How we handle information
From contact details to your confidential records, in this section we’ll take you through the various ways we look after that information.
For information, this relates to the handling of information by Lighthouse IG Ltd, Registered in England & Wales, Company Number 12289984, Registered Office: Lime House, 75 Church Road, Tiptree, Essex CO5 0HB.
We are also registered with the Information Commissioner’s Office under registration number ZA360523.
In order to work with you we may have the following information at any given time. This will be known to you before we have it.
- Personal Data on you or your staff
- Personal Data on your customers/citizens
- Business Confidential Data
- Operational Confidential Data
Where possible all the data we have is electronic. Physical copies are discouraged however where this does occur they are handled to the same high standards.
There are occasions where we need to use your information in order to;
- Contact you and discuss a service with your consent or as part of the contract
- Send you promotional material with your consent, including our blog posts
- Work with you to resolve a customer query, complaint or data issue as part of the contract
- To administer your attendance at a webinar or other online event with your consent (free ones) or contract (paid ones)
- For my own legal and accounting obligations
In so far as possible we ensure that information is either kept within the United Kingdom or the European Union. We have technology that utilises both UK and EU servers. If any information needs to leave either of these locations we will discuss this with you before it does.
In short, as short a time as is possible and necessary. As a summary;
- General correspondence = 1 month from date created
- Contracts = 7 years from delivery date
- Advice and guidance = 7 years from case closure
- Accounting information = 6 years from accounting year end
- Webinar registration information = 5 days after event has occured
- Training materials and templates = until superseded unless otherwise agreed
Put simply, no. Your information is not used for analytical or machine learning related purposes. The tools we use to run the company and deliver our services are very ‘every day’ and simple. If this ever changes, we will consult you beforehand.
We deploy a number of things to look after and protect the data within our care. This includes (but isn’t limited to) the following;
- High standard passwords
- 3 factor authentication on key systems
- Encryption of remote devices
- VPN for remote working
- Contracts with third parties
- External review and advice on security controls
- Clear policies and training
- Access controls (internal and external)
Where possible, only Lighthouse IG will have routine access to your data. However, for reasons like IT maintenance and accounting third parties may access your information on occasion. Further details are below for your reference.
You have a number of rights over your data depending on what the data is and why we are holding it. If we can honour your request we will. To find out what we have or exercise any rights over your information please contact email@example.com.
Our suppliers and partners
Lighthouse IG acts as a processor for the delivery of Act Now online and face-to-face courses. As a processor, we are bound by a contract with Act Now and handle information in accordance with their expectations.
Lighthouse IG acts as a processor for the delivery of Essex Chambers of Commerce face-to-face courses. As a processor, we are bound by a contract with Essex Chambers of Commerce and handle information in accordance with their expectations.
We work with YorCyberSec on occasion to deliver products and services to mutual clients. Where we do so, we handle information in accordance with that engagement contract.
Cloud-Tree are responsible for running my accounts and nook keeping. This may require on occasion the need to be exposed to your information. This is only on a case by case basis and as a processor, Thompson Reid is bound to handle that information in a confidential manner.
Cloud-Tree are responsible for hosting and supporting our IT software and tools. This may require on occasion the need to be exposed to your information. This is only on a case by case basis and as a processor, Cloud-Tree is bound to handle that information in a confidential manner.
Hiscox Insurance provide our business insurance and legal advice services. This may require on occasion the need to be exposed to your information. This is only on a case by case basis and as a separate controller, Hiscox is bound to handle that information in a confidential manner.