Data protection privacy policy

This Privacy Policy (the Policy) describes how Pixl8 Group Limited (Pixl8) collects, uses, stores and shares the information you provide to us and the information we collect in the course of operating our business and our website.

Our registered office is at 111 Queens Road, C/O Atek Accounting Solutions Ltd, Weybridge, KT13 9UN, United Kingdom. W are a company incorporated in England and Wales (Company Number 04336501). Principal place of business: Pixl8, Suite 1, Scott House, The Concourse, Waterloo Station, London SE1 7LY, United Kingdom.

We are registered as a data controller with the Information Commissioner's Office (ICO), Registration Number ZA180756.

This Policy applies to Pixl8 Group Limited and its subsidiaries. Where we process personal data of individuals in the EU, both UK GDPR and EU GDPR may apply and we comply with both frameworks where relevant.

We may revise this Policy at any time by amending this page. We encourage you to check this page from time to time to take notice of any changes we make, as they are binding on you.

Responsibility for data protection compliance sits with our ISMS team. Please use [email protected] for all data protection enquiries.

This Policy describes:

The information that we collect
How we use the information we collect
How we share the information with third parties
Keeping your information and information security
Your choices and rights
Cookies
How to contact us and other important information

The information that we collect and where we get it from

"Personal information" is any information that can be used to identify you or that we can link to you and which we have in our possession or control – i.e., data we collect from you, the way in which it is collected and the purposes for which it is collected and used.

We will collect and process the following personal information about you:

Information that you provide to us

We will process personal information that you give to us including when you email us or contact us through various channels as follows:

Signing up for services on our site: when you sign up for newsletters or or when you contact us with queries or respond to our communications the personal information you provide may include your full name, job title, telephone number, email address and content, date and time of your correspondence and information about your business.
In connection with our provision of customer services: if you are a customer of Pixl8, you will provide us with personal information when you or the organisation you represent becomes a client. If you are not a client, we may collect or receive your personal information because you are involved in one of our client’s matters.
If you apply for a position with us, we may collect personal information including your name and contact details, as well as infomration relating to past employment, qualifications and education. This may be suplemented by information from background screening providers where applicable, opinions from third parties about you, employment history and other details about you.

Information we otherwise collect about you

We will also collect information about when you use our services or when we otherwise interact or correspond with you. We use various technologies to collect and store information when you visit our website. We may, for example, collect information about the type of device you use to access the website, your IP address and your geographic location, the operating system and version, your browser type, the content you view and features you access on our website, the web pages and the search terms you enter on our website. For information about how we use Cookies and the choices you may have, please see our Cookies Policy.

In order to facilitate sound information security practices our technical solution providers record interactions with this website in the form of Website server logs, this records your remote IP Address, the resources accessed on our website, date/time and your browser information. This information will be retained for up to 12 months to support our efforts in auditing and to safeguard our website.

Information we obtain from other sources

If we collect or receive your personal information in the context of our provision of customer services, we might receive information from third parties such as your organisation, other parties relevant to the services we are providing (e.g., a colleague might request sign-up for you for CMS or Support access) and others such as consultants as part of vendor selection. That information could include your name, contact details, employment details and other information relevant to the services that we are providing to our clients.

How we use the information we collect

We may use your personal information for the following purposes [and lawful basis]:

to provide services to the relevant customer or organisations, website operation and improvement [Contract / Legitimate interest]
to engage in activity in relation to our customer services. This may include sending you newsletters, updates, event invitations and other information that may be of interest to you [Consent]
where you have applied for a position with us, to review and process your job application [Pre-contractual steps / Legitimate interests]
to comply with legal or regulatory obligations that we must discharge [Legal obligation]
to establish, exercise or defend our legal rights, or for the purposes of legal proceedings [Legitimate interests / Legal obligation]
log your use of our website or our other online services for our own legitimate business purposes, which may include the analysis of usage, measurement of site performance, generation of reports [Legitimate interests]
to look into any complaints or queries you may have [Legitimate interests]
to prevent and respond to actual or potential fraud or illegal activities [Legitimate interests / Legal obligation]
to collate, process and share any statistics based on an aggregation of information held by us, provided that any individual is not identified from the resulting analysis and the collation, processing and dissemination of such information is permitted by law [Legitimate interests]

Grounds for using your personal information

We rely on the following legal grounds to process your personal information, namely:

Performance of a contract - we may need to collect and use your personal information to enter into a contract with you or to perform our obligations under a contract with you.
Legitimate interests - we may use your personal information for our legitimate interests, some examples of which are given above.
Compliance with law or regulation - we may use your personal information as necessary to comply with applicable laws/regulations.
Consent - we may (but usually do not) need your consent to use your personal information. Where we rely on consent (eg. for marketing emails), you may withdraw that consent at any time by clicking "unsubscribe" or by contacting us (see below). Withdrawal does not affect the lawfulness of prior processing.

Automated decision-making and profiling

We do not carry out automated decision-making or profiling that produces legal or similarly significant effects on individuals (Article 22 UK GDPR / EU GDPR). If this changes, we will update this Policy and take appropriate steps including obtaining explicit consent where required.

How we share information with third parties

We share personal information with our offices around the world and the various companies and entities that make up our global network. As a result, your personal information may be transferred to locations outside Europe as well as within it for the purposes described above.

We do not sell your personal information to third parties. We do not share your personal information with third parties for their own marketing purposes.

We may also share your personal information outside Pixl8. This may include:

Third party agents/suppliers or contractors, bound by obligations of confidentiality, in connection with the processing of your personal information for the purposes described in this Policy. This may include, but is not limited to, IT and communications service providers.
Third parties relevant to the services that we provide. This may include, but is not limited to, counterparties to litigation, professional service providers, regulators, authorities and governmental institutions.

International transfers of personal data

Where we transfer personal data outside the UK, we rely on one or more of the following safeguards:

Adequacy decisions made by the UK Secretary of State
UK International Data Transfer Agreements (IDTAs) or the UK Addendum to the EU Standard Contractual Clauses, as issued by the ICO
Other lawful transfer mechanisms permitted under UK GDPR

Where we transfer personal data from our EU operations outside the EEA (EU Member States and Iceland, Liechtenstein and Norway), we rely on EU adequacy decisions or EU Standard Contractual Clauses (2021) approved by the European Commission.

We may transfer data that we collect from you to third-party data processors in countries that are outside the EEA such as Australia or the USA. This might be required, for example, in order to fulfil your service, process your payment details or provide support services. If we do this, we have procedures in place to ensure your data receives the same protection as if it were being processed inside the EEA. For example, our contracts with third parties stipulate the standards they must follow at all times. Any transfer of your personal data will follow applicable laws and we will treat the information under the guiding principles of this Privacy Notice.

You may request details of the specific transfer mechanism in place for any given transfer by contacting us.

Keeping your information and information security

How long we hold your personal information for will vary and will depend principally on:

the purpose for which we are using your personal information - we will need to keep the information for as long as is necessary for the relevant purpose, and
legal obligations - laws or regulation may set a minimum period for which we have to keep your personal information.

Retention schedule as follows:

Client contact and project records = 7 years from end of client relationship
Prospect / marketing records = 3 years from last interaction or until consent withdrawn
Unsuccessful job applicants = 6 months from notification of outcome
Employee records = 7 years from end of employment
Website server logs = 12 months (unchanged from original)
Cookie consent records = 3 years
Correspondence and enquiries = 3 years from resolution

We will ensure that the personal information that we hold is subject to appropriate security measures.

Your choices and rights

You have a number of legal rights in relation to the personal information that we hold about you and you can exercise your rights by contacting us using the details set out below.

These rights include:

Obtaining information regarding the processing of your personal information and access to the personal information which we hold about you.
Please note that there may be circumstances in which we are entitled to refuse requests for access to copies of personal information. In particular, information that is subject to legal professional privilege will not be disclosed other than to our member and as authorised by our member.
Requesting that we correct your personal information if it is inaccurate or incomplete.
Requesting that we erase your personal information in certain circumstances. Please note that there may be circumstances where you ask us to erase your personal information but we are legally entitled to retain it.
Objecting to, and requesting that we restrict, our processing of your personal information in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict, our processing of your personal information but we are legally entitled to refuse that request.
In some circumstances, receiving some personal information in a structured, commonly used and machine-readable format and/or requesting that we transmit such information to a third party where this is technically feasible. Please note that this right only applies to personal information which you have provided to us.
Withdrawing your consent, although in certain circumstances it may be lawful for us to continue processing without your consent if we have another legitimate reason (other than consent) for doing so.
Lodging a complaint with the relevant data protection authority, if you think that any of your rights have been infringed by us. We encourage you to contact us in the first instance so we can try to resolve your concern directly.
- UK residents: You have the right to complain to the Information Commissioner's Office (ICO). Website: www.ico.org.uk | Helpline: 0303 123 1113
- EU residents: You have the right to complain to the supervisory authority in your EU member state of habitual residence or place of work. A list is available at www.edpb.europa.eu.

Cookies

Click here for our Cookie Policy.

How to contact us and other important information

If you would like further information on the collection, use, disclosure, transfer or processing of your personal information or the exercise of any of the rights listed above, please contact us. You can do this by writing to us at:

Pixl8 – [email protected]

Pixl8 Customer service team – Pixl8, Suite 1, Scott House, The Concourse, Waterloo Station, London SE1 7LY, United Kingdom