Welcome to The Virtual Hive’s Privacy Policy which describes the information that we collect about you; how we use and protect this information; and the choices you can make about how we use it. This privacy policy notice is for this website; www.thevirtualhive.co.uk and served by Sophie Hanby, trading as The Virtual Hive, and governs the privacy of those who use it.

For the purposes of the General Data Protection Regulation (GDPR) the data controller is Sophie Hanby at The Virtual Hive. We are registered with the ICO under the Data Protection Register, our registration number is: ZA297149

We hope the following sections will answer any questions you have but if not, please do get in touch with us.

Lawful grounds for processing your data
When collecting your personal data, we will always make clear which data is necessary in connection with a particular service.  We may process your data for more than one lawful ground.
The law on data protection sets out a number of different reasons why we may collect and process your personal data, including: 
 

Consent
In specific situations, we can collect and process your data with your consent. For example, in the future you may sign up for our newsletter or promotions by providing your email address.

Contractual obligations
If you are a client or a supplier, we need your personal data to comply with our contractual obligations. For example, if you are a client we need your name, email address and postal address so that we can invoice you.

Legal compliance
If the law requires us to, we may need to collect, process and store your data.  

 
Legitimate interest
We will use your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.
For example, we may use your address details to send you birthday cards or to send you the transfer of information.

When do we collect your personal data?
We may collect personal data under any of the following circumstances.  It will always be clear what we are collecting and why.

  • When you first make contact with us.
  • When you book a meeting with us.
  • When you choose to complete any of the surveys we may send you.
  • When you’ve given a third-party permission to share with us the information they hold about you.
  • When you deliver a service or a product to us as a supplier.


We will never insist on having your consent in order to receive any of our services or information.

What personal data do we collect?

  • Name.
  • Email address.
  • Telephone number.
  • Mobile phone number.
  • Dietary requirements (only if applicable)
  • Accessibility requirements (only if applicable)
  • Your social media username, if you interact with us through those channels, to help us respond to your comments, questions or feedback.
  • Log in information for the websites that you use.
  • Business address.
  • Photographs at events or on testimonials.


How and why do we use your personal data?
Here’s how we’ll use your personal data and why. (If you wish to change how we use your data, you’ll find details in the ‘What are my rights?’ section below).
If you are a client or past client, then we will use your personal data to:

  • Deliver our contractual obligations.
  • To provide ideas and business connections.

If you are yet to become a client but have expressed an interest in what we can offer, then we will use your personal data to:

  • Send you follow up emails.
  • Connect you with people that you have given us explicit permission to do so.
  • Check arrangements for meetings or events (by mobile phone, text or email).
  • Ensure any catering arrangements meet your dietary requirements.
  • Ensure that any accessibility requirements can be handled.
  • To send you on boarding instructions.

 
Protecting your personal data.
We will treat your data with the utmost care and take all appropriate steps to protect it. Our website is secured with ‘https’ technology and access to your personal data is password-protected on the various applications we use.  Data is regularly backed up and virus software kept up to date.

We have a procedure in place to handle any data breaches if they should occur.

How long will we keep your personal data?
We will only keep your personal data for as long as is necessary for the purpose for which it was collected or as specified by HMRC or similar regulatory authorities.

At the end of that retention period, your data will either be deleted completely or anonymised (so that it can still be used for management information analysis).

Who do we share your personal data with?
We will share your personal data with trusted third parties who act as data processors.  We check that they are GDPR compliant and have processing agreements in place with each of them.

We provide only the information they need to perform their specific services and they may only use your data for the exact purposes we specify in our contract with them. If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.

We do not sell your data to any third party nor do we share your data with any third party for their own direct marketing purposes.

We currently use the following companies, who will process your personal data as part of their contracts with us:

  • Blue Sky VA Services
    • Blue Sky VA Services may use your personal data to communicate with you, ensure that you have all the information you need following a project; to send onboarding instructions; to arrange meetings; to organise venues; to follow up on meetings, to carry out any of the services that we are providing you.  Communications are by phone, email or text. For more information, please see Blue Sky VA Services privacy notice.
  • Andrea Sexton PR & Marketing
    • Andrea Sexton PR & Marketing may use your personal data to communicate with you, on your behalf with publications you have expressed an interest in, and to carry out any of the services that we are providing you. Communications can be by phone, email or text. For more information, please see Andrea Sexton’s privacy notice.
  • Wave
    • We use Wave as our accounting platform so it holds the personal data we need to process invoices and to properly account for the transactions. For more information, please see Wave’s privacy notice.
  • Xero
    • We use Xero for some of our clients accounting platform so it holds the personal data we need to process invoices and to properly account for the transactions. For more information, please see Xero's privacy notice.
  • Dropbox
    • Dropbox is used to share information across The Virtual Hive  team.  Members have access to a restricted subset of documents for ongoing reference. For more information, please see Dropbox’s privacy notice.
  • Microsoft Exchange
    • We use Microsoft Exchange to handle all our incoming and outbound emails and calendar events. We only store name and email address in the address book. For more information, please see Microsoft’s privacy notice.
  • Google
    • When someone visits www.thevirtualhive.co.uk we use Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. The way this information is processed does not allow us to identify an individual.
  • Facebook
    • We only use Facebook to share information, tips and promote The Virtual Hive and its clients if they have specifically instructed us to do so. We do not use any of the personal data outside of Facebook.
  • Twitter
    • We use Twitter to share information, tips and promote The Virtual Hive and its clients if they have specifically instructed us to do so. We do not use any of the personal data outside of Twitter.
  • LinkedIn
    • We use LinkedIn to share information, tips and promote The Virtual Hive and its clients if they have specifically instructed us to do so. We may also contact our connections via the platform. Email addresses may also be used outside of LinkedIn.
  • Instagram
    • We use Instagram to share images, information, tips and promote The Virtual Hive and its clients if they have specifically instructed us to do so. We may also contact our connections via the platform.
  • Buffer
    • We use Buffer to populate social media channels on behalf of clients if they have explicitly instructed us to do so. We may share information, tips and promote The Virtual Hive and its clients if they have specifically instructed us to do so. We do not use any of the personal data outside of Buffer.
  • Hootsuite
    • We use Hootsuite to populate social media channels on behalf of clients if they have explicitly instructed us to do so. We may share information, tips and promote The Virtual Hive and its clients if they have specifically instructed us to do so. We do not use any of the personal data outside of Hootsuite.
  • Hubspot
    • We use Hubspot to populate social media channels on behalf of clients if they have explicitly instructed us to do so. We may share information, tips and promote The Virtual Hive and its clients if they have specifically instructed us to do so. We do not use any of the personal data outside of Hubspot. We may also store information in hubspot on behalf of our clients such as names, phone numbers, email addresses and physical addresses.
  • Pixlr
    • We use Pixlr to edit images used for social media and marketing purposes for ourselves and our clients. These may include photographs of peoples faces. 
  • Canva
    • We use Canva to edit images used for social media and marketing purposes for ourselves and our clients. These may include photographs of peoples faces. 
  • Trello
    • We use Trello as a project management tool. It has personal contact information such as names, email addresses and relevant business information in it. We may also use Trello as another means of communicating with our team or with our clients.
  • Signable
    • We use Signable to send across our contracts to clients and associates to legally sign. It may contain our contracts and sensitive business information.
  • Hellosign
    • We use Signable to send across our contracts to clients and associates to legally sign. It may contain our contracts and sensitive business information.
  • Slack
    • We use slack to communicate with our clients and within teams. We may share with each other personal contact information such as names, email addresses and relevant business information in it needed for the services of the business.
  • Whatsapp
    • We may use Whatsapp to communicate with our clients and within our team. We may share with each other personal contact information such as names, email addresses and relevant business information in it needed for the services of the business.
  • Lastpass
    • We use Lastpass as our password and sensitive information portal. It contains log in information for websites and personal financial details. This information is never shared without prior consent from the information owner. 

In the event that The Virtual Hive is sold and its assets are acquired by a third party, then the personal data we hold may be one of the transferred assets.

Where your personal data may be processed
Several of the data processors we use are outside of the EEA. The EEA includes all EU Member countries as well as Iceland, Liechtenstein and Norway.  Where the processor is outside of the EEA we ensure that they have appropriate privacy policies in place and that the processing agreement with them includes appropriate protection for your data.

What are your rights over your personal data?
You have the right to request:

  • Access to the personal data we hold about you.
  • The correction of your personal data when incorrect, out of date or incomplete.
  • That we stop using your personal data for direct marketing (either through specific channels, or all channels).
  • That we stop any consent-based processing of your personal data after you withdraw that consent.
  • That we erase all data that we hold about you

 
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any data subject access request you make under this Privacy Notice. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.

Links to other websites. This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.

Please check the terms of the third-party website’s privacy policy before submitting any personal data to such a website.
Contacting the Regulator: If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.

You can contact them by calling 0303 123 1113 or go online to www.ico.org.uk/concerns
 
If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your cou