Your privacy is important to D2 Collective. This privacy statement provides information about the personal information that D2 Collective collects, and the ways in which D2 Collective uses that personal information.
1. About Us
This website (d2collective.com) is owned and operated by D2 Collective Ltd, a company registered in Scotland no. 599767, having its registered offices at 14 – 18 Hill Street, Edinburgh, EH2 3JZ.
D2 Collective is committed to protecting your privacy and maintaining the security of any personal information received from you. We strictly adhere to the requirements of the data protection legislation in the UK, including the General Data Protection Regulation 2016 and the Data Protection Act 2018.
Unless the context otherwise requires, in this Agreement the following expressions shall have the meanings set out below:-
“Affiliate” means organisations which we partner, work or associate with;
“Group Companies” or “Group Company” means any and all entities controlling or controlled by or under common control with Us. “Control” means ownership, directly or indirectly, of at least fifty percent (50%) of the voting rights in such entity, and ‘controlling’ and ‘controlled’ shall have the corresponding meaning.
3. The Data Protection Officer (DPO)
Due to the type of data we collect and the nature of our business we currently have no legal requirement to have a DPO at D2 Collective. However, our information security manager will be happy to deal with any queries or requests regarding the data we hold about you. They can be contacted by email at email@example.com or by post to Information Security Manager, D2 Collective, 14 – 18 Hill Street, Edinburgh, EH2 3JZ.
4. Information we collect about You and How we use it
You may be asked to provide personal information on our website in order to access some content. We may collect your name, email, company name, telephone number, industry details, interests and other business related information which we can use in the future to send you relevant information.
We do not collect sensitive information (also known as special categories of information) about you.
We do collect some information from cookies and similar software which allows us to understand how you arrive on our websites, and use and navigate round them so we can improve the sites. We obtain some information from Google Analytics, Hubspot and Albacross.
5. What we do with your Information
We will use your personal information for a number of purposes including
- To provide our services or online content, to provide you with information about them and to deal with your requests and queries.
- For administration purposes which means we may contact you for reason related to services or online content you have signed up for, to let you know that a service or online site has been suspended for maintenance.
- To provide personalised communications.
- Where we provide personalised services, we may analyse the information you supply, as well as your activity on our (and other) services, so we can offer a more relevant, tailored service. For example, if you view the sports page, especially football news, first thing each day, we can present this information.
- A certain amount of advertising is tailored to the individual based on viewing and/or purchase habits. This is a common practice known as online behavioural advertising. You can find out more in What is online behavioural advertising.
- We may show you relevant advertising on third party sites. See section 7 (on marketing)
- To contact you about a submission you have made including any content you provide.
- We use IP addresses and device identifiers to identify the location of users, to establish the number of visits from different countries, to limit/cap adverts of a certain type, personalise content and emails, and allow access to paywall protected content.
- For analysis and research to improve our services offered.
- We may use and disclose information in aggregate (so no individuals are identified) for marketing and strategic development purposes.
6. What if I don’t provide some or all of the information requested?
The impact of this will depend on what information you withhold but the main impacts may be:
- We may not be able to respond fully to requests and queries you may have.
- We cannot personalise the service you receive. So, if you are online you will have to search more for the content type you normally view or for similar/related products.
- We won’t be able to limit online adverts to products or services you have shown interest in and so you may receive adverts that mean nothing to you and are not related to your interests.
Withholding marketing consent. You are free to do this at any time. It will only stop you receiving marketing. It will not impact any other service we provide you with.
We use your personal information to update you about new products/services by post, email and SMS text message. We will only contact you with your consent. You will provide this either when you fill in a form to provide your data, by signing up for a newsletter, or when you call us.
We may personalise the message content based on information you provide us with, and your use of d2collective.com
We may use information which we hold about you to show you relevant advertising on third party sites (e.g. Facebook, Google, Instagram, Snapchat and Twitter). This could involve showing you an advertising message where we know you have previously visited d2collective.com and/or have used our products and services.
You are entitled to withhold this consent and opt out from receiving such communications at any time by not giving your consent on the form (paper or web) that collects your details or telling the operator when you call. You can also update these options by adjusting your preferences, contacting us by email at firstname.lastname@example.org or by post to Information Security Manager, D2 Collective, 14 – 18 Hill Street, Edinburgh, EH2 3JZ. We will always provide you with a way of opting out of receiving future marketing messages from us, each time we send them to you.
8. What grounds (legal basis) are we processing the data under?
There are a number of ground we process your data under. These are
- Contractual – we need the information to perform the contract for services you have requested/ordered including payment, delivery etc.
- Legal – should we be legally required to contact you concerning a product e.g. a product recall.
- Legitimate interest – this means the processing is in D2 Collective’s interest. It allows us to manage the customer relationship effectively and efficiently and improve the services we provide by better understanding how our online provisions are used.
- Consent – where you have given us consent to market to you.
9. Sharing your Information with Third Parties
We may from time to time provide your personal information to third parties for the purposes of providing you with our services. These third party providers include payment processors, providers of card validation services, credit referencing providers, third party sales processor (includes fulfilment services) and service providers who assist us with hosting our marketing campaigns. They do not decide what is done with your data and only process it on our behalf. These third parties may be located outside the European Economic Area; however we only use providers that provide adequate protection for your information at all times.
When transferring any personal information outwith the EEA we only do so under one of the legally recognised transfer mechanisms for ensuring the data is safeguarded. These are:
- The country in question has been deemed safe for data transfer by the European Commission. Also known as an adequacy finding.
- The contract for data processing contains the standard contractual clauses laid down by the European Commission to safeguard the transfer of personal data.
- Binding corporate rules – this is where a large company’s own internal processes for international data transfer have been signed-off and agreed by the European Commission as safeguarding the data.
- If the data is going to the USA it can be safely transferred to a company that is certified under the EU-US Privacy Shield.
- Appropriate certification schemes
We will not provide your data to other third parties for marketing purposes unless you have specifically consented to this when you first provided your data to us. You are entitled to withhold this consent and opt out from receiving such third party communications at any time by not giving your consent on the form (paper or web) that collects your details or telling the operator when you call. You can also update these options by logging into your account and adjusting your preferences, contacting us by email at email@example.com or by post to Information Security Manager, D2 Collective, 14 – 18 Hill Street, Edinburgh, EH2 3JZ.
10. Cookies [and web browser information]
Currently we do not have the ability to react to do not track being set in the browser. If you wish to opt out of tracking we suggest downloading an ad blocking technology such as Ghostery.
11. What if I am aged under 18?
If you are aged 18 or under, please get your parent/guardian’s permission before you provide any personal information to D2 Collective as this website is not aimed at under 18’s.
12. How we Protect your Information
We follow strict security procedures in the storage, use and disclosure of information which you have given us, to prevent unauthorised access to, and loss, misuse or alteration of your personal information in accordance with the UK data protection legislation. These include access control, firewalls and virus checking procedures.
You are responsible for keeping any confidential passwords or other login or access details which you select or which we allocate to you secret. Whilst we take steps to ensure the security of your information, there is a risk that any information transmitted over the Internet and stored on a computer may be intercepted or accessed by an unauthorised party. If you think that someone has accessed your information held by us without your permission or gained unauthorised access to your login details, you must notify us at firstname.lastname@example.org
We also recommend that if you use a shared computer or a computer in a public place such as a library that you close your browser when you have finished you session
13. How long we hold your Data for
Some of the information you provide to us is necessary to carry out repeated tasks, such as verifying your identity when signing in to use an account. We will keep this information for as long as you remain a registered user of any of our sites or an active customer plus a reasonable time (approximately 24 months) beyond this to deal with queries or issues.
Some information may be required for longer periods such as financial information for HMRC purposes, usually a maximum of 7 years.
D2 Collective do not retain you payment card information. It is keyed directly into the payment processor’s system when you provide it.
We may retain anonymised information for analytical purposes.
14. Your rights regarding your Personal Information
Under the Data Protection law you have a number of rights with respect to your personal information which are:
Correcting your Information
You are entitled to have your personal information updated to ensure it is up-to-date and accurate. This can be done by following the instructions below.
You have the right to withdraw your consent to any processing that is currently being done under your consent e.g. marketing. This can be done by following the instructions below.
Obtaining a copy of your Information
You are entitled to receive a copy of the personal information we hold about you.
Deleting your information
You can request that we delete personal information in certain circumstances. These will be specific to each case.
You are entitled to have us transfer to another controller the personal information that you have provided us with.
You can request a restriction on the processing of your data in some limited circumstances. Examples are concerns over data accuracy or we no longer require to hold your data but you have requested its retention by us to aid you in a legal matter.
Right to object to processing
You are entitled to request that we stop processing your data for marketing purposes and in other limited circumstances such as asking us not to process your data by wholly automated means or not to analyse your information for targeted content etc. (also known as profiling).
You can action any of these rights by contacting your normal customer service department or by contacting us by email at email@example.com or by post to Information Security Manager, D2 Collective, 14 – 18 Hill Street, Edinburgh, EH2 3JZ.
15. Sale of the Business
Should all or part of the D2 Collective business be sold to or taken over by another organisation, your personal information may move to that other organisation as part of the sale or takeover agreement.
16. Right of complaint to the Regulator for Data Protection
The data protection laws in the UK are regulated and enforced by the Information Commissioner’s Office (ICO). Each individual has the right to raise a concern/complaint to the ICO if they have any concerns about how their personal information and/or privacy is treated. You can do this via
The ICO’s website ( https://ico.org.uk/concerns ), follow the links or have an online Live Chat
Call the ICO helpline on 0303 123 1113
Postal address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
17. Links to Third Party Websites
18. Updates to this Policy
We may update this Policy at any time without notice. We will tell you that we have updated the policy by posting an announcement on the website. By continuing to use the website after we have emailed you or posted a notice informing you of an update, you accept the changes to this Policy.
19. Contacting Us
If you have any questions about privacy, or wish to update your details or action any of your other data rights at any time, please contact us using firstname.lastname@example.org .
Contact D2 Collective