Overview

At LDC we are committed to our compliance with UK and European privacy and data laws and to being open and transparent about our collection, processing and usage of both business and personal data. Data is what we do, therefore we treat it with the utmost respect at all times and this document will outline the processes we have in place to maintain the security of the data that we hold.

About LDC

At the Local Data Company, we collect and process business information regarding business name, address, telephone, opening hours and business type for retail and leisure businesses across the UK. Considering the nature of this business data, it is very low risk data within the context of personal data.

We employ 30 full time staff who are based in Farringdon, London and a team of field researchers who physically visit towns and cities across GB to carry out tens of thousands of field surveys each month.

Data Protection Officer – Melissa Edwards – 0203 111 4393

Purpose of Processing Business Data

We maintain a database of over 600,000 retail and leisure premises across GB. Parts of the business data we hold on each occupier are used within a few sites and services, including:

Local Data Online
Local Data Search
Google
Experian
Yell.com

Methodology and Frequency of Research

We physically survey premises every 6 or 12 months. During this survey we collect public domain information: business name, address, telephone number, business classification, opening hours, websites and images of the fascia.

Our Field Research team upload information on all premises and businesses located within an area into a tablet via Wi-Fi connection (access to the tablet and the in-house application is password protected). The data for the updated town centre is sent back to the office where it is quality checked and stored within our in-house data management platform which is fully password protected.

Beyond the scheduled 6 or 12 monthly survey cycles, we have a desk research team who monitor the news daily and update our database with these additional changes, which are then reflected on both websites Local Data Online and Local Data Search.

In addition, we also capture mobile phone and tablet/laptop hardware public MAC addresses. These are captured using wireless sensors placed in retail locations on the high street and are only used to count footfall. Data is not shared between devices, and the MAC addresses are encrypted on the device.

Business Data Processing by LDC

LDC processes business information for the purposes of:

  • Updating Directory Listings/Publishing
  • B2B Telephone & Mail Marketing
  • Fraud Protection
  • Anti-Money Laundering
  • Credit Risk Assessment
  • Know Your Customer
  • Retail Location Planning
  • Promoting relevant goods and services from LDC
  • Display of business information and locations on third-party platforms such as Google Maps and Yell.com

We also share data with Experian for marketing purposes, more information on Experian’s privacy policy can be found on Experian’s ‘Business Information Marketing Notice’

Business data which can be identified as personal data is held where it has met the following conditions:

  • Legitimate interests of the data controller or third party. The business data is used in ways the business would reasonably expect and which have a minimal privacy impact.
  • Any business data shared is in compliance with the Information Commissioner’s Office guidelines, our Terms and Conditions and this Data Transparency Statement and Information Notice.

Purpose of Processing Personal Data

Storage of Personal Data

Personal information is collected from www.localdatacompany.com and http://blog.localdatacompany.com and is used for marketing purposes only.

We may collect and process data that is publically available, which will be used under deemed consent for relevant marketing communications, under the EU Data Protection Directive.

Personal data collected comprises of:

  • Name
  • Job title
  • Employing organisation
  • Email address
  • Telephone number

The Local Data Company will never sell any personal data collected on any of its websites.

Personal data is held where it has met the following conditions:

  • The data subject has given full, informed consent for LDC to securely store and process personal data.
  • Personal data is required in order for LDC to service an existing or future contract with the data subject.
  • Legitimate interests of the data controller or third party. The business data is used in ways the business would reasonably expect and which have a minimal privacy impact.

LDC will never request or process any personal data of a sensitive nature.

Personal Data Processing by LDC

LDC processes personal information for the following activities under legitimate interests:

  • Advertising with Google AdSense including the tracking of cookies and usage data.
  • Google Analytics, HubSpot Analytics and Google AdWords conversion tracking services through tracking cookies and usage data.
  • Re-marketing through Google Analytics for Display Advertising tracking cookies and usage data.
  • To support and manage our employees and contractors through the collection of name, address and payroll information alongside other sensitive personal data disclosed by the LDC employee.
  • Counting footfall in the high street to help retailers understand the volume of traffic outside their premises.
  • Other purposes which may be updated to this Notice.

LDC processes personal information for the following activities in order to fulfil an existing or future contract.

  • Contact database management collecting names, email addresses, company information, job titles, telephone numbers and email logging through HubSpot Marketing and HubSpot Sales platforms.
  • Other purposes which may be updated to this Notice.

LDC processes personal information for the following activities under consent.

  • Managing contacts and communications for marketing purposes collecting names, email addresses, company information, job titles and usage data through HubSpot Marketing and HubSpot Sales platforms.
  • To provide references to former employees and contractors as requested through the collection of name, address and contact information.
  • Other purposes which may be updated to this Notice.

We only collect personal information when relevant and we will inform you at the time when it is being collected and what it will be used for (normally for marketing communications).

By consenting to the processing of your personal data with LDC you:

  • Consent to receive direct marketing from us by email, telephone, SMS, and by any other method of electronic mail as defined by and for the purposes of the Privacy and Electronic Communications (EC Directive) Regulations 2003 (UK).
  • Consent to your personal data being stored securely for a period of 5 years..

You may withdraw consent at any time by emailing marketing@localdatacompany.com or unsubscribing via the link in all marketing email communications sent from LDC. We will aim to respond to your request within 48 hours.

 

Storage and Security

All personal data is held securely on LDC’s secure server and Microsoft Azure – our data storage service provider, with all levels of reasonable security, employed, including password and IP protection. Access is limited to our researchers and employees by seniority and relevance. Our employment contracts prohibit the unauthorized storage or transfer of all data held by LDC.

We have a clean desk policy at LDC to ensure that no data of any nature is left unattended overnight and all staff are required to log-off before leaving their computer or laptop.

Personal data will only be held for as long as necessary and will be securely removed from our marketing or human resources database as soon as it is no longer required. The maximum period for storage of personal data without it being used is two years, after which the data will be securely removed from LDC’s marketing database.

No personal data is ever sold to third parties. 

As the data subject you have the right to:

  • Object to processing that may cause or is causing damage/distress.
  • Prevent processing for direct marketing purposes
  • Have inaccurate personal data rectified, blocked, erased or destroyed.
  • Request access to your data or to have your data removed from our processing
  • Request additional information on the collection of personal data from the Data Controller
  • Log a complaint concerning our compliance with the data protection principles with the Information Commissioner by phone 0303 123 1113 or online at https://ico.org.uk/concerns/.

All requests to exercise the above rights should be made to marketing@localdatacompany.com

Use of Cookies on www.localdatacompany.com

We cookies on our website. Cookies are text files generated by your computer which our site uses to collect standard Internet log information and visitor behaviour information which can improve the user experience of the website.

Alongside functional cookies we use non-functional analytics cookies to collect information on how visitors interact with our website which allows us to maintain and improve our website. The data gathered is anonymous and cannot be used to identify individuals.

You have the ability to refuse our use of non-functional cookies.

SmartStreetSensor Data Protection Information

LDC’s proprietary footfall tracking technology, SmartStreetSensor, captures counts of passing footfall. The sensors work by passively monitoring Wi-Fi probe requests from mobile devices, which are then captured on the device.

Whilst the probe requests have the mobile device MAC address in them, this is hashed (encrypted) and anonymised on the sensor and we only send the hashed address back to LDC’s servers.

The hashed MAC addresses are sent by secure data transfer to our servers. The addresses are then aggregated in 5 minute intervals and displayed in 1 hour intervals to the client.

Our servers never see the actual MAC address. The raw data is stored in a non-relational data store that is separate to the analysis data store. The location of each device is stored in the analysis store so there is no direct link between location and device in the raw data store. All access to the raw and analysis data stores are via https and only a small set of high level staff have access to both.

Our SmartStreetSensors do not track people. They are counting how many mobile phones are passing a store at any given time and we do not track the phone from store to store. We count and aggregate these figures to publish a proxy for footfall and at no point do we collect any personal data via these sensors.

Changes to This Privacy Policy

LDC reserves the right to make changes to this privacy policy at any time by giving notice to its users on this page. It is recommended that you to review this page from time to time, referring to the date of the last modification listed at the bottom.

March 2018