Privacy Policy
Last Updated – April 2023, Version 3.1
Who are we?
MoverAlerts is a wholly-owned subsidiary of TwentyCi Limited, company registration number 06943607, and our registered address is 8 Whittle Court, Knowlhill, Milton Keynes, MK5 8FT. (“We”, “Us”).
We comply with the relevant data protection regulations and are registered with the Information Commissioners Office under numbers Z2201604 and we are members of the Direct Marketing Association. Our Group Data Protection Officer is Colin Bradshaw and can be contacted at the above address, via enquiries@moveralerts.co.uk or dataprotection@twentyci.co.uk, alternatively by telephone on 01908 829300.
What this privacy policy covers
This policy applies to www.moveralerts.co.uk (“website”) and our day-to-day business operations. This policy covers what data we may collect about you, how we use it, your rights, and how you can exercise them. If you have received a marketing message from one of our Clients and would like to know more, this is covered under a different policy, which you can find here, by contacting us via enquiries@moveralerts.co.uk or to opt-out of these marketing communications click here. Any links from our website to third-party sites are not subject to this privacy policy so please make sure you read the privacy policy of those websites before you progress, we cannot accept any responsibility or liability for those third-party websites.
What information do we collect?
- Contact details – This is basic personal data which may include name, email address, telephone number, organisation name & address and your job title.
- Contact history – This is a record of what communications or telephone calls we may have sent or made to you.
- Website Information – If you complete any enquiry form or click on an email we have sent you, we will record that you have done so. If you then later engage with any content on our website, we will know that you have done so.
- Tracking – We may track who has opened and clicked the email messages that we send which is at a personal level (e.g. we know WHO has specifically carried out this action).
- Video content – If you’re using our video recruitment tool, we will use this content as part of our recruitment process.
Where do we collect your information from, what is our lawful basis for doing so and what is the purpose for the processing?
We may collect your personal information from a range of sources and this table explains them: –
Source | Lawful Basis | Purpose | Retention Period | GDPR Article Reference |
---|---|---|---|---|
Legitimate Interest | Prospecting our goods and services or business networking | For as long as prospecting and business networking requirement needs | Article 6(1)(f) | |
Trade Shows & Events | Legitimate Interest | Prospecting our goods and services | For long as prospecting and business networking requirement needs | Article 6(1)(f) |
Our Website | Legitimate Interest / Consent / Contract | Prospecting our goods and services, dealing with your enquiry | For long as prospecting and business networking requirement needs | Article 6(1)(f) / Article 6(1)(a) / Article 6(1)(b) |
General Networking | Legitimate Interest | Prospecting our goods and services | For long as prospecting and business networking requirement needs | Article 6(1)(f) |
Clients (Current / Lapsed) | Legitimate Interest / Contract | Client management, contract delivery & client development | For long as prospecting and business networking requirement needs | Article 6(1)(f) / Article 6(1)(b) |
Desk Based Research | Legitimate Interest | Prospecting our goods and services | For long as prospecting and business networking requirement needs | Article 6(1)(f) |
BAR Membership | Legitimate Interest | Prospecting our goods and services | For long as prospecting and business networking requirement needs | Article 6(1)(f) |
Suppliers (Current / Lapsed) | Legitimate Interest / Contract | Management of supply of goods & services | 7 years post contract termination | Article 6(1)(f) / Article 6(1)(b) |
Recruitment | Contract | Recruitment | 36 months | Article 6(1)(b) |
Suppressions / Opt-Outs | Legal Obligation | To honour your request to opt-out of communications | Indefinite | Article 6(1)(c) |
Who do we share your details with?
- Our Group Companies – TwentyCi, TwentyCi Data, TwentyEA, View My Chain, TwentyCi Asia, TwentyConvey.
- Our Service Providers – We may provide your information to third parties who provide systems or services to assist with our business operations. For example, email marketing, CRM system providers, print & mailing house for direct mail campaigns. Where we do employ a third-party data processor this is ALWAYS under a written contract as is required under Article 28 of the GDPR.
- Regulatory Bodies – on rare occasions we may be asked to share your information with regulatory bodies who are investigating a complaint on your behalf.
Do we use Cookies?
Yes, we use cookies on our website which help us to deliver a better website experience. Below is a table of all cookies used:
Cookie Name | Provider | Cookie Classification (See "Classification Notes" tab) | Function (what does it do) | 1st / 3rd party | Expiration Date |
---|---|---|---|---|---|
__cfduid | hsforms.com (Hubspot) | Strictly Necessary Cookies | Used by the content network, Cloudflare, to identify trusted web traffic | 3rd | 1 year |
_ga | Performance Cookies | Registers a unique ID that is used to generate statistical data on how the visitor uses the website. | 3rd | 2 years | |
_gat | Performance Cookies | Registers a unique ID that is used to generate statistical data on how the visitor uses the website. | 3rd | 1 day | |
_gid | Performance Cookies | Registers a unique ID that is used to generate statistical data on how the visitor uses the website. | 3rd | 1 day | |
_hjid | Hotjar | Performance Cookies | Sets a unique ID for the session. This allows the website to obtain data on visitor behaviour for statistical purposes | 3rd | 1 year |
_hjIncludedInSample | Hotjar | Performance Cookies | Determines if the user's navigation should be registered in a certain statistical placeholder. | 3rd | Session |
collect | Performance Cookies | Used to send data to Google Analytics about the visitor's device and behaviour. Tracks the visitor across devices and marketing channels. | 3rd | Session | |
embed/v3/timings.gif | forms.hsforms.com (Hubspot) | Targeting or Advertising Cookies | Collects data on visitors' preferences and behaviour on the website - This information is used to make content and advertisement more relevant to the specific visitor. | 3rd | Session |
intercom.played- notifications | Intercom | Strictly Necessary Cookies | Used by the website to determine which support notifications the user has been shown. This is in charge of all notifications for the messenger. Sounds | 3rd | Session |
intercom-id-zkazk9kc | Intercom | Strictly Necessary Cookies | Anonymous visitor identifier cookie. This identifies the workspace in Intercom that the pixel is tracking for | 3rd | 270 days |
intercom-state-zkazk9kc | Intercom | Strictly Necessary Cookies | Stores data for the support chat widget | 3rd | Persistent |
moveralerts_session | TwentyCI | Strictly Necessary Cookies | Used to identify a session instance by ID. The name specified here will get used every time a new session cookie is created by the framework for every driver. | 1st | Session |
XSRF-TOKEN | TwentyCI | Strictly Necessary Cookies | Ensures visitor browsing -security by preventing cross-site request forgery. | 1st | 1 day |
You can read more about the cookies here. You can disable any cookie, which is not classified as Strictly Necessary, within your Internet Browser.
What are your rights?
Under the data protection regulations, you have several rights as the data subject, the following section outlines these rights & how you can exercise them.
- Right to be informed
- When we collect your information or within a reasonable period after collecting your information, we must tell you about the collection and use of your information. The information we must provide you with includes, our purpose, lawful basis, retention periods, who we intend to share it with and your rights.
- We must provide this in plain English.
- Right to access
- You have the right to request access to the personal data that we process about you.
- We must provide this free of charge. However, we can charge a ‘reasonable fee’ when a request is manifestly unfounded or excessive, particularly if it is repetitive.
- Right to rectification
- You have a right to have inaccurate personal data rectified or completed if it is incomplete.
- Right to erasure
- This gives you the right to request that we erase your information from our systems under certain circumstances.
- This is not an absolute right to have your data erased and can be a bit confusing, for example, if you are a supplier of goods and services to us, we need to process your information so that we can pay you. You can read more about when this right applies here.
- If you have asked us to stop sending you marketing messages, to honour this request, we need to maintain a suppression file and we will do this under a legal obligation in line with data protection and PECR regulations – if we did not retain this suppression file, we may collect your data via another source and you may start getting marketing messages again.
- If we do not believe that we need to comply with your request, we will explain why.
- Right to restrict processing
- You have the right to request the restriction or the suppression of your data, again it only applies in certain cases and is an alternative to the “Right to erasure”. You can read more about this right here.
- Right to data portability
- This right would be highly unlikely to apply to TwentyCi and the data it holds about you. It would most likely apply in situations like switching banks and utility providers for instance. This right only applies where the following conditions have been met: –
- you provided the personal data to the data controller (TwentyCi)
- where our lawful basis (see table above) is based on your consent or contract; and
- is processed by automated means.
- This right would be highly unlikely to apply to TwentyCi and the data it holds about you. It would most likely apply in situations like switching banks and utility providers for instance. This right only applies where the following conditions have been met: –
- Right to object
- You have the right to object to: –
- Processing is based on legitimate interest, or the performance of a task in the public interest where there is no overriding justification for the processing of your data.
- Direct Marketing, including profiling.
- Processing for purposes of scientific/historic research and statistics.
- You have the right to object to: –
- Rights related to automated decision making including profiling
- You have the right to not be subject to a decision based solely on automated decision making which produces legal effects or significantly affects you. You also have the right to request human intervention, express your point of view or obtain an explanation of the decision and be able to challenge it.
- However, we do not use any automated decision-making processes which have a damaging effect on you.
- Right to complain to a supervisory authority
- If we have been unable to deal with your complaint to a satisfactory level, you have the right to complain to the Information Commissioners Office (ICO), you can contact them here.
Changes to our privacy policy
We reserve the right to update this Privacy Policy from time to time, as appropriate, relating to legislative or our business developments. The “last updated” date will be updated with the date of the last change.