top of page

PRIVACY NOTICE

 

WHO WE ARE

VTA Services operates as a business service in the UK.  Our website address is: www.vtaservices.co.uk

 

WHAT PERSONAL DATA WE COLLECT AND WHY WE COLLECT IT

 

LAWFUL BASIS FOR PROCESSING

We process personal data under the following lawful bases:

  • Contract – to provide services to our clients

  • Legitimate interests – for business operations, communication, and service delivery

  • Consent – for email newsletters and marketing communications

  • Legal obligation – where required for accounting or regulatory purposes

 

CONTACT FORMS

We may process information contained in any enquiry you submit regarding our services and products.  If a user contacts us via email or via a contact form, the personal information transmitted by the user is automatically stored.  The personal information collected as part of a registration for the newsletter will only be used to send our newsletter.  Contact form submissions are kept for customer service purposes.

 

We may process information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters. Our newsletter may only be received by the user if the user has a valid email address and the user registers for the newsletter.  Confirmation email will be sent to the email address registered by a user for the first time for newsletter shipping, for legal reasons, in a double opt-in procedure. The confirmation email is used to prove whether the owner of the email address as the user is authorised to receive the newsletter.  Subscription to the newsletter may be terminated by the user at any time.  A link for unsubscribing is found in each newsletter.

 

COOKIES

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment.  If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

 

ANALYTICS

We use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out such things as the number of visitors to the various parts of the site. This information is only processed in a way that does not directly identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.

If we do collect personal data through our website, we will make it clear when we collect personal information and explain what we intend to do with it.

 

WHO WE SHARE YOUR DATA WITH

We may share data with trusted third-party providers including:

  • Microsoft 365 and OneDrive (data storage and email)

  • Google Workspace (forms and data processing)

  • Xero (accounting)

  • Trello (project management)

  • Payment processors such as Stripe

 

These providers process data on our behalf and are compliant with data protection regulations.

We will not share your information with any third parties for the purposes of direct marketing.

 

HOW LONG WE RETAIN YOUR DATA

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

We retain personal data only for as long as necessary for the purposes it was collected, including:

  • Client records: up to 6 years for accounting and legal purposes

  • Enquiries: up to 12 months

  • Newsletter data: until you unsubscribe

 

WHAT RIGHTS YOU HAVE OVER YOUR DATA

If you have left comments on this site, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

 

WHERE WE SEND YOUR DATA

Visitor comments may be checked through an automated spam detection service.

 

INTERNATIONAL DATA TRANSFERS

Some of our third-party providers may process data outside the UK.

Where this occurs, we ensure appropriate safeguards are in place, such as UK adequacy regulations or standard contractual clauses.

 

YOUR CONTACT INFORMATION

It is important to us that the information we hold about you is accurate.  Changes to personal details should be advised by email to sue@vtaservices.co.uk 

Name:  Sue Wheeler trading as VTA Services
Email:  sue@vtaservices.co.uk

Phone Number:  07918 131766

Postal Address:  67 Stirling Close, Stevenage, Herts, SG2 8TG

 

HOW TO MAKE A COMPLAINT

If you have any concerns about how your personal data is handled, you can contact us at sue@vtaservices.co.uk.

We will acknowledge your complaint and aim to respond within 30 days.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO): https://www.ico.org.uk

 

HOW WE PROTECT YOUR DATA

We consider data protection issues as part of the design and implementation of systems, services, products and business practices. We only process the personal data that we need for our purposes, and that we only use the data for those purposes.  We ensure that personal data is automatically protected in any IT system, service, product, and/or business practice, so that individuals should not have to take any specific action to protect their privacy.  When we use other systems, services or products in our processing activities, we make sure that we only use those whose designers and manufacturers take data protection issues into account.

 

WHAT DATA BREACH PROCEDURES WE HAVE IN PLACE

A personal data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.  We are registered with the Information Commissioner’s Office (ICO), registration number ZB029982, and take any data breach seriously.  When a security incident takes place, we establish whether a personal data breach has occurred and, if so, promptly take steps to address it, including telling the ICO if required.  We ensure that all breaches are recorded, regardless of whether or not they need to be reported to the ICO.

 

THIRD PARTY LINKS

Where we provide links to websites of other organisations, this privacy notice does not cover how that organisation processes personal information. When you leave our site we encourage you to read the privacy notices on the other websites you visit.

bottom of page