First Bridge is committed to protecting your personal information in accordance with the Data Protection Act 2018 and the UK General Data Protection Regulation (GDPR).
First Bridge is the data controller and is responsible for this website. The purpose of this privacy notice is to inform you how we look after your personal data when you visit our website. We’ll also tell you about your privacy rights and how the data protection law protects you.
What is personal data?
Personal data is defined by the General Data Protection Regulation and the Data Protection Act 2018 as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
First Bridge will comply with data protection law. This says that the personal data we hold about you must be:
- Used lawfully, fairly and in a transparent way.
- Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
- Relevant to the purposes we have told you about and limited only to those purposes.
- Accurate and kept up to date.
- Kept only as long as necessary for the purposes we have told you about.
- Kept and destroyed securely including ensuring that appropriate technical and security measures are in place to protect your personal data from loss, misuse, unauthorised access and disclosure.
What personal data do we collect and how do we get it?
This website collects certain information automatically, including your IP address, the type of browser you are using and certain other non-personal data about your computer or device such as your operating system type or version, and display resolution. Please also see Website Cookies section for further information.
If you send us an email, we may collect your name, your email address, and any other information which you choose to give us.
If you use our registration form, we will collect your name, email address, postal address and telephone number.
If you apply for a role at First Bridge we will process your data in line with our staff and role-holder privacy notice.
If you become a client, we will send you a ‘Terms of Business’ document, these explain in more detail how we process your information.
Adverts and Sponsored Links
Our website may contain sponsored links and adverts. These will typically be served through our advertising partners, who may have detailed privacy policies relating directly to the adverts they serve.
Third-party links outside of our control
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.
When you leave our website, we encourage you to read the privacy notice of every website you visit.
Data security is of great importance to First Bridge and we have put in place measures to safeguard your data from being lost, used, altered, disclosed or accessed without authorisation.
We also only allow access to your data to our employees or contractors, when there is a necessary business need to know such data. They will only process data as instructed by us and they must keep it confidential.
We have a data breach procedure in place and should any suspected personal data breaches occur, we will notify you and the regulator if legally required.
Transfer of Data Abroad
Any personal data transferred to countries or territories outside the European Economic Area (“EEA”) will only be placed on systems complying with measures giving equivalent protection of personal rights either through international agreements or contracts approved by the UK authorities.
How long do we keep your personal data?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
What is the legal basis for processing your personal data?
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:
Performance of contract: This means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
Legitimate interest: This means the interest of our business in conducting and managing our business to enable us to give you the best service and the most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
Comply with a legal or regulatory obligation: This means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
Consent: In limited circumstances we may require your consent to process your personal data and you are able to remove your consent at any time.
Who do we share your personal data with?
We may have to share your personal data with the parties set out below:
- Service providers who provide IT and system administration services.
- Professional advisers including lawyers, bankers, accountants, auditors and insurers.
- Government bodies that require us to report processing activities or otherwise disclose your personal data.
- Market researchers and fraud prevention agencies.
- Third parties to whom we sell, transfer, or merge parts of our business or our assets.
We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.
Your data protection rights
Under data protection law, you have rights including:
Your right of access – You have the right to ask us for copies of your personal information.
Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. In order to process any request, we may need to verify your identity for your security. In such cases we will need you to respond with proof of your identity before you can exercise these rights.
Please contact us if you have any questions about this Privacy Notice or the personal data we hold about you or to exercise all relevant rights, queries or complaints at:
0203 301 3985
Station Court Imperial Wharf
1 Harbour Avenue
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at firstname.lastname@example.org
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
This notice was last updated in July 2021.