Introduction

GDS Group Limited (GDS) takes the privacy of your information and how it is used very seriously, and we will only use your personal information in accordance with the current data protection law in the UK and this Privacy Policy. This notice describes GDS’s Privacy Policy and how we aim to repay the trust you have shown by sharing your personal data with us. GDS Group Limited (GDS) head office is located at the following address: Bristol (Head Office) Queen Square House 18-21 Queen Square Bristol BS1 4NH This Privacy Policy only applies to personal information we hold about individuals. It does not apply to information we hold about companies and other organisations. The website www.gdsgroup.com is owned and operated by The GDS Group Limited.

Personal Data

Under the EU’s General Data Protection Regulation (“GDPR”): Personal Data is defined as “any information relating to an identified or identifiable natural person (‘data subject’); by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.

The Data Controller

The lawful bases for processing are set out in Article 6 of the GDPR. At least one of these must apply whenever personal data is to be processed:

Consent: you have given GDS clear consent for your personal data to be processed for a specific purpose.
Contract: the processing is necessary for a contract you have with GDS has asked you to take specific steps before entering into a contract.
Legal obligation: the processing is necessary for GDS to comply with the law (not including contractual obligations).
Vital interests: the processing is necessary to protect someone’s life.
Public task: the processing is necessary for GDS to perform a task that is in the public interest or for its official functions, and the task or function has a clear basis in law.
Legitimate interests: the processing is necessary for GDS legitimate interests, or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data that overrides those legitimate interests.

Data Rights

The right of access
The right to rectification
The right to erasure or right to be forgotten
The right to restriction of processing
The right to be informed
The right to data portability
The right to object
The right not to be subject to a decision based solely on automated processing

You can exercise your right to prevent processing by contacting us at dataprotection@gdsgroup.com.

Information we may collect from you:

We may collect personal information from you in the following ways:

When you make a phone call or send an e-mail to seek information about our services;
Recruitment and employment;
When you have made a referral or been referred to us via any method whether directly or indirectly;
You have used our services or benefited from our services in any ways;
Through our use of the Cookies on our website (please see the Cookies section below);
Through your request for publications and other marketing materials;
Through your request for information about our services and related topics and events;
Through your registration for events;
Through making a purchase online;
Through reservations
Through you contacting us with enquiries and comments

If you take one the steps mentioned above, we may collect and process personal information about you such as:

Your name, address, email address and other contact information;
Records of your correspondence with us, if you have contacted us;
Health data;
Interests;
Details of your visit to the website;
Multimedia files such as photographs and video footages;
Information about your service user experiences and
Any other information provided to us when you contacted us for using our services
Information others may share with us about you

We never buy personal data from third parties or trade data with other companies. However, there are times when we must collect debt and we may share your information with our appointed debt collection agents. We will share your personal data with our group companies and or partners (including those based outside the EEA) where it is in our legitimate interests to do so.

Personal Data

Under the EU’s General Data Protection Regulation (“GDPR”): Personal Data is defined as “any information relating to an identified or identifiable natural person (‘data subject’); by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.

Personal Data

Under the EU’s General Data Protection Regulation (“GDPR”): Personal Data is defined as “any information relating to an identified or identifiable natural person (‘data subject’); by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.