Our Privacy Policy and GDPR Compliance Statement

We are committed to safeguarding the privacy of our clients and our website visitors; this policy sets out how we will treat your personal information.

(1) What information do we collect?

We may collect, store and use the following kinds of personal data:

  • information about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type, referral source, length of visit, pages viewed and activity on each page);
  • information that you provide to us for the purpose of registering with us (including details of your company, interests and contact details);
  • information that you provide to us for the purpose of subscribing to our website services, email notifications and/or newsletters (including contact details, etc.);
  • information that you provide us for the purpose of service delivery
  • any other information that you choose to send to us.

(2) Cookies

A cookie consists of information sent by a web server to a web browser, and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.
We use both “session” cookies and “persistent” cookies on our websites. We will use the session cookies to: keep track of you whilst you navigate the website; and to monitor user behaviour for statistical and marketing purposes. We will use the persistent cookies to: enable our website to recognise you when you visit;
Session cookies will be deleted from your computer when you close your browser. Persistent cookies will remain stored on your computer until deleted, or until they reach a specified expiry date.
We use Google Analytics to analyse the use of this website. Google Analytics generates statistical and other information about website use by means of cookies, which are stored on users’ computers. The information generated relating to our website is used to create reports about the use of the website. Google will store this information. View Google’s privacy policy.
We use StatCounter to analyse the use of this website. StatCounter generates statistical and other information about website use by means of cookies, which are stored on users’ computers. The information generated relating to our website is used to create reports about the use of the website. StatCounter will store this information. View StatCounter’s privacy policy.
Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third party cookies. For example, in Internet Explorer you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector. Blocking all cookies will, however, have a negative impact upon the usability of many websites, including this one.

(3) Using your personal data

Personal data submitted on this website will be used for the purposes specified in this privacy policy or in relevant parts of the website.
We may use your personal information to:

  • administer the website;
  • improve your browsing experience by personalising the website;
  • enable your use of the services available on the website;
  • supply to you services purchased via the website;
  • supply to you services purchased via telephone or in person (including free trial periods);
  • send statements and invoices to you, and collect payments from you;
  • send you general (non-marketing) commercial communications;
  • send you email notifications which you have specifically requested;
  • send to you our newsletter(s) and other marketing communications relating to our business which we think may be of interest to you by post or, by email or similar technology (you can inform us at any time if you no longer require marketing communications)
  • provide third parties with statistical information about our users – but this information will not be used to identify any individual user;
  • deal with enquiries and complaints made by or about you relating to the website;

Where you submit personal information for publication on our website, we will publish and otherwise use that information in accordance with the license you grant to us.
We will not without your express consent provide your personal information to any third parties for the purpose of direct marketing or indeed with any other third parties for any other purpose (with the exception of legal requirements for disclosure below).

(4) Disclosures

We may disclose information about you to any of our employees, officers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes as set out in this privacy policy.
In addition, we may disclose information about you:

  • (a) to the extent that we are required to do so by law;
  • (b) in connection with any legal proceedings or prospective legal proceedings;
  • (c) in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk); and
  • (d) to the purchaser (or prospective purchaser) of any business or asset which we are (or are contemplating) selling.

Except as provided in this privacy policy, we will not provide your information to third parties.

(5) International data transfers

Information that we collect may be stored and processed in and transferred between any of the countries in which we operate in order to enable us to use the information in accordance with this privacy policy.
Information which you provide may be transferred to countries (including the United Kingdom, and the United States) which do not have data protection laws equivalent to those in force in the European Economic Area.
In addition, personal information that you submit for publication on the website will be published on the Internet and may be available, via the Internet, around the world.
You expressly agree to such transfers of personal information.

(6) Security of your personal data

We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
We will store all the personal information you provide on our secure (password- and firewall- protected) servers. All electronic transactions you make to or receive from us containing sensitive information will be encrypted using SSL technology.
We take great care to ensure any confidential information remains protected, but we cannot guarantee the security of data sent over the Internet.
You are responsible for keeping your password and user details confidential. We will not ask you for your password.

(7) Policy amendments

We may update this privacy policy from time-to-time by posting a new version on our website. You should check this page occasionally to ensure you are happy with any changes.
We may also notify you of changes to our privacy policy by email.

(8) Your rights

You may instruct us to provide you with any personal information we hold about you. Provision of such information may be subject to the payment of a fee.
You may instruct us not to process your personal data for marketing purposes by email at any time. (In practice, you will usually either expressly agree in advance to our use of your personal data for marketing purposes, or we will provide you with an opportunity to opt-out of the use of your personal data for marketing purposes.)

(9) Third party websites

The website contains links to other websites. We are not responsible for the privacy policies or practices of third party websites.

(10) Updating information

Please let us know if the personal information which we hold about you needs to be corrected or updated.

(11) Contact

If you have any questions about this privacy policy or our treatment of your personal data, please write to us by email to services@virtualpa.co.uk

GDPR Data Policy and Compliance Statement

Business Perpetual Ltd trading as Virtual PA Co is fully registered with the ICO and compliant with all requirements under Data Protection law.

Our approach can be summarise here and is followed by our outline operational procedures with regard to all data handled within the organisation.

  • We will store any personal data that we hold securely
  • We will only make contact with relevant content and information to an individual’s status and relationship with us
  • We will never pass data onto third parties
  • We will advise within 24 hours if we have had a data breach
  • We will provide the details that we hold on any individual for the purposes defined below within five days of request
  • We will delete data if an individual no longer wishes us to hold it with the exception of that which is required for legal purposes (i.e. financial records)
  • We will aim at all times to be GDPR compliant

CLIENTS
Clients are defined as those who have signed up to our service, either as a paying client or as a free trialist.

Existing clients
Client data is kept in order for Virtual PA Co to deliver the services they are engaged to provide and also to keep clients up to date with opening hours, closures, service details and promotional information and incentives pertaining to existing services and newly introduced ones. Please see our privacy policy for further information.

Data is held for three main purposes:

Service delivery

Information updates pertaining to the service delivery

Promotional incentives and new services available

Ex clients
Ex clients are those who have used the service and have either terminated or paused the service. Data will be retained on the systems used by Virtual PA Co but used only for

Potential reactivation of service delivery

Information updates pertaining to the service delivery

Promotional incentives and new services available

Potential clients
Potential clients are those who have initiated contact with Virtual PA Co with regard to becoming a client.

Potential service delivery

Information updates pertaining to the service delivery

Promotional incentives and new services available
SUPPLIERS
All our suppliers have confirmed to us that they are ICO Registered and GDPR compliant. Where they have access to Virtual PA Co client data, this is only for the purposes of supplying their service to Virtual PA Co as a client. They have confirmed this to Virtual PA Co in writing, copies of which are available on request to email
services@virtualpa.co.uk

Ex-suppliers are subject to the same process for securing Virtual PA Co client and staff data as ex-staff below

  1. All passwords on all systems and PCs are changed forthwith
  2. Suppliers are asked to confirm in writing that access details to Virtual PA Co systems have been deleted as per a GDPR data request (which Virtual PA Co will issue as part of the supplier termination process.


STAFF
We keep details of all our staff and subcontractors for the purposes of employing them to provide service directly or indirectly supporting our business and its clients.

Current staff information
Information on individuals is held for the purposes of recruitment, employment, contact in the event of emergency and individual role performance.

Potential staff information
Those who have enquired, applied, interviewed or been offered a position have submitted personal details necessary for the processing of potential employment. Some if not all such data will be retained on file as required for the purposes of informing past applicants of new opportunities unless it the individual requests that we delete/destroy such data.

Ex staff information
Details relating to employment are held for the purposes of supplying references to future employers. Other data, such as that held for emergency events is deleted as soon as the staff member leaves our employ.

As an employee leaves Virtual PA Co all access internally and remotely is rescinded, passwords and office access details are changed to prevent any data breach.

Staff are contracted not to hold client or supplier data on their personal devices and PCs. Company devices are provided for the purposes of messaging and staff are prohibited from using personal communication devices in the provision of service with the exception of home PCs used for working from home.

Regardless, in addition to the terms of their employment contract, as a individual leaves our employ they are forthwith required to sign their confirmation that they hold no data which belongs to or is under custodianship of Virtual PA Co and that all and any client, supplier and staff contact data has been deleted.

CALLS
An important reminder is that all calls into and out of Virtual PA Co systems are recorded. This is for the purposes of quality of service provision, call handling and customer service as well as for the provision and checking of records for clients.

Calls are not recorded and stored for any purposes of data mining, collection or other use.

In the event of a request to delete all information held on a particular individual, we will endeavour to achieve this though to locate all calls relating would require significant resource and success may not be guaranteed.

Please see our privacy policy with regard to security guarantee around data transmitted via the internet which cannot be guaranteed.