GDPR

---

Canondale Investments Ltd

Last updated: 31st January 2023

Who We Are:

Canondale Investments Ltd, specialized into corporate advise, crisis management, management restructuring, consulting in various sectors (industries, finance, crypto blockchain, governments, etc.), brand management, concepts and realization of special tasks. All activities under regulations exempt by FCA. 

Definitions

My Company: My Company means; within this privacy policy we are referring to Canondale Investments Ltd Address of the company would be Kemp House, 160 City Road, London EC1V 2NX

Company Registration No: 13616745

Your Company: Your company/website with the name www.canondale.investments with the permanent address at Kemp House, 160 City Road, London EC1V 2NX . Registered at Companies House UK with registration No. 13616745 of which my company will be signing an agreement and will abide the GDPR guidelines for Canondale Investments Ltd, specialized into corporate advise, crisis management, management restructuring, consulting in various sectors (industries, finance, crypto blockchain, governments, etc.), brand management, concepts and realization of special tasks. All activities under regulations exempt by FCA.

GDPR: General Data Protection Regulation Act. Is the legal body under guidelines of which all our website activities will be performed.

Data Controller: Data Controller means the natural or legal person who alone or jointly or in common with other persons will determine the purposes and manner in which the procurement of any personal information related to your company are to be procured and acquired.

 

Data Processor: Data Processor means any natural or legal person or a group of expert individuals who will be collecting all the data from the Data collector and will be processing it to the best of his or their skillful knowledge in the benefit of your company.

 

Data Subject
Data Subject is any living individual who is using our Service and is the subject of access to my company’s Personal Data. He/she will be the first point of contact between my company and your company.

There are a certain set of principles we follow in processing your personal data. All these principles are set in benefit of both my company and your company under the guidelines of GDPR, so they will be followed to the best of our consent and we expect the same from your end as well.

• Fairness and lawfulness. When my company’s data collector and data processor have access      to your company’s personal data, the individual rights of your data will      be subject to protection and must be protected. All personal data will be      collected and processed in a legal, fair and an ethical manner only. Date      of data collection and a brief description will be provided by your      company before handing over the data for processing duly signed by a      representative of my company at the time of receiving the same. A copy of      which will be retained with both the companies.
• Restricted to a specific      purpose. The personal data collected will only be      processed for specific purposes of (enter your specific relating service provided      such as: website generation). No other used of data will be      conducted from my company. Any sort of data provided by your company      should not contain any illegal or unlawful activity content. Responsibility      of such an act will be directly imposed on your company and could attract      legal attention.
• Transparency. The Data Subject will be informed of how his/her data is being      collected, processed and used. All times of collection of data will be      duly signed and a copy of brief description of the same will be provided by      and to the Data Subject of your company and the Data Collector of My      company simultaneously.

A soon as my company takes access to your company’s data, we  start processing activities as per the agreement signed and only on the designs selected, not exceeding the GDR compliance boundaries.
My Company needs to and will be collecting several and different types of personal data for various purposeful activities in your good faith. Personal Data which may include, but is not limited to:

• Email address
• First name and last name
• Phone number
• Address, State, Province, ZIP/Postal code, City
• Product information
• Company’s Address
• Business Registration Number
• Your Personal Identification Number
• Photo IDs
• Bank Details

My company uses the collected personal data for various purposes:

• To provide you with services information and updates of any policy      concerns
• To notify you about changes to our services and/or products
• To provide customer support and guidance as per your request
• To gather analysis or valuable information so that we can rectify      it to get the best use out of it,
• To detect, prevent and address any technical errors or concerns      that may be observed in the due course of action
• To provide you with the updated data as per your requirement
• To communicate with you on business days only on grounds of the work-related      activity during business hours only.

My Company’s legal aspect for collecting and using your company’s personal data is described in this Data Protection Policy and it depends on the personal data we collect and the specific context in which we are collecting the information:

· There will be an agreement contract duly signed by you under our agreement which will consist of all the term and conditions of usage of your company’s data

· We will get all the data enlisted by you that you will be providing to us on which all and any rectification and amendments will be done.

· A permission of your company’s authorized person with our company will be provided by you for usage and rectification of your data

· All rectification will be done under the guideline provided by you and only on the initial agreed sample website formatting which have to be in GDPR boundaries.

· Any other or additional service required by you or provided to you by kind or pressure will invite additional cost and will be levied directly on your company, without paying of which all and any process work may come to a halt of completion or delivery up to clearance of that amount.

· All personal credentials shared within both the agreement parties shall not be shared for any advertisement or illegal purpose.

· My company shall comply with the initial and details of the agreement, this would be agreed upon by both the parties and shall comply on the same to the best of abilities. 

Cookie Policy

· A declaration that will be provided to you by my company as of what cookies have been activated on your website

· What user data my company will track, for what reason we will be doing the same, and where in the world this data will be sent for promotion or advertisement purpose according to guidelines.

· A cookie policy will contain information for your users as to how they may opt out of the cookies or change their settings relating to the cookies on your website.

· Many website owners choose not to cooperate as per the cookie policy guidelines for privacy concerns. We highly recommend usage of cookies as they increase user experience. You can also leave your website cookie policy unselected and may choose to opt out as and when you like.

· Regardless, you are legally required to have one available to your users.

· Cookies are a potential privacy risk, because they are able to track, store and share user behavior.

· Whereas most of the remaining privacy policy may be static and untouched, the cookies used on a website are dynamic and might change often. 

· We recommend that if you are opting for it then an adequate cookie policy should be regularly updated to make sure that the information is accurate.

The General Data Protection Regulation (GDPR), gives website users the right to receive and select specific and up-to date information on what data is registered about them at all times, for what purpose, and where in the world it is sent 

· The privacy policy is a document, usually a page on the website, 

· It is a page in which all of the methods and purposes of the data processing activities on the site will be outlined, including contact forms, mailing lists etc.

· My Company will retain your personal information only for as long as is necessary for the purposes set out in this Data Protection Policy.

· My Company will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.

· Your personal information will always be under the GDPR guidelines and no personal data may be used for any advertisement or illegal purpose.

Returns or Refund Policy

(enter your own set of points here which relate directly to your company, the below points are for example purposes only)

· Website is an intangible product and is a virtual property that us guided under the GDPR guidelines.

· There shall be no returns or refunds applicable on the final product.

· Your company will get 5 opportunities to get your website fixed by our team.

· My company will take out their best of efforts to satisfy your company and its needs.

· We will comply with all the guidelines agreed upon within your company and my company along with the GDPR guidelines.

· This agreement may be a hard copy or a digitally signed document that shall carry the same worth and will comply will all legal aspects.

Cookie Acceptance Bar

· You should opt for a cookie warning or popup notice on your website.

· Websites by means of cookies collect user data and this should be done with the need to get the user’s consent for doing so. 

· However, virtually all websites set cookies that track users and their activities

· This provides an overview of their user’s digital web movement and their choice of interest is observed.

 

Web Security

· Web security also known as “Cyber security” involves protecting website or web application from cyber hackers

· They may cause glitches in your user experience and may attract drop in overall ranking of your website on the SERPs (Search Engine Result Pages).

· Web security does the work of detecting, preventing and responding to cyber-attacks. Stopping them from entering as these attacks have no control over access of your website data

· Websites are equally prone to security breaches as physical homes, stores, and government locations. So, security is always recommended with promptness and sometimes insisted upon depending on the content of the website.

· Websites of any sort must always be protected by firewall settings or other outsourced third-party privacy service providers.

· The key Web services security requirements are authentication of invaders or viewers of website, authorization by the ping that is received while entering your website or a security captcha check, data protection for prevention of leakage or loss of personal or user data and nonrepudiation entry in website without authorization 

GDPR Legal reason (for data capture)

· Processing personal data unlawfully is prohibited, 

· It is expressly allowed by law, or the Data Subject has provided a personal consent towards the processing of data. 

· Principles relate to Lawfulness, fairness and transparency as discussed earlier in our guidelines-One must process personal data in a legal manner, with absolute fairness and in a total transparent manner in relation to the subject personal data whether be it user or self.

· Neither the service provider not the service consumer is allowed to use data in a manner that had been discussed earlike i.e. for advertisement or any illegal purpose. 

Any personal data that has been collected should be for a definite specific, explicit and legitimate purpose and period without leading to any third-party disclosure.