Privacy Policy - EQM Consult

By using www.eqmconsult.com you agree to the terms and conditions of the following Privacy Policy.

1. GENERAL PROVISIONS

This Privacy Policy specify terms and conditions of: processing and protection of personal data that you provide, cookies files, and any other technology on the Website.

The administrator of the Website and of your personal data is EQM Consult Ltd. Beata Paliwoda, Company number 13390286 on the Register of Companies for England and Wales, whose registered office is at 58 Webber Street, Horley, RH6 8NQ, England.

The Administrator reserves the right to amend this Privacy Policy and every User of the Website is obliged to read the updated version of it. The reasons for changes of the Privacy Policy might include: technology development, changes in the legal regulations, website development (for example, new tools used by the Administrator). The publication date of the updated Privacy Policy can be found at the bottom of this page.

2. DEFINITIONS

Administrator – EQM Consult Ltd. Beata Paliwoda, Company number 13390286 on the Register of Companies for England and Wales, whose registered office is at 58 Webber Street, Horley, RH6 8NQ, England.

User – every person visiting and using the Website

Website and Online Shop at www.eqmconsult.com & www.iso14001in14weeks.co.uk

Form/Forms – places on the Website where the User can provide personal data for a specified reason such as Newsletter subscription, placing an order, contact with the Administrator.

GDPR – the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

3. PERSONAL DATA AND PROCESSING OF PERSONAL DATA

WHO IS THE ADMINISTRATOR OF YOUR PERSONAL DATA?

The Administrator of your personal data is EQM Consult Ltd. Beata Paliwoda, Company number 13390286 on the Register of Companies for England and Wales, whose registered office is at 58 Webber Street, Horley, RH6 8NQ, England.

IS PROVIDING YOUR PERSONAL DATA VOLUNTARY? WHAT ARE THE CONSEQUENCES OF NOT PROVIDING YOUR PERSONAL DATA?

Providing your personal data is voluntary, however, not providing the required personal data (marked as obligatory on the Website) means that the Administrator will not be able to provide the service.

Any personal data that is not obligatory or necessary are provided by the User voluntarily and the Administrator processes such personal data on the basis of Article 6 section 1 letter a) of GDPR (consent). The User gives consent for such personal data being processed and made anonymous by the Administrator.

FOR WHAT PUPROSES AND ON WHAT LEGAL BASIS ARE YOUR PERSONAL DATA PROCESSED?

The Administrator processes the User’s personal data for the following purposes and on the basis of the following legal grounds:

in order to provide a service, perform a contract, or send an offer (such as a marketing offer) at the request of the User – legal basis: Article 6 section 1 letter b) of GDPR;
in order to issue an invoice or a bill and to meet other tax law obligations when the User placed an order in the Online Shop or offline – legal basis: Article 6 section 1 letter c) of GDPR;
in order to grant a discount or inform about interesting sale offers from the Administrator or from the recommended subjects – legal basis: Article 6 section 1 letter a) of GDPR;
in order to process a complaint or claims related to the contract – legal basis: Article 6 section 1 letter a) of GDPR and Article 6 section 1 letter c) of GDPR;
in order to establish, exercise or defend legal claims – legal basis: Article 6 section 1 letter f) of GDPR;
in order to contact the User by phone regarding the service provided by the Administrator – legal basis: Article 6 section 1 letter b) of GDPR;
in order to contact the User by phone to present an offer (also direct marketing) – legal basis: Article 6 section 1 letter a) of GDPR and Article 6 section 1 letter f) of GDPR;
in order to create registers required by GDPR and other legal regulations – legal basis: Article 6 section 1 letter c) of GDPR and Article 6 section 1 letter f) of GDPR;
in order to archive personal data and collect evidence – legal basis: Article 6 section 1 letter f) of GDPR;
for the analytical purpose – to made the analyses of data collected automatically while using the Website, including cookies (for example Google Analytics, Facebook Pixel) – legal basis: Article 6 section 1 letter f) of GDPR;
in order to use cookies on the Website – legal basis: Article 6 section 1 letter a) of GDPR;
in order to manage the Website or any websites of the Administrator on other platforms – legal basis: Article 6 section 1 letter f) of GDPR;
in order to study the satisfaction of the provided services – legal basis: Article 6 section 1 letter f) of GDPR;
in order for the User to post opinions about provided services – legal basis: Article 6 section 1 letter a) of GDPR;
in order for the Administrator to contact the User – legal basis: Article 6 section 1 letter f) of GDPR;
in order to adjust the content of the Administrator’s websites to individual needs of the User and to constantly improve the quality of provided services – legal basis: Article 6 section 1 letter f) of GDPR;
for direct marketing of the Administrator’s products and services or of products and services of third parties recommended by the Administrator – legal basis: Article 6 section 1 letter f) of GDPR;
in order to create the Users data bases – legal basis: Article 6 section 1 letter f) of GDPR;
in order to manage social media and interact with the Users – legal basis: Article 6 section 1 letter f) of GDPR;

Article 6 of GDPR: Lawfulness of processing:

Section 1 letter a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes;

Section 1 letter b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;

Section 1 letter c) processing is necessary for compliance with a legal obligation to which the controller is subject;

Section 1 letter f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

HOW ARE YOUR PERSONAL DATA COLLECTED?

The Administrator collects and processes only personal data provided by the User (the exception are automatically collected data such as cookies and login data – more information on those can be found below).

The Website automatically collects data regarding using the Website such as the User’s IP, domain name, browser type, operational system (login data). Automatically collected data might be used to analyze the Users’ activities on the Website, collect demographic data, or to personalize the content of the Website in order to improve it. Such data are processed only for the purpose of Website administration, hosting or marketing purposes and are anonymous. More information on cookies can be found in the further parts of this Privacy Policy.

WHAT ARE YOUR RIGHTS?

The User has rights regarding their personal data under the provisions of Articles 15-21 of GDPR:

the right to access personal data,
the right to transmit personal data,
the right to rectify personal data,
the right to delete personal data – if there are no legal bases to process personal data,
the right to restrict the processing of personal data – if processing of personal data is incorrect or there are on legal bases for it,
the right to object to processing of personal data – based on the provision that it is necessary for the purposes of the legitimate interests of the Administrator,
the right to file a complaint with the supervisory authority – the President of the Personal Data Protection Office – if the User believes that the processing of their personal data is unlawful,
the right to be forgotten – if there is no other legal grounds for the processing.

The Administrator shall draw attention to the fact that the abovementioned rights are not absolute and there are exceptions to them. The rights shall not adversely affect the rights and freedoms of others such as copyrights or professional secrecy. To find out more, please read the GDPR document.

However, the User can always exercise the right to file a complaint with the supervisory authority.

In order to exercise their rights, the User can contact the Administrator by (1) e-mail: b.paliwoda@eqmconsult.com or (2) post to the address of the registered office of the Administrator, specifying the request. The User shall receive the reply to the request not later than 30 days after the request has been delivered to the Administrator.

CAN YOU WITHDRAW YOUR CONSENT TO PROCESS YOUR PERSONAL DATA?

The User has the right to withdraw their consent to process their personal data at any given time, which will result in deleting the e-mail address of the User from the e-mailing list of the Administrator. The consent withdrawal does not affect the processing of personal data prior to the withdrawal.

In some cases, not all personal data will be deleted. In such cases, personal data might be stored for defense against claims for as long as it is required by legal regulations.

The Administrator shall process each and every request from the User, informing the User about the actions required by legal regulations.

DO WE TRANSFER YOUR PERSONAL DATA TO A THIRD COUNTRY?

The User’s personal data might be transferred to a third country. In such a case, personal data will be transferred only to the recipients who joined the Privacy Shield agreement or to those recipients that guarantee the highest level of data protection.

Because the Administrator uses the services from Google, and LinkedIn, the User’s personal data might be transferred to the United States of America (the USA) where the personal data are stored on the servers.

Detailed information on data protection can be found in the privacy policies available on the websites of each of the abovementioned providers:

Google LLC: https://policies.google.com/privacy?hl=pl
LinkedIn: https://www.linkedin.com/legal/privacy-policy-summary
Stripe: https://stripe.com/en-gb/privacy

Process Street: https://www.process.st/help/docs/gdpr-statement/

HOW LONG DO WE STORE YOUR PERSONAL DATA?

The User’s personal data are stored by the Administrator as long as there are services being provided, there are legal bases for processing of personal data, and:

for the time period of cooperation/providing a service, for the period required by law for the establishment, exercise or defense of legal claims (personal data provided by the clients),
for the time period of business agreements and negotiations prior to entering into contract or providing a service (personal data provided in the quote),
for the time period required by the law regulations, including tax law (personal data required by the law regulations),
until the effective opposition based on Article 21 of GDPR is filed (personal data processed for the purpose of the legitimate interests pursued by the Administrator, including direct marketing purposes),
until the withdrawal of consent or achieving the goal of processing or a business goal (personal data processed based on the consent). After the withdrawal of consent, personal data might be processed for the period required by law for the establishment, exercise or defense of legal claims, or for shorter time period provided to the User.
until personal data are no longer up-to-date or useful (personal data processed for the analytical and statistical purposes, cookies, and for the administration of the Administrator’s websites).

LINKS TO OTHER WEBSITES

There might be links to other websites on the Website of the Administrator. They will open in the same or in a new window of a browser. The Administrator is not responsible for the content of those websites. The User is obliged to read privacy policy and terms and conditions of these websites.

DATA SECURITY

The User’s personal data are stored and protected with due diligence, according to the internal procedures implemented by the Administrator. The Administrator processes personal data using appropriate technical and organisational measures required by the law regulations, especially by legal regulations regarding personal data. This is to protect personal data against unauthorised access. The access to personal data is granted only to authorised persons who are obliged to keep them confident.

The User shall ensure the security of personal data provided to the Administrator via Internet – in particular, does not share the login details with third parties, uses an antivirus and updates the software.

WHO MIGHT BE THE RECIPIENTS OF YOUR PERSONAL DATA?

The Administrator uses external service providers. The recipients of the User’s personal data (such as courier service providers, payment system operators, accountants, newsletter providers) guarantee they use the appropriate technical and organisational measures required by the law regulations, including GDPR. The User’s personal data are disclosed to the following recipients:

Business Capital Links – in order to issue accounting documents,
Hosting House – domain and e-mail server services,
Other contractors providing technical, administration, and legal services to the Administrator or its clients such as accounting, IT, graphic design, copywriting, debt collection, legal help,
Government offices such as Revenue Office – to meet the tax law obligations,
Stripe – payment collection provider.

HAVE WE APPOINTED THE DATA PROTECTION OFFICER?

The Administrator has not appointed the Data Protection Officer and performs the tasks of the Data Protection Officer autonomously.

The User acknowledges that their personal data might be disclosed to the authorized government bodies – for the purpose of compliance with a legal obligation – at their request and after ensuring there are grounds for obtaining such personal data from the Administrator.

DO WE USE PROFILING WITH YOUR PERSONAL DATA?

The User’s personal data are not used for the automated decision-making which affects the rights, obligations and freedom of the User, as stipulated in GDPR.

The User’s personal data (obtained on the Website) might be subject to profiling in order to personalize the Administrator’s offer (mainly through behavioral advertising). It should not, however, have any effect on the legal situation of the User, especially on the contracts they entered into or will enter into. It only helps to adjust the content of the advertising to the interests of the User. That information is anonymous and is not associated with any personal data provided by the User (for example, during the online purchase). It includes only statistical data such as sex, age, interests, approximate location, and behavior on the Website.

Every User has the right to object to profiling if it has any negative effect on the rights and obligations of the User.

4. EXCLUSION OF LIABILITY AND COPYRIGHTS

The content of the Website does not constitute professional advice. If you wish to obtain help with a specific problem, contact an authorised person or the Administrator (contact details). The Administrator is not responsible for the use of the content of the Website or for any actions or omissions that might be the result of it.
The Administrator owns the copyrights to the entire content of the Website (photos, wording, videos, free materials, etc.). The Administrator does not allow to copy any of the content, in entirety or in parts, without a prior and written consent of the Administrator.
The content of the Website is up-to-date on the day of the publication unless stated otherwise.

5. TECHNOLOGY

To be able to use the Website, the User is required to have:

a device with Internet access,
a browser,

software allowing to read the content in the given formats such as .pdf, video, mp3, mp4.

6. COOKIE POLICY

Like most websites, the Website of the Administrator uses cookies that help to improve the content of the Website adjusting it to the needs of its users.
The Website does not collect in any automatic way any other information except for cookies.
Cookies contain IT data (small text files) that are stored on your device, such as your computer, tablet, and smartphone, while you visit the Website.
There might two types of cookies: the first-party cookies (coming directly from the Website you are visiting) and third-party cookies (set by other websites).
Cookies help to adjust the content of the Website to the individual preferences of the users. They also help to create statistics which show how the users use the Website. All this is very helpful in improving the Website – its content, structure and how it looks.
The Administrator uses the following third-party cookies: a) Facebook Pixel – it manages Facebook ads and marketing actions (legitimate interest pursued by the Administrator). This tool is provided by Facebook Inc. and its affiliates. This analytical tool measures how effective ads are, shows what actions the Users take, and helps to reach the target group (Facebook Ads, Facebook Insights). Information collected by Facebook Pixel is anonymous and does not identify you. It shows general data about the users: location, age, sex, interests. The provider can combine these data with other data that you provide on your Facebook account and then use the combined data according to their goals.The Administrator recommends to read the details of Facebook Pixel and ask directly the provider for any clarification you might need. Also, you should manage the privacy settings on your Facebook account. More information can be found at https://www.facebook.com/privacy/explanation. b) Google Analytics – it analyzes the Website statistics. Google Analytics uses its own cookies to analyze actions and behavior of the Users. The files store information such as from what website a user entered other website. It helps to create and use statistics to improve the services provided by the Administrator and to optimize the Website (legitimate interest pursued by the Administrator). This tool is provided by Google LLC. While using Google Analytics, the Administrator does not collect any data that could be used to identify the User. The Administrator recommends to read the details of Google Analytics, turn off cookies and ask directly the provider for any clarification you might need at https://support.google.com/analytics#topic=3544906. c) Plug-ins to social media – Facebook, LinkedIn, YouTube. When the User clicks on the plug-in icon, they are redirected to the website of an external provider – in this case to the specific social media portal such as Facebook. Next, the User can click ‘like it’ or ‘Share’. The Administrator recommends to read Facebook privacy policy before creating an account. The Administrator has no influence on data processed by Facebook, LinkedIn or YouTube. From the moment the User clicks on the plug-in redirecting to the social media portal, this social media portal becomes the administrator of their personal data and decides on the scope and aims of processing of personal data. Cookies left by Facebook plug-in (or other third parties) might be stored on the User’s device and then combined with data collected by Facebook portal. By using the Website, the User accepts this. The Administrator does not have any influence on personal data processing by the third parties in this manner.d) Tools to measure the effectiveness of advertisement campaigns on Google Ads – to run marketing and re-marketing campaigns (legitimate interest pursued by the Administrator). The Administrator does not collect any data that can be used to identify the User. The Administrator recommends to read Google privacy policy to learn the details of how it works and how to turn cookies off in your browser’s settings. e) Content of the websites and portals of external providers. The Administrator might use on the Website the content from portals, blogs, and other websites from external providers. In particular, videos from YouTube or Vimeo. Abovementioned external providers might collect data such as information on viewing the content by the User. If you do not want this to happen, log out from a given portal (if you have an account and are logged in) before visiting the Website or do not play the content on the Website. You can also change the settings of your browser and block some content. Every time read the privacy policy of the external providers.
The Administrator recommends one more time to read privacy policy of every of the abovementioned external provider to be aware of privacy settings that protect the rights of the User.
The Website uses two main types of cookies: session cookies – temporary files stored on your device until you log out, close the website, or turns off the software and persistent cookies – these files are stored on your device for a set period (a parameter of a cookie file) or until you delete them – this makes it possible to recognize the browser next time you visit the Website.
In many cases, the browser stores cookies on your device by default. This can be changed in the browser’s cookies policy. You can block automatic cookies or be informed every time cookies are stored on your device. Information on how to do that can be found in your browser’s settings.
Some functionalities of the Website may not function properly when the cookies settings are changed.

7. COOKIE CONSENT

When you enter the Website for the first time, you have to accept cookies or take other actions specified in the message on the Website to be able to use the Website. By using the Website, you accept cookies. If you do not want to give such consent, leave the Website. You can also change the cookies settings in your browser – clear or turn them off. You can find all the necessary information in ‘Help’ section of your browser.

8. LOGOS

Using the Website means that data is transmitted to the server that stores the Website.
Transmitted data are saved in the server logs. Logs include the User’s IP, date and time, browser and operational system information used by the User.
Logs are saved and stored on a server.
Server logs are used to manage the Website and they are disclosed only to people and subjects authorized to administer the server.
The Administrator does not use the logs in any way to identify the User.

Publication date of Privacy Policy: 22.05.2021
Date of the latest update: 11.03.2023

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.