Skip to main content

Digital Planning Directory

Privacy Policy

Welcome to the Privacy Policy of the Digital Planning Directory.

This Privacy Policy informs you about how we use and look after your personal data, including any data you may provide for the Digital Planning Directory (the Directory) through digitalplanningdirectory.org or when you contact us by phone or email or otherwise communicate with us, when we provide our Directory service to you and when information and personal data is provided to us relating to our business. This Policy also informs you about your privacy rights and how the law protects you.

This Policy applies to any individual whose personal information we hold or use, whether you are a current or prospective user of the Directory or listed provider or anyone else. It covers the personal data of people identified in the Directory, although it is the responsibility of the relevant listed service provider to obtain any necessary permissions from these people to be included in their entry in the Directory.  Our services are not aimed at children and we do not knowingly collect data relating to children.

Who we are

digitalplanningdirectory.org is a website service operated by Digital Task Force for Planning (the Task Force, we, us or our). The Task Force is the controller and responsible for your personal data. The Task Force is also responsible for this website.

Our Data Protection Manager is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights (including any opt-out mentioned in this Privacy Policy), please contact the Data Protection Manager using the details set out below.

Contact details

Our full details are:

If you have a complaint relating to such data, please contact the Data Protection Manager by email or post at the above address. You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, prefer to deal with your concerns before you approach the ICO so please contact us in the first instance.

In this Privacy Policy, the terms “personal data”, “processing”, “controller” and “processor” shall each have the meaning ascribed to them in the UK General Data Protection Regulation (UK GDPR).


1. Personal data we collect

We may obtain information from you directly.  For example if you are a service provider wishing to be listed in the Directory (Provider) you may give us information when you create a Provider account or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you enquire about our services. The information collected will include the following:

You may also provide additional information (some of which will be personal data and not solely related to your company) to enhance your business profile,  such as your business location, year of registration, service areas and introduction, picture, case studies, testimonials, demonstration video, and business phone number.

It is your responsibility to ensure that the information you provide to us is accurate and not misleading or overly commercial (and inappropriate for the Directory).

As part of the validation process, we will collect your name, company name, phone number, company registration number, company registered location, turnover in the last financial year, estimated turnover in the current financial year, and email address for our records, but this information will not be made available to the public unless you agree that it may be included

If you give us personal data about other people (for example your customers in case studies or testimonials) then you confirm that they are aware of the information in this Notice about how we will use their personal data and you acknowledge that it is your responsibility to obtain permissions and approvals from them as appropriate.

We will also hold information we collect about you from other sources. This could include:

We also collect personal data automatically when you use the website and when you navigate through the website. Data collected automatically may include:

For more information on our use of these technologies, see our Cookie Policy.

2. How we use your personal data, and the legal basis for doing so

This section includes details of the purposes for which we use personal information and also the different legal grounds upon which we process that personal information. We use personal information to provide and improve our service and for other purposes that are in our legitimate interests, as well as for compliance purposes. Further information is set out below.

We are can only process your personal data on a basis permitted by law. The legal basis will usually be one of the following:

Note that we may process your personal data on more than one lawful basis depending on the specific purpose for which we are using your data. You are welcome to contact us for further information on the legal grounds that we rely on in relation to any specific processing of your personal information.

Legitimate interests for use

We use personal information for a number of legitimate interests, including to provide and improve our service, administer our relationship with you and our business, for marketing and in order to exercise our rights and responsibilities. More detailed information about these legitimate interests is set out below:

Special categories of data

We don’t aim to collect special category data, such as data relating to racial or ethnic origin, information relating to health, religion or union membership, and it usually only comes into our possession because it is incidental to other information provided to us or can be inferred from information provided to us. We will only use such information as permitted by law, which in most cases means obtaining your explicit consent.

Automated Decision Making

We do not analyse personal data in relation to our services in a way which involves profiling, which is processing your personal data using software that is able to evaluate your personal aspects and predict risks or outcomes.

3. Messages to you (including marketing)

We may send you messages (by telephone, post, text and email and other digital means) to help you manage your account and to keep you informed about features of the products and services you use.

We may also send you marketing messages, to inform you about products and services (including those of others) that may be of interest to you. You can ask us to stop or start sending you marketing messages at any time by contacting us (see Contact Us at the beginning of this Privacy Notice) or by following the unsubscribe instructions in our marketing messages.

Consent

We may obtain consent to collect and use certain types of personal data when we are required to do so by law (for example, sometimes when we process special categories of personal data or when we place cookies or similar technologies on devices or browsers). If we ask for your consent to process your personal data, you may withdraw your consent at any time by following the unsubscribe instructions in our communications with you or by contacting us using the details set out in the Contact Us section at the beginning of this Privacy Notice or, if in relation to cookies or similar, via the Cookie Policy.

4. Disclosure of personal data

Any information included in your company profiles and any content you post on the Directory (e.g., case studies, blog articles) will be seen by others, and may also be displayed in search engine results.

We may share your personal information in the following cases:

Before we disclose personal data to a third party, we take steps to ensure that the third party will protect personal data in accordance with applicable privacy laws and in a manner consistent with this Notice. Third parties are required to restrict their use of this personal data to the purpose for which the data was provided.

Sometimes the third party will be outside the UK, in which case see section 6 for more information.

5. External links and social media sites

This website and our services may include links to third-party websites (including the websites of others listed in the Directory), plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

Communication, engagement and actions taken through external social media platforms are subject to the terms and conditions as well as the privacy policies of those social media platforms.

This website may use social sharing buttons which help share web content directly from our web pages to the social media platform in question. Where you use such social sharing buttons you do so at your own discretion. You should note that the social media platform may track and save your request to share a web page respectively through your social media platform account. Please note these social media platforms have their own privacy policies, and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these social media platforms.

6. Where we store personal data

If you live in the UK, the personal data relating to you that we collect may be transferred to, and stored at, locations outside the UK. It may also be processed by staff operating outside the UK who work for us or for one of our service providers.

As described in this Privacy Policy, we may also share personal data relating to you with third parties who are located overseas, for business purposes and operational, support and continuity purposes, for example, when we use IT service providers or data storage services.

Countries where personal data relating to you may be stored and/or processed, or where recipients of personal data relating to you may be located, may have data protection laws which differ to the data protection laws in your country of residence. By submitting your personal data, you accept that personal data relating to you may be transferred, stored or processed in this way. We take measures to ensure that any international transfer of information is managed carefully and in accordance with data protection law to protect your rights and interests and in accordance with this Policy.

These measures include:

You have the right to ask us for more information about our safeguards. Please contact the Data Protection Manager (see the Contact Us section at the beginning of this Privacy Policy).

7. Changes of Business Ownership and Control

We may, from time to time, expand, reduce or sell our business, and this may involve the transfer of certain divisions or the whole business to other parties. Personal data relating to you will, where it is relevant to any division so transferred, be transferred along with that division to prospective buyers and the new owner or newly controlling party will, under the terms of this Privacy Policy, be permitted to use personal data relating to you for the purposes.

8. Security and data retention

Security

Unfortunately, the transmission of information and data via the internet is not completely secure. Although we will do our best to protect personal data relating to you, we cannot guarantee the security of such data transmitted to the website; any transmission is at your own risk. Once we have received personal data relating to you, we use strict procedures and security features to try to prevent unauthorised access.

The security of personal data regarding you is a high priority. We take such steps as are reasonable securely to store personal data regarding you so that it is protected from unauthorised use or access, misuse, loss, modification or unauthorised disclosure. This includes both physical and electronic security measures. Examples include the use of passwords, locked storage cabinets and secured storage rooms. Other features include:

Retaining your data

We will keep your personal data for as long as we have a relationship with you. Once our relationship with you has come to an end (e.g. following closure of your account), or your application for a listing in the Directory is declined or you decide not to go ahead with it, we will only retain your personal data for a period of time that is calculated depending on the type of personal data, and the purposes for which we hold that information.

We will only retain information that enables us to:

We ensure information is only held for the correct period. We then delete or de-identify your data. The retention period is generally linked to the amount of time available to bring a legal claim, which in many cases is six or seven years following closure of your account or following a transaction. We will retain your personal data after this time if we are required to do so to comply with the law, if there are outstanding claims or complaints that will reasonably require your personal data to be retained, or for regulatory or technical reasons. If we do, we will continue to make sure your privacy is protected.

9. Your rights

You have certain rights regarding your personal data. These include the rights to:

Where we rely on our legitimate interests to obtain and use your personal data then you have the right to object if you believe your fundamental rights and freedoms outweigh our legitimate interests. Where processing is carried out based upon your consent, you have the right to withdraw that consent.

Your ability to exercise these rights will depend on a number of factors and in some instances, we will not be able to comply with your request e.g. because we have legitimate grounds for not doing so or where the right does not apply to the particular data we hold on you.

You should note that if you exercise certain of these rights we may be unable to continue to provide some or all of our services to you (for example where the personal data is required by us to comply with a statutory requirement, or is necessary in order for us to perform our contract with you).

We ask that you contact us to update or correct your information if it changes or if the personal data we hold about you is inaccurate.

Please contact the Data Protection Manager if you wish to exercise any of your rights.

If you have a concern about the way we are collecting or using personal data relating to you, we request that you raise your concern with us in the first instance. Alternatively, you can contact the Information Commissioner’s Office at https://ico.org.uk/concerns/.

10. Changes to this Policy

We review and amend our Privacy Policy from time to time. Any changes we make to this Notice in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to this Policy. The new terms may be displayed on-screen and you may be required to read and accept them to continue your use of the website.

Last updated: 25 September 2024