AttisTowns – Privacy Policy

AttisTowns is a company registered in the UK under company registration 12922905.

This document sets out the privacy policy for AttisTowns. 

The document is a living policy that will be subject to constant review by the Data Controller with updates managed through version control. Historic versions will be retained.

The key aims of the policy are to:

• What personal data AttisTowns holds.

• How AttisTowns use the data.

• The process for disclosing data and your legal rights.

• How long AttisTowns retain data for.

• AttisTowns data security.

AttisTowns do not share personal data with any third party without consent of the data subject.

AttisTowns’ Data Controller will complete a privacy impact assessment (PIA) at the start of each new project.

This will take into account:

1. Identify the need for a PIA.

2. Describe the information flows.

3. Identify the privacy and related risks.

4. Identify and evaluate the privacy solutions.

5. Sign off and record the PIA outcomes.

6. Integrate the outcomes into the project plan.

7. Consult throughout with internal / external stakeholders.

Any questions should be directed to the Data Controller info@attistowns.com.

What data AttisTowns holds.

AttisTowns holds personal data/information categorised as follows: 

• Identity data – this includes name(s) and date of birth.

• Contact information – this includes phone numbers, correspondence address and e-mail address(es).

• Usage information – this includes how you use our website.

• Technological data – This includes data from where you access our website (internet protocol address), types of device used to access our website, operating system and the type and version of browser used.   

How AttisTowns uses the data.

AttisTowns adhere to all legislation governing the collection, retention, use and sharing of personal data.

AttisTowns will use your personal data to:

• Provide you with updates on projects and key strategic issues.

• Where AttisTowns needs to comply with legal and/or regulatory requirements.

• Where you have consented to pass details to a third party.

• To comply with any agreement AttisTowns has with you.

Disclosure of personal data to third parties.

Where we share your personal data with a third party it will only be done so within the terms set out above.

AttisTowns will require that any recipient of personal data complies with current legislation in relation to the collection, retention, use, storage and security of personal data.

How long AttisTowns retains data for.

AttisTowns will only retain personal data for a period commensurate with why the personal data was collected or to comply with legislation, accounting or reporting requirements.

How to request data access.

AttisTowns have a dedicated Data Controller to whom all subject access requests should be made.

Requests should be made in writing so that AttisTowns can confirm the identity of the person making the access request.

All data requests will be responded to within 28-days. 

There is no fee for processing any data request(s).

Applicants can request:

• Details of all personal data held about you.

• Request correction of any incorrect personal data.

• Request the deletion of personal data. Data will be deleted as soon as possible subject to AttisTowns legal, accounting or reporting requirements.

• Request suspension of processing your personal data. 

AttisTowns data security.

AttisTowns have appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in any unauthorised way, altered or disclosed. Access to your personal data tis restricted o those employees, agents, contractors and other third parties who have a business need to know. Personal data will only be processed on our instructions and is subject to an enduring duty of confidentiality.

AttisTowns has procedures to deal with any breach of  personal data requirements and legislation and will notify you and the Information Commissioners of any breach where there is a legal requirement.