Personal information is obtained from:

• Names of employees of client companies and their company emails and telephone numbers

• Company telephones and addresses

• Screener information if shared by client. This data is stored temporarily for the duration of the contract and then deleted.

No personal information will be passed on to any third party without permission

 

Definition
What data are considered to be personal and sensitive?
The GDPR definition of ‘personal data’ is:

• The GDPR defines personal data as ‘any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person; (Article 4)

• Personal data may be made up of more than one piece of information e.g. a job title and a place of work together could identify an individual.

​

☐ Linstead Analytics Ltd has reviewed the purposes of processing activities, and selected the most appropriate lawful basis (or bases) for each activity.

​

☐ Linstead Analytics Ltd has checked that the processing is necessary for the relevant purpose, and is satisfied that there is no other reasonable and less-intrusive way to achieve that purpose.

​

☐ Linstead Analytics Ltd has documented our decision on which lawful basis applies to help  demonstrate compliance.

​

☐ Linstead Analytics Ltd has included information about both the purposes of the processing and the lawful basis for the processing in our privacy notice.

​

☐ Where Linstead Analytics Ltd processes special category data, it has also identified a condition for processing special category data, and have documented this.