At Know Your Compliance we respect and understand the importance of your privacy and only ever collect, process and store information with consent. The Data Protection Act 1998 relates to the ‘personal information’ of individuals and whilst 99% of our business is B2B, we treat all information processed by us in accordance with the DPA principles and recognise that some corporate email address are defined by the ICO as personal information. We are registered with the ICO and ensure robust and defined compliance processes for all personal information obtained and held by Know Your Compliance.
The Information We Collect and Process
The only infomation we collect and process is by customer provision: –
- During the purchase of any product(s)
- Through the use of our contact form
- Providing an email address to subscribe to our newsletter
- Information provided to us during enquiries
Due to the nature of the products we offer, our customers are mainly commercial entities and provide commercial contact details. However, for the purposes of sole trader, partnerships and/or where a company individual uses their personal information to make a purchase (including an identifiable corporate email address), we adhere to the consent and processing rules under the Data Protection Act 1998.
We collect only the minimum information required to process orders and all payments are processed through our secure third-party payment providers (SagePay or PayPal), ensuring that we do not need or retain any financial information. All contact details provided during purchase are stored on a secure database for the sole purposes of accounting and order history and are never passed to any third-party or used without permission.
We send a weekly email newsletter with compliance updates, product information and changes to relevant laws and regulations. Sign up only requires an email address and is done so through an opt-in submission process. All newsletter communications contain clear and simple opt-out links and we also retain a copy of opt-outs for ensuring we comply with requests to withdraw from communications and mailings.
Security and Compliance
At Know Your Compliance we obviously have a high regard for the compliance rules and regulations and believe that the minimum standards are always the bare minimum and we attain to much higher standards in our own compliance and the protection of the information that we hold. All debit/credit card payments are processed by SagePay or PayPal, both of whom are industry leading payment gateway providers with exceptional security measures and controls in place. We are also fully PCI compliant through the TrustWave authentification assessment and carry an up-to-date validation certificate on our website at all times.
Our website is maintained and secured through WPMaintain, who are one of the UK’s leading website security and maintenance firms, in addition to which we operate with an SSL Certificate across our entire site and utilise a WAF for additional security. We are proud to display the green secure padlock next to our domain name, which provides a full level of protection for customers when they add their contact details or log in to their account with us.
We no longer have thrid-party cokies on our site, including removing our Facebook ‘Like’ button, Linkedin follow and Google Analytics. We operate on a policy of ‘if it is not essential for us to collect it or store it, we won’t‘. Your security and privacy is more important to us than a Facebook ‘Like’! Our ‘Cookie Notice’ is displayed for all new visitors and we provide a link on all pages so that you can read more about our cookies.