive of their computer following closure of the web browser. Cookies used in connection with such services enable us to build up a profile of our users and to develop personalised versions of the Site. 

For more information about cookies, please see the Information Commissioner’s website home page. A visitor may choose to not receive a cookie file by enabling your web browser to refuse cookies. The procedure for refusal of cookies may vary for different software products. Please check with your internet browser software help or your software supplier if you wish to refuse cookies. 

Transfer of User Data outside the User Jurisdiction
The Internet is a global environment. In order to provide the site we may need to transfer User Data to locations outside the jurisdiction in which a visitor is viewing the Site (the User Jurisdiction) and process User Data outside the User Jurisdiction. If the User Jurisdiction is within the European Economic Area (the EEA) please note that such transfers and processing of personal data may be in locations outside the EEA. Any data sent or uploaded by users may be accessible in jurisdictions outside the User Jurisdiction (including outside the EEA). The level of data protection offered in such jurisdictions may be less than that offered within the User Jurisdiction or (as the case may be) within the EEA. 

By continuing to use the Site and by providing any personal data (including sensitive personal data) to us via the Site or email addresses provided on the Site, visitors are consenting to such transfers, provided that they are in accordance with the purposes set out above and elsewhere in the Privacy Policy. Please do not send us any personal data if you do not consent to the transfer of this information to locations outside the User Jurisdiction (including, if applicable, outside the EEA). 

We use Mailchimp to store your data and to send you our emails. Mailchimp’s Privacy Policy below describes what personal data it collects and how it uses it. You may contact Mailchimp directly to request access to information that it holds about you, or to correct, amend or delete this information. Mailchimp treats your data in accordance with its privacy policy. Mailchimp are certified under the EU-US Privacy Shield Framework. They store data in the US. Accordingly, your data you share with us here will be transferred to their secure servers in the US. Mailchimp’s privacy shield certification permits this transfer in accordance with GDPR. You can find a full list of your rights regarding your data under GDPR on the ICO website. Mailchimp uses technologies such as pixels and web beacons that allow us to track whether you have opened or clicked on our emails. This indicates how helpful our content is and helps us plan future content. We do not share your data with any third party other than Mailchimp and our UK hosted email supplier. We do not collect any special category of personal data and we do not use automated decision making. 

We use Pipedrive which is hosted in the United States or Germany. EU customers’ databases will be hosted in Pipedrive’s EU datacenter located in Frankfurt, Germany. Pipedrive may transfer Client Data and Personal Data to the United States for storage and processing by their service providers listed in the Pipedrive Terms of Service. Pipedrive will comply with GDPR requirements providing adequate protection for the transfer of personal information from Europe to the U.S. Pipedrive does not own, control or direct the use of any of the Client Data stored or processed by a Client or User via the Service. Only the Client or Users are entitled to access, retrieve and direct the use of such Client Data. Pipedrive is largely unaware of what Client Data is actually being stored or made available by a Client or User to the Service and does not directly access such Client Data except as authorized by the Client, or as necessary to provide Services to the Client and its Users. 

Third-party Links
There are several places throughout this Site that may link to other Websites that do not operate under Goddard Littlefair’s privacy practices. When visitors link to other Websites, Goddard Littlefair’s privacy practices no longer apply. We encourage visitors to review each site’s privacy policy before disclosing any personally identifiable information. 

Choices
As a policy, visitors are not required to register to gain access to this Site. Personally identifiable information provided to Goddard Littlefair through this Site is provided voluntarily by visitors. Should visitors subsequently choose to unsubscribe from mailing lists or any registrations, we will provide instructions on the appropriate Website area or in communications to our visitors; or a visitor may contact Goddard Littlefair at info@goddardlittlefair.com 

Access
Each visitor has the right of access to personal data they have submitted through this Site. User updates of information should be handled by going back through the registration process. Enquiries about the accuracy of identifying information previously submitted, or requests to have information removed, should be directed to info@goddardlittlefair.com. 

Security
Only authorised personnel are provided access to personally-identifiable information and these persons are required to agree to ensure confidentiality of this information. 

Modifications
Goddard Littlefair reserves the right to modify or amend this statement at any time. The effective date will be displayed at the beginning of this statement. To keep visitors informed, Goddard Littlefair will notify users of material changes to our Privacy Policy by prominently identifying a link on our website home page to the updated Privacy Policy for a period of not less than two weeks. 

Consent
By continuing to use the Site and by providing any personal data (including sensitive personal data or special category data) to us via the Site or email addresses provided on the Site, visitors are consenting to our use of your personal data as set out in this Privacy Policy. Please do not send us any personal data if you do not want that information to be used by us in this manner. 

Copyright
All documents, programmes, publications, designs, products, processes, software, technology, information, and ideas (Content) provided by or described in this Site are the property of Goddard Littlefair and/or its affiliates or suppliers and are protected by U.K. and international copyright laws and other intellectual property laws, unless stated otherwise. The Content is provided to users of this Site for informational purposes only. Except as expressly permitted below or by applicable law, users may not copy (except to the extent required in order to use the site in accordance with the Legal Notice), store in any medium (including in any other website), distribute, transmit, re-transmit, broadcast, modify, or otherwise make available or communicate to the public any part of the Site or systematically extract material from the Site or any document available through it or in any other way exploit commercially all or any part of the Site or any document available through it without our prior written permission. 

Users may print or save one copy of any page of the Site and documents available through it (other than documents provided by third parties) for their own personal use.