Privacy Statement

Home > Privacy Statement

About this Statement

  • Your privacy is important to us, as is being transparent about how we collect, use, and share information about you. This Privacy Statement covers the information we collect about you and is intended to help you understand:
    • What information we collect about you 
    • How we use information we collect 
    • How we share information we collect 
    • How we store and secure information we collect 
    • How to access and control your information 
    • How we collect data internationally 
  • We are Geotechnical Consulting Group LLP (GCG) and we are registered with the Information Commissioner’s Office (ICO) – registration number – ZA088094.
  • If you have questions or concerns about how your information is handled, please direct your inquiry to  admin@gcg.co.uk or write to the Data Controller, Geotechnical Consulting Group LLP, 150 Brompton Road, London, SW3 1HX, United Kingdom.
  • We do not transfer personal data to “inadequate” countries or make decisions using automation.
  • We may change this privacy statement from time to time. GCG will post any privacy statement changes on this page.
  • We have a separate cookie policy.

Introduction

  • We are a civil engineering consultancy specialising in the provision of geotechnical consulting expertise and the design of associated civil engineering works. This privacy policy is limited to external personal data. Our business operations (Services) do not process significant personal data – the data we use is commercial data that relate to the engineering projects with which we are involved.
  • If you are an employee of one of our clients, prospective clients or a contact (Client) then our processing of data is only to communicate with you as a representative of our Client.
  • We also work with technical and industry experts and academia (Experts).

What Information We Collect about You

  • We collect information about you when you or our Client provide it to us. We sometimes collect data from the public domain. The data will primarily be contact data – your name and other contact details. Where we work closely the data categories will increase and include information solely relating to you. For Experts the personal data will extend to biographical information including academic and professional qualifications.
  • We also monitor your response to any marketing communication.

How We Use Information We Collect

  • To communicate with you about the Services: We use your contact information to send marketing communications via email. For Experts we elicits their opinions and from time to time they involve and assist us with marketing.
  • Customer support: We use your information to deliver the Services for the Client.
  • Legal obligation: Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions.

The Lawful Basis

  • The lawful basis for processing the personal data is legitimate interest. The legitimate interest assessment for this processing can be summarised as follows.
  • We restrict the data processing on the operations side of our business to Clients and those who voluntarily contact us on our website.
  • The processing is limited to our business dealings with those entities and we do not process any personal data beyond those business related dealings.
  • We process the data to further those business relationship.
  • We never sell or transfer the data to third parties without individual consent.
  • Every marketing communication gives opt-out rights.

Retention

  • For project related information we will hold information for a period of up to 12 years after the completion of the contract between our organisations. However, we will perform regular reviews and if deemed necessary we may retain project related information for longer.
  • We will retain any other information for up to 10 years after its final use.
  • We will not use your details for dissemination of unsolicited marketing information.
  • Marketing information: Given that our sector is very specialised and those with whom we communicate typically remain in that sector we will retain the personal data until the unsubscribe function is utilised.  If you have elected to receive marketing emails from us, we retain information about your marketing preferences until you express your request to opt out. We review our marketing lists from time to time.
  • We never sell or transfer the data to third parties without individual consent.
  • Marketing data will be deleted upon request.

How We Share Information We Collect

  • Sharing with third parties: We do not share any personal information we collect about you with third parties without consent.
  • Service Providers: We work with third-party service providers to provide website and application development, hosting, maintenance, backup, storage, testing, virtual infrastructure, analysis and other services for us, which may require them to access or use information about you. If a service provider needs to access information about you to perform services on our behalf, they do so under close instruction from us, including policies and procedures designed to protect your information.
  • With your consent: We share information about you with third parties when you give us consent to do so.

How We Store and Secure Information We Collect

  • We use data hosting service providers to host the information we collect, and we use technical measures to secure your data.
  • While we implement safeguards designed to protect your information, no security system is impenetrable. We provide staff training and have procedures in place to act on any data breach so that we comply with the General Data Protection Regulations (GDPR).

How to Access and Control Your Information

  • You have certain choices available to you when it comes to your information. Below is a summary of those choices, how to exercise them and any limitations.
    • Request access to your personal data.
    • Request correction of your personal data.
    • Request erasure of your personal data.
    • Object to processing of your personal data.
    • Request restriction of processing your personal data.
    • Request transfer of your personal data.
    • Right to withdraw consent.
  • If you wish to exercise any of the rights set out above, please contact us.

No Fee Usually Required

  • You will not have to pay a fee to access your personal data (or to exercise any of the other rights).
  • However, if your request is clearly unfounded, repetitive or excessive, we may ask you to specify what you need to see and why. In such cases, we may charge a reasonable fee to provide access to the data. Alternatively, we may in these circumstances refuse to comply with your request.

What We may Need from You

  • We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
  • We may also contact you to ask you for further information in relation to your request to speed up our response.

Time Limit to Respond

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.