1. Introduction
This Privacy Policy, together with our Customer Terms, Privacy Notice and any other documents referred to in this Privacy Policy explains, in detail, the types of personal data we may collect about you when you interact with us. It also explains how we’ll store and handle that data and keep it safe.
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
We hope that the following sections will answer any questions that you may have, but if not, please do get in touch with us.
It is likely that we shall need to update this Privacy Policy from time to time. We will notify you of any ‘significant ‘changes, but please feel free to come back and check it whenever you wish.
2. What is Pegasus Funding Solutions Limited?
Pegasus Funding Solutions Limited which we shall refer to as ‘we’, ‘us’, ‘our’ in this document trades under the brand name of Pegasus Funding Resources and Pegasus Funding Corporate Finance.
3. The legal basis we rely on
The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:
a) Consent
In specific situations, we can collect and process your data with your consent.
For example, when you tick a box to receive email newsletters, or complete an online enquiry form.
When collecting your personal data, we’ll always make clear which data is necessary in connection with a particular service.
b) Contractual obligations
In certain circumstances, we need your personal data to comply with our contractual obligations.
For example, if you order an item from us that is fulfilled by a third party, such as a printer, we’ll collect your address details to deliver your purchase, and pass them to our third party for processing.
c) Legal compliance
If the law requires us to, we may need to collect and process your data.
For example, we can pass on details of people involved in fraud or other criminal activity affecting us to law enforcement.
d) Legitimate interest
We may require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.
We may use the data relating to your interest in our services, information and offerings, in order to personalise further offers, information or services that may be of interest you.
We will also use your address details to send you direct marketing information by post or email, telling you about products and services that we think might interest you.
Although some of the data we hold on staff is required under ‘contractual obligation’ and some under ‘legal compliance’ we choose – for simplicity – to deal with it all as being a ‘legitimate interest’.
4. When do we collect your data?
There are many ways in which we may collect your data, and this depends on how you engage with us.
Information you give us:
a) To carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us.
b) When you provide us with billing and payment information.
c) When you request, and receive, customer support or enquire about our services.
d) When you engage with us on social media.
e) When you register for a prize draw or competition.
f) When you register for or visit us at an event.
g) When you comment on or review our services.
h) When you apply for a job.
i) During the course of your employment.
By engaging with us in the above ways, you agree to the collection and use of information in accordance with this policy.
Information we collect:
a) When you visit our website/s.
b) When we collect your data from publicly available sources.
From sources where you have given consent to share information or where the information is made public as a matter of law.
5. What 'types' of data do we collect?
Essential data
The personal data we hold for you will be limited to your name, email address, telephone number/s and company name.
Additional data
In the course of us fulfilling our contractual obligations to you as a customer, additional company information may be required; including potentially, more sensitive business data to help establish what services you need. Other more administrative information required could include billing/delivery address, and bank details for example. We will let you know when or why we need this data during the course of our engagements. You can choose not to provide us with the information that we request.
Details of your interactions with us
We may collect notes or write contact reports from our conversations and meetings with you, there may be actions that we need to undertake in order to fulfil our services to you, details of any complaints, testimonials or other comments you make. We also collect details provided by you when completing a form or submitting an enquiry through our website, in addition to files downloaded, web pages you visit and how and when you contact us. We may also collect your social media username, if you interact with us through those channels, to help us respond to your comments, questions or feedback.
Documents you provide us with
You may, for example, provide us with documents to prove your identity, anti-money laundering obligations or your company’s credit worthiness.
Details of the topics and services that interest or might interest you
We may collect details of which of our website pages you visited, information you have downloaded, and what services you have used in the past. We’ll only ask for, and use, the data collected for recommending services of interest and to personalise your website and overall customer experience with us.
Technical information that your browser sends
To deliver the best possible web experience, we collect technical information about your internet connection and browser as well as the country and telephone code where your computer is located, the web pages viewed during your visit, the advertisements you clicked on, and any search terms you entered.
Employment data
We collect a variety of data (for example – tax codes, payroll details, appraisal records, next of kin) on employees to meet legal and contractual obligations and to efficiently administer our business.
Use of cookies
We use cookies on our website to distinguish you from other users of our website and service. ‘Cookies’ are used to track your visit on our publicly accessible web pages, and the data collected will, for example, tell us which pages you have opened. We use this information to improve the user experience of the website and to help us understand what topics and services are of interest to you. Please see our Cookie Policy for further information.
6. What is the purpose of collecting my data?
We have talked about the legal basis that we rely on in order to collect and process your data in Section 3 of this document. Whilst there will be contractual or legal obligations for doing so, ultimately, it is our aim to provide you with the best possible experience when engaging with us.
We will also use data to monitor the performance of our services to you and others, and the analysis of such data will be used to improve our services, systems and processes and understand your requirements better so that we may personalise our services and marketing of those services to your specific interests and requirements.
If you choose not to share your data with us, then we might not be able to provide some services to you, or to provide the level of service that you would come to expect from us.
7. Personal data we disclose to third parties
There may be occasions whereby we disclose your data to a third-party organisation. We follow strict guidelines in the storage and disclosure of information that you have given us, to prevent unauthorised access. Reasons for disclosure may be:
a) Where we are securing the service of a third party to assist in providing a service to you. An example of which may be a printer fulfilling your print media requirements on our behalf, or an associated consultant or expert providing advice and information to you on our behalf.
b) In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
c) Where there is a legal obligation to do so, for example, a court order.
d) Employee data may be shared with third parties (eg, payroll bureau) for the purposes of administering the business. Such data transfer is made under strict controls and contractual guarantees of data security from any third parties.
8. How do we protect your data?
The security of your personal information is extremely important to us but please remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. We use standard commercial software and systems and best practice internal procedures to help us protect your personal information, but we cannot guarantee its absolute security. To help us to protect your data as best as we can we:
a) Ensure that the collection and processing of such personal data will be done in accordance with the EU General Data Protection Regulation (GDPR).
b) Secure all transactional areas of our website using ‘https’ technology.
c) Limit the user access to your personal and sensitive data and use appropriate security layers such as password protection.
d) Regularly monitor our systems and processes for any vulnerabilities or attacks and identify ways to enhance our security.
9. How long will we keep your data?
Whenever we collect or process your personal data, we shall only keep it for as long as is necessary, and only for the purpose for which it was collected, or until you advise us to delete it.
At the end of the retention period, your data will either be deleted completely or anonymised, so that it can be used in a non-identifiable way for statistical analysis and business planning.
If you are an active ‘client’, and we provide a regular service to you and your business, then we would expect to store and maintain your personal data for the purpose for which it was provided, (along with all relevant work files, etc) for the duration of your service contract.
Upon the termination of a contract with us, the ‘type/s’ of data that we hold, will determine the period for which we will be required to keep it.
- For example, accounts records must be held for a period of 7 years as required by HMRC before we can delete it.
- Any work-related documents, and email communications will be stored for a minimum period of 6 years after we cease to carry out business, and in accordance with our Privacy Notice.
- In the case of the contact form (or other type of form) found on our website/s, after we have serviced your request, your data will be kept for a maximum of two years for analytic purposes or until such time as you advise us to delete it.
- Employee and former employee data will be held for as long as is recommended by government bodies such as ACAS.
10. What are your rights in relation to the data we hold and process?
You have the right to request:
a) Access to the personal data we hold about you, free of charge in most cases.
b) The correction of your personal data when incorrect, out of date or incomplete.
c) That we stop using your personal data for direct marketing (either through specific channels, or all channels).
d) That we stop any consent-based processing of your personal data after you withdraw that consent.
You may contact us to request to exercise these rights at any time as follows:
If you wish to access your information
Please contact The Data Protection Officer, Pegasus Funding Solutions Limited, Unit 10, Tinwell Business Park, Steadfold Lane, Stamford, Rutland PE9 3UN. Alternatively, you may contact us by email at [email protected].
Following your request for access
You can request rectification or removal of your data. This can be requested if:
a) The personal data is incorrect;
b) The personal data is incomplete or not relevant to the specific purpose for which it was collected;
c) The personal data is used in violation of the law;
d) You wish to exercise your ‘right to erasure’ under the Data Protection Act 2018.
Pegasus Funding Solutions Limited will answer your request within 30 days.
If we choose not to action your request, we will explain to you the reasons for our refusal.
Your right to withdraw consent
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.
Where we rely on our legitimate interest
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
Direct marketing
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request.
Some marketing communications that you receive from us, such as emails containing news updates, offers or other services that you have shown an interest in, will enable you to unsubscribe directly, should you wish. You can do this by clicking the ‘unsubscribe’ link in any email communication that we send you. We will then stop any further emails from that particular email series.
Checking your identity
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice.
If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
11. Contact us
If you have any questions about this Privacy Policy, please contact The Data Protection Officer, Pegasus Funding Solutions Limited, Unit 10, Tinwell Business Park, Steadfold Lane, Stamford, Rutland PE9 3UN. Alternatively, you contact us by email at [email protected].
12. Information Commissioner's Office
If you are not happy with the way we handle your personal information, and we have been unable to resolve any differences between us about the content or application of this policy, you can complain to the Information Commissioner’s Office. See ICO for more information.