If you’re reading this page, the chances are that you are interested in what cookies we use on the Threekey website. We have created this page to provide you with both a brief and detailed overview.
Monitor how users use the website so that we can review and make changes and improvements
In some circumstances, to identify individuals who visit the website
Store some personal information such as name and email address, if you share this with us
Myfour Ltd (“Myfour Ltd” “we” or “us”) is marketing services business and we take our data protection and privacy responsibilities seriously.
Our website may provide links to third party websites. Myfour Ltd is not responsible for the conduct of third-party companies linked to the website and you should refer to the privacy notices of these third parties about how they may handle your personal information.
Myfour Ltd is the Controller of personal data we receive from clients and corporate customer employees and Service Users.
If you have any questions about who may be the Controller and responsible for your personal information, please contact firstname.lastname@example.org.
We may collect personal data about you when:
The categories of personal information about you which we may collect and use, depending on our relationship and interactions with you, includes:
Data protection and privacy laws requires organisations to have a “legal basis” or “lawful ground” to collect and handle your personal information. We will only collect, use and share your personal information where we are satisfied that we have an appropriate legal basis to do so.
The purposes for which we may use your personal data and the legal bases we rely on to perform such processing are set out below:
Where necessary for the performance of a contract with you, or take steps linked to a contract:
Where you give us consent:
For purposes which are required by law:
Other processing necessary to comply with professional, legal and regulatory obligations that apply to our business.
Where necessary for Myfour Ltd’s legitimate interests or those of a third party::
Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal information.
Where we need to use your personal information for any other purpose, we will let you know at the time of collection or as required or permitted by law.
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests. We have undertaken balancing tests for the data processing we carry out based on our legitimate interests. You can obtain information on our balancing tests by contacting us on the details in section 13 below.
Special category information is certain kinds of personal data that is particularly sensitive and requires higher levels of protection. We may collect certain types of special category information, as set out in section 5, from time to time, primarily in the following scenarios:
Where we do collect and handle special category personal information, we will only handle that information in accordance with applicable law, including where:
Less commonly, we may process this type of information where it is needed to protect your vital interests (or someone else’s vital interests) and you are not capable of giving your consent, or where you have already made the information public.
We will only disclose personal information to a third party in limited circumstances, or where we are permitted to do so by law. We may share your personal information with Clients, research partners and third parties as described below:
We may transfer your personal information to third parties in connection with a reorganisation, restructuring, merger, acquisition, sale or transfer of assets, or in the event there is an operational or management change of the business.
Our services are offered on a global basis. The personal information that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”) (for example, in the USA). It may also be processed by workers operating outside the EEA who work for us or for one of our service providers.
We will take appropriate steps to ensure that transfers of personal data are in accordance with applicable law and carefully managed to protect your privacy rights and interests. To this end, we will:
If you would like further information about the global handling of your personal information, please contact us at email@example.com.
Myfour Ltd takes precautions including administrative, technical and physical measures to safeguard your personal information against loss, theft and misuse, as well as against unauthorised access, modification, disclosure, alteration and destruction. We protect your personal information using a variety of security measures including:
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we have in place robust procedures and security features to try to prevent unauthorised access.
Below are the general criteria we use to determine how long we will keep your personal information, where upon we will either delete or anonymise your personal data:
Any digital data gathered at the request of the Client will be stored on secure cloud based data servers.
Unless otherwise stated, Myfour Ltd will generally retain your personal data in accordance with any applicable limitation period (as set out in applicable law) plus one (1) year, to allow reasonable time for review and deletion/anonymisation of the personal information held. This will usually be seven (7) years following the expiry of our business or participant relationship with you.
We are required by law (for the purpose of complying with regulatory, tax, accounting requirements etc.) to retain certain information for a period following the expiry of our relationship with you.
In specific circumstances we may store your personal information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.
We are not required to comply with your request to erase personal information if the processing of your personal information is necessary for several reasons, including: (i) for compliance with a legal obligation; or (ii) for the establishment, exercise or defence of legal claims.
We can continue to use your personal information following a request for restriction, where: (i) we have your consent; (ii) to establish, exercise or defend legal claims; or (iii) to protect the rights of another natural or legal person.
Please note, to ensure security of personal information, we may ask you to verify your identity before proceeding with any such request.
We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
If you would like to exercise any of these rights, please submit your requests to Jamie Galloway via:
Telephone: 07770 738 832
Lambeth Town Hall
Last Edited on 5th May 2021