top of page

Privacy Policy

At Willow Tree HR I am committed to protecting and respecting your privacy. Please read this Privacy Policy carefully as it provides guidance on the basis on which I collect, store and process your personal data.

In this Privacy Policy, a reference to “you” means the person whose personal information I collect, use and process. I will use your personal data only for the purposes and in the manner set out below to ensure I process any of your personal data is in compliance with the Data Protection Acts 1998 and 2018 and the General Data Protection Regulation (the “GDPR”) and any subsequent amendments to data protection legislation.

By using this website, you agree to the collection, use and transfer of the information you provide to us in line with this Privacy Policy. This Policy will be updated from time to time as the need arises.

Data Controller – Contact Details

For the purposes of the Data Protection Legislation, the Data Controller is Willow Tree HR.

Information collected and how it is used

This Privacy Policy applies to personal information that I collect, you have provided to us, use and otherwise process about you in connection with your relationship with us as a client.

I may collect and process the following but are not limited to:

  • Personal information - name;
  •  Contact details – business address, email, phone number as provided to us via your business card etc;
  •  Financial information – purchase order and bank details for invoice purposes.

It is unlikely that I will need to collect Sensitive Personal Information about you but if this is the case I will treat your data in the strictest confidence at all times. Where I collect, request or use your Sensitive Personal Information this will be as part of a contract with you and for legitimate purposes.

Sensitive Personal Information is defined as your racial or ethnic origin, religious, political or philosophical beliefs, genetic data, and biometric data for the purposes of unique identification, trade union membership or information about your health/sex life and personal information relating to criminal convictions or offences.

How do I use your personal information

The main purposes for which I use your personal information are:

  • provide you with information about my consultancy services;
  • carry out our obligations arising from any contracts between us;
  • update you on the latest consultancy services and any relevant news I think you might be interested in;
  • ask you to partake in customer surveys, to improve customer service or make other services available to you;
  • provide you with relevant marketing communications;
  • where you have given me permission, to contact you from time to time to keep you up to date with limited offers and other promotions.
Purposes for processing personal information
  • where you have given your consent to the processing of your personal data;
  • enable me to perform my obligations under any contract with you;
  • for legitimate interests provided these are not overridden by your interests and fundamental rights and freedoms, e.g., to respond to your enquiries;
  • where I must comply with a legal obligation to disclose your personal information to a government and/or regulatory bodies and other third parties when required to do so by applicable law, e.g., to comply with a court order, for taxation purposes etc.;
  • In the event of a merger, acquisition, or any form of sale of some or all our assets to a third party, I may also disclose your personal information to the third parties concerned or their professional advisors. In the event of such a transaction, the personal information will be among the assets transferred to the buyer.


Data Retention

Your personal data will not be kept for longer than is necessary to fulfil the specific purposes outlined in this Privacy Policy and to allow me to comply with our legal requirements, including, without limitation, any tax and commercial obligations.

The criteria I use to determine data retention periods include the following:

  • In case of queries - I may retain your personal data for a reasonable period after you have enquired about my consultancy services, in case of a follow-up query from you.
  • Permitted under applicable law - I will continue to retain personal data where necessary to provide my consultancy services to you and where the retention of such personal data is necessary for the purposes of pursuing legitimate interests or where it is necessary for public interest purposes.

Please note that, although reasonable efforts will be taken, it may not always be possible to completely remove or delete all your personal information from our database because of back-ups and other technical reasons. Where this is the case, I will take steps to ensure that your personal data is suppressed to render it unusable.

Your data privacy rights

You may exercise the rights available to you under data protection laws as follows:

1. The right to withdraw your consent to the processing of your personal data. However, I may continue to process your personal information if there is an alternative legal basis for the processing;

2. The right to request access to or obtain a copy of the personal data I hold about you. Any request will be processed within 30 days in accordance with the GDPR;

3. The right to rectification requiring a correction to any inaccurate personal data;

4. The right to request restriction of processing any data concerning you or to object to processing of your personal data if processing is based on legitimate interests or direct marketing etc.,

5. The right to request the erasure of your personal data where it is no longer necessary for me to retain it;

6. The right to data portability;

7. The right to object to automated decision making including profiling (if any) that has a legal or significant effect on you as an individual;

8. The right to complain to a data protection authority, e.g., the Information Commissioners Office (ICO) if you consider that I have infringed applicable data privacy laws when processing your personal data.

Security

I will endeavour to use appropriate technical and physical security measures to protect your personal data which is collected, stored or otherwise processed, from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access. These measures include storing personal data in a secure database which is password protected and ensuring your data is backed up on a regular basis. Any service providers I use are also selected carefully and required to use appropriate protective measures.

As effective as modern security practices are, no physical or electronic security system is entirely secure. The transmission of information via the internet is not completely secure. Although I will do my best to protect your personal data, I cannot guarantee the security of your data transmitted over the internet. Any transmission of data is at your own risk. Once I receive your data, I will use appropriate security measures to seek to prevent unauthorised access. I will continue to revise policies and implement additional security features as new technologies become available.

If there is an interception or unauthorised access to your personal data, I will not be liable or responsible for any resulting misuse of your personal information.

I may monitor the use and content of emails, calls and secure messages sent from and received so that I can identify and take legal action against unlawful or improper use of systems, e.g., transmitting computer viruses and attempts to prevent this website or other systems from working. 

bottom of page