Privacy Policy Security and confidentiality

Privacy Notice

Version 2.0 (14 September 2021)

Blue header down w bg
TAKE NOTE LTD

Privacy Notice

This Privacy Notice relates to personal data that Take Note may collect and process when you use our website or the Take Note Secure Portal. For information relating to how we process data on your behalf when we’re creating your transcripts, please see our Data Processing Addendum.

1.  Who is processing your personal data?

Take Note Ltd[1] is the data controller of personal data collected via the Take Note website. The data controller is the decision-maker with respect to the purpose and overall means of processing your personal data.

2.  What personal data are you processing?

When you get in touch with us or register for an account in the Take Note Secure Portal, we’ll process your name, email address, and telephone number.

If you enter into a contract with us, we’ll also need some additional information which may be personal data, such as:

  • Your job title and additional contact information
  • Invoicing information
  • Payment details

Cookies

Like most businesses, we use cookies on our website.

Cookies are files with small amounts of data which may include an anonymous unique identifier. They are sent to your browser from a website and stored on your device

We use essential cookies to enable core functionality on our website, such as the basket and checkout process.

We also use optional cookies to improve our products and services and to ensure that you get the best experience when you visit our website. Our website gives you the option to accept or decline these optional cookies.

You can also disable all cookies via your web browser, but you may find this means that some parts of our website don’t function correctly.

3.  Why are you processing this data?

We process your personal data in order to manage our business relationship with you, which may include:

  • Providing you with information that you’ve requested, such as a quote
  • Contacting you for a customer relations conversation
  • Keeping you up to date with our latest service offerings
  • From time to time, providing you with news or articles that we think may be of professional interest to you

If you enter into a contract with us, we’ll also process your personal data to ensure that we’re fulfilling our contractual obligations and that we’re meeting any legal or regulatory obligations we may have, such as accounting requirements.

We won’t use your personal data for any other purpose unless required to do so by law.

4.  What is the lawful basis for processing my personal data?

We rely on several lawful bases[2] when processing your personal data:

  • Performance of a contract
    If you’ve entered into a contract with Take Note, we’ll process your personal data to ensure that we fulfil our contractual obligations to you
  • Compliance with a legal obligation
    If we’ve provided you with services then we have a legal obligation to retain certain information for accounting purposes, which may include some of your personal data
  • Legitimate interest (the development of our business relationship with you)
    When we’re processing your personal data to provide you with information you’ve asked us for, or where you’ve previously used our services and we’re keeping in touch
  • Consent
    For cases other that the above, we'll only process your personal data with your consent

5.  What if I change my mind?

Where we’re processing your personal data on the basis of your consent, you may withdraw that consent at any time.  The UK GDPR also gives you the right to object to your personal data being processed for direct marketing purposes.[3]

You’ll find options to manage your preferences and unsubscribe completely in all non-transactional emails you receive from us – and you can also contact us on dataprotection@takenote.co to withdraw your consent.

6.  Who has access to my data?

In Take Note, only those authorised to process this data for the purposes mentioned above may access your personal data.

We also use some cloud service providers and other third parties to help provide our IT and payment services. In relation to your personal data, these third parties are data processors only – they must follow our instructions and they are obliged not to disclose or use your personal data for any other purpose.

We’ll never sell your data, and we won’t disclose it to any third parties other than for the purposes mentioned above unless required to do so by law.

7.  How do you secure my personal data?

Take Note operates an Information Security Management System certified to the ISO 27001:2013 international standard.

Your personal data is encrypted both at rest and in transit and may only be accessed by authorised Take Note employees using multi-factor authentication.

Take Note is also committed to a continuous programme of security awareness and development, and all our employees undergo security awareness training certified by the National Cyber Security Centre (NCSC).

8.  Will my personal data leave the UK?

We may transfer some of your personal data to cloud service providers in the United States. Where we do so, we will ensure that appropriate safeguards are in place to protect your personal data. We achieve this by requiring our service providers to enter into Standard Contractual Clauses[4] with us before processing any personal data – if you’d like to see a copy of these, please contact us on dataprotection@takenote.co.

Payment information will not be transferred out of the UK.

9.  How long will you keep my personal data?

If you’ve entered into a contract with Take Note, we’ll retain your personal data for a period of 7 years after the end of that contract.

In other cases, unless you tell us that you’d like us to delete your personal data sooner, we’ll retain your personal data for a period of up to 2 years after our last active engagement with you.

10.  What rights do I have?

The UK GDPR gives you the following rights in relation to your personal data:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling

For more information, or if you’d like to exercise any of these rights, please contact us on dataprotection@takenote.co.

11.  Links to other websites

Our website may contain links to other websites that we think might interest you. Once you use these links to leave the Take Note website, however, we no longer have control over how any personal data you provide will be used and we're not responsible for the protection and privacy of any such personal data. We recommend that you exercise caution and review the privacy notices of these websites before providing any personal data.

12.  What if something goes wrong?

We hope this doesn't happen - and in the first instance, we'd encourage you to get in touch on dataprotection@takenote.co so that we can help resolve any issues. However, you do also have the right to lodge a complaint with the Information Commissioner's Office (https://ico.org.uk/make-a-complaint/).

[1] Take Note Ltd is a company registered in England and Wales under company number 05954367. Our registered office is at Three Tuns House, 109 Borough High Street, London, SE1 1NL.

[2] UK GDPR, Article 6(1)

[3] UK GDPR, Article 21(2)

[4] UK GDPR, Article 46(2)

Light line 05
Dark break line 2