This privacy notice tells you what to expect when LexisClick collects personal information. It applies to information we collect about:
By providing personal information to LexisClick in any of the ways described in this policy, by instructing or authorising another party to provide such information, or by entering into a contract with LexisClick that requires such processing, you agree that you are authorised to provide the information, that you accept this privacy policy and that LexisClick is authorised to process it.
LexisClick will collect a range of information on you, either via activity via our website or emails, ticketing systems, telephone, in person or at trade shows. This information includes:
We will not collect sensitive categories of personal data without your explicit consent.
LexisClick will not collect data relating to minors as defined under UK law. Minors as defined by UK law are not permitted to use LexisClick Services or interact with us as a corporate entity.
LexisClick may from time to time contact customers via email regarding service related matters such as billing, account management and maintenance. These emails are an important part of our service to you.
For business contacts who are not currently customers, LexisClick may contact you via email and other electronic means to promote our services to you. If you do not wish to receive these communications you can unsubscribe at any time. All email communications that we send contain a clear link to manage your subscription preferences.
We only store personal contact details for contacts who have given these to us, by signing up for information communications from us, applying for a role with us, or have provided us these details as their preferred address.
We will keep your personal information for as long as you are a customer of LexisClick or a relevant marketing contact.
After you stop being a relevant marketing contact or unsubscribe from our communications, we will remove your data as part of our annual data reviews. Where a contact has been removed from our system, because the information is out of date or the contact has unsubscribed, we may retain a small amount of information relevant to controlling marketing activities. These details typically include email address, subscription preferences and reasons to not contact.
After you stop being a customer, we may keep your data for up to 10 years for the following reasons:
LexisClick will not share your data with a third party not directly associated with the provision of services without your explicit consent. LexisClick will also not transfer Subject data to a third party country outside of the UK or EEA that is not compliant with the applicable data protection laws via adequacy agreement, Binding Corporate Rules or other legally appropriate means as defined by the Information Commissioners Office without your explicit consent.
LexisClick makes use of a number of third party organisations for the purposes of delivery of Services to the Customer.
Whilst the following list is not intended to be exhaustive, LexisClick typically only transfers the personal data relating to our customers, where required for the activities set out below, to the following third parties or Data Processors:
LexisClick will update this list from time to time as our systems and operations evolve and inform you accordingly.
By interacting with LexisClick as defined in this policy, you provide your consent for this transfer and use of our Data Processors and their Data Sub-Processors, and for transfer to any other appropriate third-party Data Processor for the purposes of delivery of the Services and customer relationship management activities. No data transfer will be undertaken that is outside of the strict scope of the purposes stated in this policy, or that will materially degrade the security of your data or your rights.
The Data Processors and Sub Processors we use will be contractually bound to process only in accordance with our instructions and to maintain technical and organisational controls in compliance with our security policy and the requirements of the GDPR.
Commitment to confidentiality and security of processingLexisClick will use appropriate technical and organisational security measures within our sphere of responsibility to ensure an appropriate level of confidentiality, integrity and, where LexisClick is the Data Controller, availability of your data and to ensure its availability in the event of a business continuity incident.
LexisClick will undertake security and data protection assessments of any third parties we elect to use prior to transfer of any Customer Data and regularly thereafter.
When someone visits www.lexisclick.com we use a small number of third-party services, including Google Analytics, Hubspot and Hotjar to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site, understand how the website is being used, personalise areas of the website and understand how marketing channels are performing. Where consent has not been requested and provided, this information is only processed in a way which does not personally identify anyone.
We use standard software to collect information for the strict purpose of tracking activity on our site. This allows us to understand how many people use our site and which pages and features are most popular. The information we normally collect and store is
You never transmit personally identifying information that you do not enter yourself, and this is always your option. This information cannot be collected unless you specifically elect to send it to us. This information is used internally only for the purpose of fulfilling the request or for contacting you directly and is not sold to any other organisation. Your information is transmitted directly to LexisClick and is stored securely in the services that we use for this purpose.
You can read more about how we use cookies here.
Our website uses cookies, as almost all websites do, to help provide you with the best experience we can. Cookies are small text files that are placed on your computer or mobile phone when you browse websites.
Our cookies help us:
We do not use cookies to:
You can learn more about all the cookies we use below
If the settings on your software that you are using to view this website (your browser) are adjusted to accept cookies we take this, and your continued use of our website, to mean that you are fine with this. Should you wish to remove or not use cookies from our site you can learn how to do this below, however doing so will likely mean that our site will not work as you would expect.
We use a service called Hubspot to build and host our website. The Hubspot service sets cookies for our use to make our website work including:
There is no way to prevent these cookies being set other than to not use our site.
Our site, like most websites, includes functionality provided by third parties. A common example is an embedded YouTube video. Our site includes the following which use cookies:?
Disabling these cookies will likely break the functions offered by these third parties
So you can easily “Like” or share our content on the likes of Facebook and Twitter we have included sharing buttons on our site. Cookies are set by:
The privacy implications on this will vary from social network to social network and will be dependent on the privacy settings you have chosen on these networks. Please see the privacy policy of the relevant network for further information.
We regularly test new designs or site features on our site. We do this by showing slightly different versions of our website to different people and anonymously monitoring how our site visitors respond to these different versions. Ultimately this helps us to offer you a better website. We use:
We use cookies to compile visitor statistics such as how many people have visited our website, what type of technology they are using (e.g. Mac or Windows which helps to identify when our site isn't working as it should for particular technologies), how long they spend on the site, what page they look at etc. This helps us to continuously improve our website. These so called “analytics” programs also tell us if how people reached this site (e.g. from a search engine) and whether they have been here before helping us to put more money into developing our services for you instead of marketing spend.
We use:
Cookies are widely used in online advertising. Neither us, advertisers or our advertising partners can gain personally identifiable information from these cookies.
You can learn more about online advertising at http://www.youronlinechoices.com
You can opt-out of almost all advertising cookies at http://www.youronlinechoices.com/uk/your-ad-choices although we would prefer that you didn't as ultimately adverts help keep much of the internet free. It is also worth noting that opting out of advertising cookies will not mean you won't see adverts, just simply that they won't be tailored to you any longer.
We use:
You may notice that sometimes after visiting a site you see increased numbers of adverts from the site you visited. This is because advertisers, including ourselves pay for these adverts. The technology to do this is made possible by cookies and as such we may place a so called “remarketing cookie” during your visit. We use these adverts to offer special offers to encourage you to come back to our site. Don't worry we are unable to proactively reach out to you as the whole process is entirely anonymised. You can opt out of these cookies at anytime as explained above.
You can usually switch cookies off by adjusting your browser settings to stop it from accepting cookies (Learn how here). Doing so however will likely limit the functionality of our's and a large proportion of the world's websites as cookies are a standard part of most modern websites
Information about cookies: Useful information about cookies can be found here.
We have outlined below details about the type of information that LexisClick keeps about job applicants, current and former employees and the purposes for which it keeps them. You can read more about this here.
LexisClick believes that these uses are consistent with our employment relationship with each member of staff and with the principles of the Data Protection Act and the GDPR.
During the recruitment process LexisClick will ask for information about your personal and employment history. All of the information you provide during the process will only be used for the purposes of progressing your application, or to fulfil legal, regulatory or legitimate requirements if necessary.
LexisClick will not share any of the information you provide during the recruitment process with any third parties for marketing purposes. The information you provide will be held securely by us and/or our data processors whether the information is held in electronic or physical format.
LexisClick will use the contact details you provide to us to contact you to progress your application. We will use the other information you provide to assess your suitability for the role you have applied for.
The information we ask for is used to assess your suitability for employment. You do not have to provide what we have requested but it may affect your application if you don’t.
We will ask all candidates for personal details including their name and contact details. We will also ask for information about your previous experience, education, referees and for answers relevant to the role you have applied for.
We use a third party HR consultancy provider Streetwise HR and all the information you share with us, will be shared with them as our external HR department. Our HR provider and your Recruiting Manager will have access to all the information you provide.
You may be asked to provide equal opportunities information. This is not mandatory information. If you choose not to provide it, it will not affect your application. This information will only be made available to our HR provider and your Recruiting Manager, it will not be available to any other staff in a way which could identify you.
Any information you choose to provide will only be used to produce and monitor equal opportunities statistics.
All external applicants who are to be formally interviewed will be asked to complete an Application and Pre-Employment Screening form .
The selection process will normally begin with a discussion between the Recruiting Manager our HR provider and their Line Manager or Department Head in order to determine the selection approach. The appropriate selection method may not necessarily be limited to, but will always include, face to face interviews. We may also ask you to complete a test or attend other selection events such as a selection centre or psychometric testing. This information will be held by LexisClick and will be accessible to our HR provider.
If, following assessment of your application for the position you have applied for, you are unsuccessful we will retain your information for a period of 6 months unless you instruct us otherwise.
In compliance with LexisClick’s recruitment guidelines, if we make you a conditional offer of employment we will ask you for information so that we can carry out pre-employment screening and vetting checks.
These checks include:
Commencement of your employment is conditional on completion of Pre- Employment Screening and Vetting documentation.
You will be required to provide the following to allow us to complete these checks:
We will provide your name and copies of your proof of identity, right to work and proof of address to our HR provider, who may at their discretion provide it to a third-party employment detail checking provider. You will be provided with details of any third party service prior to your data being submitted. LexisClick or our HR provider will also contact your referees using the details you provide in your Application Form to obtain references.
You must successfully complete these pre-employment checks to progress to a final offer.
If we make a final offer and you accept, we will also ask you to provide the following:
Data processors are third parties, such as our HR provider, who provide elements of our recruitment service for us. We have contracts in place with our data processors. This means they cannot do anything with your personal information unless we have instructed them to do so. They will not share your personal information with any organisation apart from us.
If you accept a final offer from us, some of your personnel records will be held on our HR software and physical records may also be held securely. These details will include:
If you are successful, the information you provide during the recruitment and application process will be retained by us as part of your employee file for the duration of your employment plus 6 years following the end of your employment. This includes your Application Form, Medical Questionnaire, records of any security checks and references.
If you are unsuccessful at any stage of the process, the information you have provided up until that stage will be retained for 6 months and will then be securely disposed of.
Under the General Data Protection Regulation (GDPR) you have a number of rights with regard to your personal data. You have the right to request from us access to and rectification or erasure of your personal data, the right to restrict or object to processing. For further information see our Employee Handbook.
The information held will be for our management and administrative use only, but from time to time we may need to disclose some information we hold about employees to relevant third parties.
LexisClick may also hold information about an employee for which disclosure to any third party will only be made when strictly necessary for the purposes as follows
LexisClick requires all employees to comply with the GDPR in relation to information about other staff. Failure to do so will be regarded as serious misconduct and will be dealt with according to the Company’s disciplinary policy and procedure. If an employee is in a position to deal with information about other employees, they will be given separate guidance on their obligations.
Under the Data Protection Act 1998, you have rights as an individual which you can exercise in relation to the information we hold about you. You can read more about these rights here.
LexisClick tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.
This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of LexisClick’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.
If you want to make a complaint about the way we have processed your personal information, you can either email data@lexisclick.com or write to the Data Department at LexisClick, 76 Shelley Road East, Bournemouth, BH7 6HB.
If you are not satisfied with our response you can contact the statutory body which oversees data protection law – www.ico.org.uk/concerns.
LexisClick tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a data request to us. If we do hold information about you we will:
To make a request to LexisClick for any personal information we may hold you need to put the request in writing addressing it to our Data Department, or writing to the address provided below.
If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.
If we do hold information about you, you can ask us to correct any mistakes by, once again, contacting the Data Department.
This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
We keep our privacy notice under regular review. This privacy notice was last updated on 21st May 2018.
We reserve the right to change our privacy policy. A revised policy statement will only apply to data collected subsequent to its effective date. Any revisions will be posted at least 30 days prior to its effective date.
If you want to request information about our privacy policy you can email us at data@lexisclick.com or write to:
Data Department
LexisClick
76 Shelley Road East
Bournemouth
BH7 6HB
For the purpose of providing the Services, LexisClick will process Customer Provided Data. To the extent that Customer Provided Data is comprised of Personal Data, the parties acknowledge that LexisClick acts as a Data Processor for all Customer Provided Data supplied to LexisClick by the Customer as well as the Customer’s own customers or agents.
The Services are provided on the basis that either:
By accepting this addendum, the Customer indicates their acceptance of the provisions below and warrants that the basis of the Services set out in this Data Processing Addendum is accurate.
LexisClick undertakes a range of Processing as defined by the Services, i.e. the provision of marketing and website hosting services to the Customer, the choice of which is determined by the Customer.
LexisClick provides marketing services to support the Customer’s or Customer’s agents’ processing of data to that end.
LexisClick has access to process and manipulate Customer Provided Data under the Customer’s written instruction for the purposes of their marketing activities and customer communications.
Any processing by LexisClick of Customer Provided Data (which may comprise Processing of Personal Data) is determined by the Customer insofar as it is the Customer that ultimately determines what the Services will be and, therefore, what data processing occurs.
LexisClick classifies all Customer Provided Data as the same type of data and does not maintain visibility of different types of Customer Provided Data or categories of Personal Data within this set. LexisClick applies the same level of generic security controls to all Customer Provided Data.
LexisClick provides a service which constitutes among other things the provision of websites, hosting, storage, networking and dedicated servers to Customers. Whilst we will try to ensure the compliance of those underlying services with the applicable Data Protection Laws, we do not maintain reliable access to the Operating Systems, applications or data that Customers upload to their Customer Hosted Solution, so the Customer is responsible for all data protection issues not related to the underlying services.
The Customer is responsible for the duration of the processing of any Personal Data comprising Customer Provided Data. While the Agreement is in force, LexisClick will Process all such Personal Data in accordance with the Customer’s written instructions.
LexisClick along with its third party suppliers will be responsible for maintaining the GDPR compliance of the underlying hosting infrastructure, within the scope of the services provided to the customer. LexisClick’s personnel are subject to a duty of confidence that is compliant with the applicable Data Protection Laws.
LexisClick has in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures.
A non-exhaustive list of technical and organisational measures are as set out below. By entering into this addendum, the Customer confirms that it has reviewed and approved the following measures:
SECURITY MANAGEMENT & POLICY
HR & ACCESS CONTROL
OPERATIONAL SECURITY
INCIDENT MANAGEMENT & COMMUNICATION
AVAILABILITY OF CUSTOMER HOSTED SOLUTIONS AND SERVICES
Temporary loss of Availability or Integrity related to an Emergency Maintenance or Scheduled Maintenance is not considered to be a loss of Availability under the applicable Data Protection Laws.
In accordance with the Services being provided, LexisClick is not able to decide how Personal Data comprising Customer Provided Data is processed, as it is processing data under the written instruction of the Customer
As the Data Controller the Customer has the following responsibilities under GDPR:
By entering into this Data Protection Addendum, the Customer hereby permits LexisClick to appoint sub-processors of Personal Data and, for the term that the Data Protection Addendum is in force, shall have a general right to appoint sub-processors of Personal Data. LexisClick shall provide the Customer with prior notification before appointing any sub-processors of any Personal Data that are in addition to those noted in this Data Processing Addendum.
LexisClick utilises a small number of Data Sub-Processors in order to provide Services to the Customer. The following list of Data Sub Processors used to provide Services will be updated from time to time to reflect the current operational position:
LexisClick will update the Customer of the use of any new Data Sub-Processor prior to adoption of the Sub-Processor and transfer of Customer Provided Data or provision of any form of access to Customer Hosted Solutions by support ticket or email, and the Customer must ensure that all necessary Data Protection Consents are obtained or other legitimate grounds for processing the Personal Data are established. The Customer’s continued use of the Services constitutes approval for the use of this new Data Sub-Processor and a repeated warranty by the Customer that the use of all sub-processors is lawful under the applicable Data Protection Laws subject to LexisClick complying with its obligations under the applicable Data Protection Laws in respect of appointing sub-processors. LexisClick will perform appropriate due diligence on the Data Sub-Processor, as we will on any security-impacting supplier.
LexisClick will maintain written contracts with all LexisClick Sub-Processors including any relevant GDPR-related compliance requirements and will conduct regular checks to confirm their continuing conformance with Data Protection Laws.
LexisClick will not transfer Customer Hosted Data to any Data Sub-Processor located outside of the EEA or to any other third-party location not deemed appropriate by Binding Corporate Rules, Privacy Shield or other adequacy decision defined on a continuing basis by the Information Commissioner’s Office without explicit written permission from the Customer.
LexisClick will only process Customer Provided Data (which may or may not include data for which the Customer is the Data Controller) in accordance with the Data Controller’s written instructions, which for the purposes of data protection and this addendum are taken to be in whole contained within the section ‘Purpose and scope of LexisClick’s Data Processing on behalf of Data Controllers.’ No other written instructions can be accepted as they will fall outside of the scope of our services.
Insofar as LexisClick provides data processing services to the Customer, LexisClick will assist the Data Controller in meeting their data protection obligations including: