Privacy Policy

1. Introduction Casla acknowledges its obligation to process personal data lawfully, fairly, and transparently. This privacy policy explains how we handle personal contact information, including how we collect, use, and share that information. Casla is a registered with the Information Commissioner’s Office as a data controller (here is a link to our page on the register).

2. Information Collection We collect personal contact information that may include, but is not limited to, names, email addresses, and phone numbers. This information is collected through various means such as online forms, email communications, and business interactions.

3. Use of Information The personal contact information we collect is used to:

  • Provide and improve our services

  • Communicate with clients about our services

  • Fulfil legal and regulatory obligations

4. Legal Basis for Processing We process personal contact information based on the following legal grounds:

  • Consent: We may process information if we have received explicit consent from the data subject.

  • Contractual Necessities: We process personal contact information necessary for the performance of a contract to which the data subject is party.

  • Legal Obligations: We may process personal contact information to comply with a legal obligation.

  • Legitimate Interest: We may process personal contact information based on legitimate interest under Article 6(1)(f) of the GDPR and corresponding provisions of the UK Data Protection Act 2018.

5. Legitimate Interests for Processing Business Contact Information

  • Purpose of Processing: The Company processes business contact information, including names, business email addresses, business telephone numbers, and job titles, of current, past, and prospective business contacts and partners. The processing activities include communication, network and relationship management, and business development.

  • Assessment of Legitimate Interests: The Company has conducted a careful assessment to ensure that the processing of business contact information is necessary for its legitimate business interests, which include:

    • Maintaining and enhancing relationships with existing business contacts and partners.

    • Establishing new business relationships and opportunities.

    • Efficiently managing and executing communication strategies.

    • Ensuring network security and information systems integrity.

  • The processing does not involve sensitive personal data and is confined to the necessary minimum to achieve the aforementioned purposes.

  • Safeguards and Mitigation Measures: To protect the rights and interests of data subjects, Casla implements robust technical and organisational measures, including data minimisation, limited access, and security protocols appropriate to the nature of the data being processed. Casla also ensures transparency and provides data subjects with the ability to object to the processing based on legitimate interests, under which circumstances Casla will reassess the balance of interests involved.

  • Right to Object: Data subjects have the right to object to the processing of their personal data based on legitimate interests at any time. Upon receiving an objection, Casla will cease processing unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the individual, or for the establishment, exercise, or defense of legal claims.

6. Data Sharing and Disclosure We do not share personal contact information with third parties except:

  • As necessary for providing the services requested by the client

  • To comply with legal or regulatory obligations

  • With service providers acting as processors who provide IT and system administration services under our instructions

7. Data Security We take appropriate security measures to prevent unauthorised access, disclosure, modification, or unauthorised destruction of the data.

8. Data Retention We retain personal contact information for as long as necessary to provide services to our clients or as required by law. Retention periods vary depending on the type of data and the purpose for which it was collected.

9. Your Rights Under the GDPR, you have the right to access, correct, delete, and restrict processing of your personal data. You also have the right to object to processing and the right to data portability. If you wish to exercise any of these rights, please contact us via email at hello@casla.agency.

10. Contact Information If you have any questions or concerns about our privacy policy or the handling of your personal data, please contact us:

  • Email: hello@casla.agency

  • Office Address: 3rd Floor, 32 Eyre St, Sheffield, S1 4QZ

11. Changes to This Privacy Policy We may update our privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on our website.

12. Effective Date This privacy policy is effective as of 26th April 2024.