Who are we

Ark Workplace Risk Ltd (“Ark”, “we”, “us” or “our”) is the data controller responsible for your personal data. This means we determine how and why your personal data is processed.

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us using the details set out below.


Ark Workplace Risk Ltd – Registered Office:

Warnford Court, 29 Throgmorton Street, London EC2N 2AT


What information do we collect about you?

We collect information about you when you agree to any of our contracts, IT products or services. We also collect information when you enter into communication with us.

Categories of Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity data (e.g. name, job title)
  • Contact data (e.g. email address, telephone number)
  • Technical data (e.g. IP address, browser type)
  • Usage data (e.g. how you use our website and services)
  • Communication data (e.g. enquiries and correspondence)

We may also receive personal data from third parties where you have authorised this or where it is necessary for the provision of our services.

 

Lawful Basis for Processing

We process personal data under one or more of the following lawful bases:

  • Contract – where processing is necessary to perform a contract with you
  • Legal obligation – where we are required to comply with legal or regulatory requirements
  • Legitimate interests – where processing is necessary for our legitimate business interests, provided your rights do not override those interests
  • Consent – where you have given clear permission (for example, in relation to marketing communications)

Where we rely on consent, you may withdraw your consent at any time.

 

How We Use Your Personal Data

We use personal data for the following purposes:

  • to manage customer accounts and provide services
  • to communicate with you
  • to comply with legal and regulatory obligations
  • to prevent and detect fraud and crime
  • to improve our products and services
  • to conduct analytics and business insight
  • to send marketing communications where permitted by law or where you have consented

Each of the purposes set out above is supported by one or more of the lawful bases described in the “Lawful Basis for Processing” section.

 

Disclosure

We may share personal data with third-party service providers, professional advisers, and regulators where necessary for the purposes set out in this policy or where required by law.

All such third parties are required to respect the security of your personal data and to process it in accordance with applicable data protection laws.

International Data Transfers

Where personal data is transferred outside the United Kingdom, we ensure that appropriate safeguards are in place, such as UK International Data Transfer Agreements or transfers to countries deemed to provide an adequate level of protection.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying legal, accounting or reporting requirements.

In some cases, we are required to retain certain records for up to 6 years to comply with legal and regulatory obligations.

Where data is no longer required, it will be securely deleted or anonymised.


Security of Your Personal Data

We implement appropriate technical and organisational measures to protect personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage.


Monitoring

We may monitor or record telephone calls for training, quality assurance and other business purposes.


Cookies

Our website uses cookies and similar technologies to distinguish you from other users, improve your experience and analyse how the website is used.

We use a cookie consent mechanism which allows you to accept or reject non-essential cookies. Non-essential cookies are only placed on your device where you have provided your consent.

You can manage your cookie preferences at any time through the cookie consent tool available on our website.

Strictly necessary cookies may be placed without consent where they are required for the operation of the website.


Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be published on this page and, where appropriate, notified to you.


Marketing Communications

We may use your personal data to send you information about our products and services where permitted by law or where you have provided your consent.

You can opt out of receiving marketing communications at any time by contacting us using the details below or by using the unsubscribe option in our communications.


Access to Your Personal Data

You have the right to request a copy of the personal data we hold about you. This is commonly known as a Data Subject Access Request.

To make a request, please contact us using the details below. We may require proof of identity before providing the requested information.

Email:   dataofficer@arkworkplacerisk.com

 

Your rights

The right to be informed

As a data controller, we are obliged to provide clear and transparent information about our data processing activities. This is provided by this Privacy Policy.


The right of access

You may request a copy of the personal data we hold about you free of charge. Once your identity has been verified, or if relevant; the authority of any third-party requester, we will provide access to the personal data we hold about you.


The right to rectification

When you believe we hold inaccurate or incomplete personal information about you, you may exercise your right to correct or complete this data. This could include preventing use of any such data until it is complete or corrected.


The right to erase your personal data – the ‘right to be forgotten’.

Where no legitimate reason or legal requirement continues to exist for processing personal data, you may request that we delete the personal data.


The right to restrict processing

You may ask us to stop processing your personal data. We will still hold the data, but will not process it any further. This is an alternative to the right of erasure.


The right to data portability

You may request your set of personal data be transferred to another controller or processor and provided in a commonly used and machine-readable format. The right is only available if the original processing was on the basis of consent, the processing is by automated means and if the processing is based on the fulfilment of a contractual obligation.

 

Contact Us

Any comments, questions or suggestions about this privacy policy or our handling of your personal data should be emailed to dataofficer@arkworkplacerisk.com

Alternatively, you can contact us at the postal address, email address or telephone number below.

The Data Officer, Ark Workplace Risk Ltd, Warnford Court, 29 Throgmorton Street, London EC2N 2AT

dataofficer@arkworkplacerisk.com

+ 44 (0)20 7397 1450

 

Complaints

Should you feel unsatisfied with our handling of your data, you are entitled to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection matters. Further information can be found at https://ico.org.uk