Community Compass
Privacy Policy
Important information about us
When you deal with the Community Compass you trust us with your information. We take privacy seriously and we are committed to protecting your personal data. This notice explains when and why we process your personal data, how this data is used, the conditions under which it may be disclosed to others and how it is kept secure. This notice may change sometimes, so please revisit this page occasionally to ensure you are happy with any changes.
Type of personal data we process about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
The information you give to Community Compass includes your contact data (email address), identification information, first name & surname, your interests (to drive the content you see) & your profile picture.
How we collect your personal data
Information that you give to us
You provide information about yourself when you register with Community Compass or by communicating with us by phone, post, email, live chat, social media or otherwise. You may also give us your personal information during a matter in which CFG are acting for you.
The information you give to Community Compass includes your contact details (email address), identification information, first name & surname, your interests (to drive the content you see) & your profile picture.
Information we receive from other sources
We may supplement the personal data collected about you with information from publicly available sources, such as information to validate your identity.
Information we collect about you via automated technologies or interactions
We may automatically collect information about you that we may observe, detect or create without directly asking you to provide the information to us. In common with most other businesses, this will include information gathered automatically through your use of the application social features including; likes, comments or social posts.
How and why we use your personal data
We will only use your personal information when the law allows us to, most commonly this will be:
- Where we have a legitimate business interest in doing so which is not overridden by your interests
- Where it is necessary for us to perform a contract with you
- Where you have provided consent
- Where required by law
- Where doing so is necessary to protect your vital interests or someone else’s
Others who may receive or have access to your personal data
In providing services, operating our business and in complying with our legal obligations, we may share the personal data we obtain about you, in so far as we are permitted with the following:
Our suppliers and service providers
We rely on third parties to provide services to us (such as IT services) who operate as processors of your personal data on our behalf. Where we engage data processors, we ensure they are obliged to treat your information in accordance with the law.
Our work for you, or a client, may require us to provide information to third parties who will use your information for the purposes of providing services to us or directly to you on our behalf. Such third parties may include, for example, our partner Engage Solutions Group. ESG are software developers who provide to platform CFG developed to launch Community Compass.
Other ways in which we may share your personal data
We may transfer your personal data to a third party as part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or reorganisation. We may also transfer your personal data if we are under a duty to disclose or share it to comply with any legal obligation, to detect or report a crime, to protect your vital interests, to enforce or apply the terms of our contracts or to protect the rights, property or safety of our visitors and clients. However, we will ensure that your privacy rights continue to be protected.
Where we store your personal data
All information you provide to us for our use is stored on our secure servers, which are located within the UK and the European Economic Area (EEA).
How long we will keep your personal data for
If we collect your personal data, the length of time for which we retain it is determined by a number of factors including the type of data, the purpose for which we use it and our regulatory and legal obligations attached to its use.
For Community Compass app only users, personal information will only be retained for so long as reasonably necessary. You can request deletion of your account and personal details from Community Compass by using the Request Account Deletion form which can be found in App Support on the application.
For client and customer data typically, we retain it for a minimum of 6 years in case of queries of claims. We consider legal and regulatory requirements when we decide whether to retain personal data for longer than this period.
The only exceptions to this are where:
- the law requires us to hold your personal data for a longer period or to delete it sooner;
- you exercise your right to have the data erased (where it applies) and it is not necessary for our firm to hold it in connection with any of the reasons permitted or required under the law (see ‘Erasing your personal data or restricting its processing’); or
- in limited cases, the law permits us to keep your personal data indefinitely provided we have certain protections in place.
We maintain internally a full schedule of types of data and the specified period we will retain this for.
If your data is used for research or statistical purposes this will be strictly anonymised, Where it arises this data could be used indefinitely without further notice.
Your rights
You have various rights in relation to your personal data under data protection legislation. In relation to certain rights, we may ask you for information to confirm your identity and, where applicable, to help us to search for your personal data. You can exercise your rights as an individual by emailing us at the address given at the end of this policy. For such requests we will work to respond to requests within 30 days.
Accessing your personal data
You have the right to ask for a copy of the data that we hold about you. This right always applies. In some circumstances, we may not provide you with a copy of your personal data but we will explain why we are unable to provide the data if an exemption applies.
Correcting and updating your personal data
You have the right to ask us to correct information we hold that you think is inaccurate or incomplete. This right always applies.
Withdrawing your consent
Where we rely on your consent as the legal basis for processing your personal data, as set out under ‘How we use your personal data’, you may withdraw your consent at any time by emailing us at communitycompass@cfglaw.co.uk (please use ‘Withdrawal of consent’ as the subject heading of your email).
If you withdraw your consent, our use of your personal data before you withdraw your consent is still lawful.
Erasing your personal data
In certain circumstances, you may ask for your personal data to be removed from our systems. Provided we do not have any continuing lawful basis to continue processing or holding your personal data, we will make reasonable efforts to comply with your request.
Restricting or objecting to processing of your personal data
You may also ask us to restrict processing your personal data where you believe our processing is unlawful, you contest its accuracy, you have objected to its use and our investigation is pending, or you require us to keep it in connection with legal proceedings. We may only process your personal data while its processing is restricted if we have your consent or are legally permitted to do so, for example for storage purposes, to protect the rights of another individual or company or in connection with legal proceedings. You also have a right to object to the processing of your data, for example for marketing purposes.
Data portability
Where you have provided information to us direct, you have the right to ask us to transfer the information you gave us from one organisation to another or give it to you. This only applies where we are relying on your consent or performance of a contract as a legal basis for our processing.
We may not provide you with a copy of your personal data in certain circumstances, but we will explain why we are unable to provide the data.
Complaining to the UK data protection regulator
You have the right to complain to the Information Commissioner’s Office (ICO) if you are concerned about the way we have processed your personal data. Please visit the ICO’s website (ico.org.uk) for further details. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
If you fail to provide personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with services). In this case, we may have to cancel a service you have with us but we will notify you if this is the case at the time.
Your duty to inform us of changes
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
How we keep your data secure
Once we have received your personal data, we have in place reasonable and appropriate controls to ensure that it remains secure against accidental or unlawful destruction, loss, alteration, or unauthorised access. You should note that the transmission of information via the internet is not completely secure. Although we will take steps to protect your personal data, we cannot guarantee the security of your data transmitted to our application, and any transmission is at your own risk.
We limit access to personal information to employees, agents, contractors (or similar) who have a business purpose to access it.
Where we have given you (or where you have chosen) a password that enables you to access any of our online or electronic resources, you are responsible for keeping this password confidential. We advise you not to share your password with anyone.
Cookies
Like many other applications, our application uses cookies. Cookies are small pieces of information sent to your device and stored to allow our application to recognise you when you visit.
engage_esp_session
This is stored to help identify the user-specific information while browsing the content available within the app, and helps us to identify the content relevant to you. It is required to reduce additional network requests that would otherwise be needed to display this content.
tenant_id
This is stored to help easily identify the resources required by the app and is stored to reduce network requests that would be required to get this information otherwise.
Marketing communications
We will only email you about our products and services where we have an appropriate legal basis to do so.
If you are an individual consumer of legal services, we will email you because you have asked to receive information about our products or services by email, or because you have previously received or shown an interest in our products or services and not objected to us contacting you.
If you are a business client or prospective business client, we rely on our legitimate interests to send marketing information to you by email. We are keen to only send you information of interest and we will ask you what kinds of information you want to receive from us.
Whatever our legal basis for sending you information about our products or services by email, you have the right to opt out at any time by clicking on the opt out link in the email or by contacting us as the details given in this privacy notice.
Third-party links
Our application may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you.
End Users who access the website content of, correspond with, and purchase products and services from, third parties via third-party websites and that they do so solely at their own risk. We make no representation or commitment and shall have no liability or obligation whatsoever in relation to the content or use of, or correspondence with, any such third-party website, or any transactions completed, and any contract entered by an End User, with any such third party.
It’s recommended that End User’s refer to the third party’s website terms and conditions and privacy policy prior to using the relevant third-party website. Engage does not endorse or approve any third-party website nor the content of any of the third-party website made available via the Services
Contact us
This Privacy Policy was last updated on 1st September 2024. Historic versions of this Privacy Policy are available on request where applicable. For further information or questions regarding this policy, please contact us at communitycompass@Cfglaw.co.uk.