We are firmly committed to the “accountability” principle of the GDPR and will take all steps necessary to safeguard personal information in accordance with the current data protection legislation, currently the GDPR and Data Protection Act 2018.
Mike Huthnance at 3 Victoria Place, Love Lane, Romsey, Hampshire, SO51 8DE
or email firstname.lastname@example.org and include “data protection” in the email title.
Orbit are registered with the ICO as a data controller, reference: ZA270739.
We may collect and process various forms of information when you use our website:
See the “cookies” section below for more detailed information.
If you leave a comment on the site then we collect the data shown in the comments form, and also your IP address and browser user agent string to help spam detection.
When you complete the simple form on the Contact Us page (name, email, subject, message) the details are emailed directly via SMTP to an Orbit mailbox and we use these details to make contact and discuss your enquiry. If your enquiry relates to using our Consultancy services then we may add your details to our CRM to improve the quality of our communication and service provision.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
We use Google Analytics to measure traffic to our Site and understand how Users move around and use our Service. We use this information to enhance the Site and Service we provide to ensure that Users get the best experience possible. All of the information we collect from Google Analytics is aggregate and will not be disclosed with any other third parties.
We do not use any of the Advertising Features provided by Google Analytics.
The Google Analytics service will set up to 3 cookies in your browser. Two are used to uniquely identify you (to distinguish one visitor from another). These expire after 1 day and 2 years respectively. The third cookie is used to throttle the request rate, and expires after 1 minute.
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
We only share your personal information in very limited circumstances, these being when we contract an Associate Consultant (i.e. a specialist consultant who normally runs their own Limited Company) to provide you with Consultancy services and in these circumstances an appropriate Non-Disclosure Agreement has been signed which states their obligations and responsibilities relating to supplied personal information.
Other than this, we would only share your personal information if required to do so by law.
In accordance with Chapter V of the GDPR, we recognise the restrictions relating to transferring your personal information either outside the EEA or to an International Organisation. We store your information as follows:
We have selected these platforms and tools after assessing their security features (e.g. multi factor authentication) and independent certification (e.g. ISO 27001, SOC2) and are confident that they are effective and appropriate.
If you leave a comment, the comment and its metadata are retained indefinitely within the website content management system. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
However, if you submit personal information on a Contact Us form then the website does not store the information and we will only retain the relayed email whilst we attempt to contact you. If we quote for work or undertake work then your information will be added to our CRM (see above) and any information that remains dormant for more than 2 years will be deleted.
You have a number of rights that you can exercise free of charge and on request, under certain circumstances. However, if your requests are unfounded or excessive, we reserve the right to charge a reasonable fee or to refuse to act on them.
In summary, depending on the circumstances, you have the right:
For more information on these rights and when you can exercise them, see the Information Commissioner’s Guide
If you need to exercise any of your rights, please let us know by using the contact details above. If you want us to reply, or to send you anything, you must give us your contact details as well. We will ask you to verify your identity and may take up to 1 month from when we receive your request, unless the complexity and number of requests we receive means that we need more time. If we need more time (up to two further months) we will tell you why within the first month.
How to make a complaint
You also have the right to lodge a complaint with the Information Commissioner’s Office if you are in the UK, or with the supervisory authority of the European Member State where you work, normally live or where the alleged infringement of data protection laws occurred. The Information Commissioner’s Office can be contacted here .
If you provide us with your contact details via our Contact Us page, we may use them for the purposes of sending you marketing communications.
We will not send you any marketing communications by email unless you have given us your details to obtain a quotation for consultancy services, request a meeting to discuss our consultancy services or similar. The marketing will be in respect of similar services and you will be provided a clear opportunity to opt-out.
The legal basis we rely on for the purposes of sending you marketing communications is article 6(1)(f) of the GDPR, which allows us to process personal data when its necessary for the purposes of our legitimate interests.
If at any time you do not wish to receive marketing communications (whether by email or otherwise), please let us know and we’ll update our records immediately to reflect your wishes.
(Last updated: 01/06/2018)