This Privacy Notice sets out the basis on which Dotted Lines Group Ltd will collect, use and share personally identifying information (‘Personal Data’) about our customers and users of our websites and those who subscribe to our newsletters and social media feeds.
Dotted lines Group Ltd comprises:
Dotted Lines Consulting
Dotted Lines Events
Get Dotted Events
We are committed to ensuring that your personal data is protected.
We will only collect, keep, use and share Personal Data for legitimate business purposes that we explain here below, and/or if we’re legally required or allowed to do so.
We will be as clear and open as we can with you on what Personal Data we collect and how it will be used and shared.
For as long as we maintain records of your Personal Data, we will keep it up to date and protect it with appropriate safety measures.
Dotted Lines Group Ltd, is the data controller and is responsible for personal data (referred to as “Dotted Lines” or "Get Dotted", "we" or "us" in this policy). We are registered in England and Wales with company number 11867687 and a registered office at c/o Alexander & co, 17 St Ann’s Square, Manchester, M2 7PW
How can you contact us?
If you have any questions about this policy or would like to exercise any of the rights mentioned, you can either:
Email us: firstname.lastname@example.org
Write to us: Data Protection, Dotted Lines Group c/o Alexander & co, 17 St Ann’s Square, Manchester, M2 7PW
What is the policy for?
This policy outlines what personal data we collect through our websites and your other interactions with us. It tells you why we collect your data, how we use it, who we share it with and what rights you have in relation to it.
It is important that you read this policy together with any other privacy notice or fair processing notice we may provide at the point of collecting or processing your personal data. This policy supplements those notices and is not intended to override them.
Our sites include links to websites which may allow third parties to collect or share your personal data. We cannot control their use of your data and are not responsible for it. Those third parties will have their own privacy policies and we encourage you to read them before sharing any of your personal data with them.
What data do we collect about you?
Personal data includes any information about an individual from which that person can be identified. This does not include data where the individual's identity has been removed. We may collect, use, store and transfer the following types of personal data:
Name, title, marital status, date of birth, passport information, national insurance number, nationality.
Email addresses, postal addresses, billing address, landline, social media handles and mobile telephone numbers.
Special categories (Sensitive):
Dietary preferences, medical conditions such as accessibility or mobility requirements which are relevant to the services, we are providing you with on an event. We only collect this information where we have your explicit consent.
Photographs and digital images taken at our events
Your preferences (including details about the type of services or events you are interested in), interests, profession, age, purchases, orders, requests, feedback, and survey responses.
Details about payments to and from you and other details of events, products, goods or services you have purchased from us.
Bank account, payment card details.
IP address, operating system and platform, browser type and version, time zone setting, location data, device cookie and identification, and other identifying information required for your device to communicate with our sites.
Information about how you use our sites (e.g. URL). The data transmitted from your browser includes your IP address, the date and time of the visit the pages accessed, the access status/HTTP status code, your browser, your operating system and interface, as well as the language and version of the browser software. This enables us to operate our websites and provide you with access to the pages and functionality you wish to access.
Marketing and Communications:
Your preferences in receiving marketing from us and your communication preferences.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us. You can ask us to update or rectify your personal data at any time by contacting us at email@example.com.
How is your personal data collected?
We will only use your personal data when the law allows us to. We collect your Personal Data when you interact with us in the following ways:
Requesting information about our services or events
Filling in forms on our websites, e.g. downloading documents or subscribing to our mailing list
Purchasing a ticket to our ‘Get Dotted’ events
Corresponding with us by phone, email, post or otherwise
Contacting us by social media
Requesting marketing to be sent to you; and/or entering a competition, promotion, survey, or providing feedback
We also receive personal information indirectly, from the following sources in the following scenarios:
Profile and technical data from Social Media/Technical providers such as Facebook, Instagram, LinkedIn, Twitter and Google
Technical data about your device and browsing; profile data collected using cookies, online identifiers, or other similar technologies.
We collect and manage personal data about children in some circumstances, such as where children participate in our Get Dotted events with a parent or guardian. Those aged under 13 are not permitted to receive our newsletters, or enter any competitions or prize draws with us. We will not knowingly have any other direct contact with those aged under 13.
Where consent is required to process children’s personal data and the child is under 13 years, where appropriate we shall seek consent from a parent or guardian, or shall ensure such consent is in place before any data is shared with us. We will only process personal data about children that is absolutely necessary for the purpose of the event/programme that they are applying for or participating in. We will remove any data held about children 21 days after an event has taken place, unless we are required to keep data to fulfil our legal obligations, for example if a child had been given first aid at one of our events.
If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us on firstname.lastname@example.org.
What we do with the information we have?
We will only use your information where we have a lawful basis to do so. Below we have set out how we use the personal data we hold about you and explain the lawful basis for each:
We may process your personal data for more than one lawful basis, depending on the specific purpose for which we are using your data. If you need details about the specific legal ground we are relying on to process your personal data then please contact us. If we need to process your personal data for a different purpose that is not compatible with the original purpose, then we will let you know. Please note that we may also process your personal data for a different purpose than listed above and without your consent where it is necessary for us to comply with our legal obligations.
Google Analytics, a web analytics service provided by Google, Inc. (“Google”) also places cookies on your computer, to enable Google to provide us with reports relating to activity on our websites. Google uses this data only to provide us with information on how users use our websites and does not associate your IP address with any other data held by Google. The information generated by Google cookies (including your IP address) will be transmitted to and stored by Google on servers in the United States. You may refuse these cookies by selecting the appropriate settings on your browser or by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=en-GB.
We will not sell your information. We will not share your information with any third party except as stated in this Privacy Notice or as required to operate our websites, provide our services to you and administer your account or otherwise as required or permitted by law.
We will share your Personal Data with social media sites to enable them to provide marketing messages that you have agreed to receive from them. The social media sites we share your Personal Data with as at the date of this Privacy Notice and their respective privacy statements are:
Facebook : https://www.facebook.com/privacy/explanation
Opting out of Social Media Advertisements
We use online advertisements to promote our services to social media users on Facebook, Instagram. If you prefer not to see our advertisements on these social media platforms, you can opt out using by adjusting your advertisements preferences for Facebook and Instagram on: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
Please note that to opt out of receiving marketing emails direct from us you will also need to use the unsubscribe link in the footer of our emails.
We use Facebook pixels on our pages. Pixels are lines of code placed on our websites to help us track conversions from Facebook advertisements, optimise advertisements based on collected data, and build targeted audiences.
Who do we share your information with?
We may share your personal data with the following third parties for the purposes set out in the table above:
Our partner companies, Dotted Lines Events, Dotted Lines Consulting, Get Dotted Events
Event venues, caterers and other event suppliers or other carefully selected suppliers who provide their services in relation to the delivery of the event.
Financial or payment processors where you are trying to arrange a payment to or from us
Marketing providers and advisers acting for us
Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.
We only transfer personal information that is relevant for them to fulfil their services and these third parties are required to respect the security of your personal data and treat it in accordance with the law. We do not allow them to use your personal data for their own purposes unless it is incidental to the services they are providing to you at our request.
Whenever we transfer your personal data out of the European Economic Area (EEA), we ensure a similar degree of protection is afforded, for example by ensuring that country has been deemed to provide an adequate level of protection for personal data by the European Commission, using specific contracts approved by the European Commission, or where ensuring that they are part of the Privacy Shield (in the USA).
We use third party processors to collect, export, process and store Personal Data on our behalf. The processors we use currently are the following:
Customer Relationship Management (CRM) Tools:
Microsoft Exchange, https://privacy.microsoft.com/en-GB/privacystatement
Social Media Platforms:
Instagram, some data centres located in the U.S. Privacy Shield Certified.
Facebook: some data centres located in the U.S. Privacy Shield Certified. https://www.facebook.com/privacy/explanation
Web Management Tools
Wix: located in the U.S. Privacy Shield Certified. https://www.wix.com/about/privacy
Google Analytics: located in the U.S. Privacy Shield Certified. https://www.google.com/policies/privacy/
How do we keep your information secure?
We treat your data with the greatest care and that includes ensuring it is kept securely. We have created processes and taken all reasonable steps to ensure that your data is treated securely, in order to prevent your data being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In certain situations, we use encryption for the storage and transfer of data and in other situations we use password protection. We ensure that employees only have access to your data if it is required for them to complete their job. If we become aware of a data breach, we will notify the Information Commissioner's Office in a timely manner. We will also notify you if we believe a serious breach has occurred.
We regularly review our security systems to ensure that your Personal Information remains safe and secure, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
How long do we keep your data for?
Under data protection laws, we cannot retain your personal data in a form that identifies you for longer than is necessary to fulfil the purposes for which we collected it. This may include for the purposes of satisfying any legal, accounting or reporting requirements.
We usually store personal data for 6 years, but there may be occasions where we need to store it for longer or shorter periods. In order to determine for how long we store your personal data, we take into consideration why we need to continue to store your personal data, whether we can achieve the same result without having access to your data, and what the potential risk is if there is a data breach that affects your data.
If you have not opened any email communication from us or interacted in any other way with our brands for 36 months we will regard you as an inactive subscriber and delete your details from our records except where retention is necessary to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees.
Occasionally we may anonymise data which means that it is no longer associated with you. We do this for statistical or research purposes so we can improve the services we offer you. We can use anonymous data indefinitely without further notice to you.
Your Rights in Relation to Personal Data
You have the right to update and correct the personal information on your account. You also have the right to request from us all personal information that we hold that relates to you, to request restriction of the processing of that data and to request that we delete that data. We may require you to provide us with appropriate identification before we comply with this request. You also have the right to object to our continued processing of your personal data. You may also have the right to data portability. If you have a complaint about the way in which we use your personal information you have the right to complain to the relevant regulator in your jurisdiction.
Opting out of Marketing
You can unsubscribe from our marketing communications at any time by following the link in the footer of the last email you received from us or by sending your request with detailed instructions to email@example.com.
To exercise any of the rights set out above, please contact us at firstname.lastname@example.org. We will respond to a request from you to exercise your rights within 1 month of receipt, but it might take longer if your request is particularly complex or if you have made a number of requests.
Please be aware that we may need to process your personal data and/or request specific information from you to help us comply with your request. You are not required to pay any charge for exercising your rights.
You also have the right to complain to the Information Commissioner's Office, the UK supervisory authority for data protection issues. Before exercising this right, we encourage you to contact us first to resolve any complaint you may have, although this is not legally required. More details can be found on the ICO website.
What about changes to this policy?
We may from time to time update this policy to reflect any changes to the way we manage your personal data, and/or to reflect any legal requirements. When we make any changes, a new version will be uploaded to our sites and takes effect as soon as it is uploaded.
This policy was last amended on 07th July 2020