Data we collect from prospective clients
If you are a prospective client that gets in touch with us we will collect your name, email address, job title and phone number and other details about your company. We require this information to be able to present our services to you and discuss the next steps in our journey. We rely on our legitimate interest legal basis, which is carrying out the relevant checks and negotiations to be able to enter into a contract with you. This information is retained by Jazzy DPO for the duration of our sales process. If you decide not to proceed in your journey with Jazzy, we will not store your information but records of communications (e.g. email communications) will be retained for 12 months.
As part of our attempt to raise awareness of our business, you may receive marketing communications from us. The data types we collect for sales and marketing purposes are your name, job title and business email address. We use a sales platform for data collection and rely on our legitimate business interest as a GDPR legal basis for collecting this data. We only process this data for the purposes of raising awareness of our business and we adhere to the PECR rules when using it. The PECR consent rules don't apply to B2B marketing, but we are required to comply with any request to opt out. If you get in touch with us in order to object to marketing, we will remove your information from our records and make a note of your company name only, so that no further marketing materials are sent to you.
Data we collect from current clients
We require an account manager to be our main point of contact with each of our clients and we will process their name, business email address and contact number to be able to provide our services. We will rely on our legitimate interest in providing our services under our contract legal basis for this processing.
During your time with us we will also collect financial information about your company for due diligence or other financial accounting purposes - sometimes this may contain personal details of directors and shareholders. We will rely on our legitimate interest in conducting due diligence on our customers legal basis for this processing.
This information will be processed by Jazzy DPO for the duration of our contract with you and will be retained or removed in accordance with our contractual terms.
Data we may collect incidental to our services
FROM COMPLAINTS, SUGGESTIONS OR OTHER INQUIRIES
If you contact us to submit a complaint, suggestion or any other inquiries we will collect your name and contact details and other information about your inquiry to be able to respond to you. We rely on our legitimate business interest legal basis to process this data. Records of complaints will be kept for a period of 7 years, which are needed to comply with our legal obligations or defend the company in case of a legal action. Other records not required to comply with our legal obligations (e.g. suggestions and comments) will be archived and removed in line with our retention policy.
WHEN PROVIDING ADVICE
During the provision of our services, we may collect personal data of our clients’ employees, contractors, service providers or other third parties to be able to provide our advice to clients. This may include names, email addresses, job title, job description, and other employment or details in relation to a contract of service. This information is not collected by default but may be provided by the client incidental to our services. We rely on our legitimate interest in providing our services under the contract legal basis for this processing. We maintain records of our advice to clients to comply with our legal and contractual obligations, which may include this personal information. Once the advice is provided, the personal information is redacted and the record of the advice is archived. Records of advice are kept for a period of 7 years.
Our website and cookies
WEBSITE
When you visit the Jazzy DPO website, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the installed cookies on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products you view, what websites or search terms referred you to the Site, and how you interact with the Site. We refer to this automatically-collected information as “Device Information.”
Our website is hosted by Hostinger, which stores data in the EU. This device information is available to them when you visit our website and shared with us. When you submit a form on our website, this information is also available to Hostinger. Hostinger is a data processor for this information and we have a Data Processing Agreement in place. You can find out more about them, here.
COOKIES
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. For data protection purposes, cookies are divided into two categories:
Essential cookies - which are cookies that are strictly necessary for the website to function. The storage of necessary cookies on websites does not require user consent.
Non-essential cookies - which are cookies that improve the performance of the website or analyse how the service is being accessed. This information can be used by the website owner for a variety of purposes including advertising. Non-essential cookies require the end user’s consent and this is managed through the cookie banner.
To protect your privacy, analytics and statistical cookies are disabled by default, but should you wish to enable them, can do so by clicking “Accept” on the cookie banner.
Storage and data transfers
We use third parties to store information. These include email providers, data storage providers, scheduling, other communications providers and financial accounting software providers. We maintain a list of the systems where personal data is stored and review this at regular intervals. We have Data Processing Agreements in place with our processors and maintain a record of these.
We aim to store data in geographical zones within Europe, or within countries which are deemed adequate by the EU. However, some suppliers may have additional data centres operating globally, which may include transfers of personal data to international countries. Where personal data is shared with organisations located in third countries that are not covered by an EU Adequacy Decision, in order to safeguard the transfer we will rely on Standard Contractual Clauses (SCCs) accompanied by a transfer impact assessment where required.
Your rights
ACCESS
You have the right to access your data - by contacting us and making a request for a copy of the data we hold about you.
RESTRICT
You have the right to ask us to restrict the processing of your data in certain circumstances. Where processing of your data is restricted, it can be stored by the us but most other processing actions, such as deletion, will require your permission.
OBJECT
You have the right to object to us processing your personal data in certain circumstances, which will generally depend on the legal basis we use for its processing.
Portability
In certain circumstances you have the right to ask that we transfer your data to another organisation.
RECTIFICATION
You have the right to ask that we amend information that is incomplete or inaccurate. You also have the right to ask us to complete information you believe to be incomplete.
ERASURE
You have the right to ask that we remove personal data we hold about you. However, this right is not an absolute right and we may be required by law to retain certain types of data.
You have certain rights in relation to your personal data, including:
Our contact for data protection queries is Cristina Patru. If you wish to make a request for any of these rights, please email cristina@jazzydpo.com.
You do not need to pay a fee to exercise any of these rights and we have one calendar month to respond to your request.
How you can contact us or make a complaint
CONTACT US
Jazzy DPO is a limited liability company registered in Romania, registration number 48923906 and EUID ROONRC.J38/896/2023, whose registered address is Arinilor 66, Ramnicu Valcea, Romania, postcode 240127.
Our designated contact for data protection is Cristina Patru. If you would like to contact us in relation to your rights under data protection law, you can do so by emailing cristina@jazzydpo.com.
CONTACT THE DATA PROTECTION AUTHORITY
Should you be unhappy with the way your personal data is being processed by Jazzy DPO, you can make a complaint to the Romanian National Supervisory Authority For Personal Data Processing, whose complaints procedure is detailed on their website, here.
UK: +44 (0) 737 539 7670 / EU: +40 (0) 758 537 934
hello@jazzydpo.com