At Social Value Portal, we respect your privacy and are committed to protecting your personal information in line with Data Protection Law. We constantly review how we use your information to aid us in our mission to help businesses deliver Social Value.
- Use the Social Value Portal web application (‘the Portal’)
- Engage with us in other ways, including sales, marketing, consultancy, or events
If you have any questions, or want to check, change or update your details at any time please contact us through our website (https://socialvalueportal.com) or via our Data Protection Office (Chris Speight). You can do this:
Social Value Portal Ltd
92 Albert Embankment
+44 (0)20 3355 0530
Who we are
Social Value Portal is a social impact company that helps you procure, measure, manage and report social value. Our mission is to engage, enable and empower people and organisations to work together in the pursuit of social, economic and environmental wellbeing.
Our Company number: 09197997
Our ICO registration: ZA574592
What information do we collect?
Information we obtain about you directly
We collect information about you that you voluntarily provide to us when you register and participate in activities using our Services, when you contact us or express an interest in obtaining information about us or our Services, or otherwise engage with us. The information we collect depends on the specific Services that you use, the choices you make, and the products and features you use. This may include the following:
- Email addresses
- Job titles
- Contact data
- Contact preferences
- Phone numbers
- Mailing addresses
- Billing addresses
- Authentication data
We do not process sensitive information.
All personal information that you provide to us must be true, complete and accurate. You must notify us if there are any changes to your personal information.
Information collected about you automatically
We collect certain information about you automatically when you visit, navigate or use the Services. This may include information such as your IP (Internet Protocol) address, the device, OS (Operating System) and browser you are using, your activity in the Services (including timestamps, page views, and specific actions), referring URLs, location, and other information about your usage. We also collect some data via Cookies or similar technologies. This information is primarily required to monitor the operation, performance and security of the Services.
Information about you obtained from third parties
We may also collect information about you from service providers, search engines, public databases, joint marketing partners, social media (e.g. LinkedIn) and from other third parties. Personal information we may collect via these channels includes mailing addresses, job titles, email addresses, phone numbers, user behaviour or intent data, IP addresses, social media profiles, social media URLs, for the purposes of targeted advertising, event promotion, or other marketing activities.
How do we use your information?
We may use the personal information we collect to:
- Provide you with the information, service or product you have asked for, and personalise your experience to your needs.
- Manage and process orders, quotes, and invoices.
- Enable and facilitate account creation and authentication, to allow you to create and log in securely to your account and allow us to manager user accounts.
- Respond to user queries and deliver support to users around the Services
- Send administrative information to you or request feedback about the Services or the use of our Services
- Send you marketing and promotional material, if this is in accordance with your marketing preferences.
- Monitor the security and integrity of our Services
- Understand and improve usage of our Services
- Comply with the law or to save or protect an individual’s vital interest
Your information is only used if we have legal grounds to do so. This might be because:
- You have provided consent;
- It is necessary to allow us to deal with your request or enquiry;
- It is necessary for the performance of a contract or in order to take steps at your request prior to entering into a contract;
- The information is being processed for a legitimate business interest, where those interests do not outweigh your interests, rights and freedoms, for example, monitoring activity, diagnosing problems, or analysing how the Services are used so we can improve them;
- We have a legal or regulatory obligation to do so.
We are generally the ‘Data Controller’, as defined by relevant data protection laws described in this notice, since we determine the means and/or purposes of the processing that we perform. However, we also process information on behalf of our customers as a ‘Data Processor’, according to their instruction. In these circumstances, our customer is acting as the ‘Data Controller’, and is responsible for any personal information that is entered into the Services according to the Data Processing Addendum and our Terms and Conditions.
Who we share your personal information with
We do not sell, trade or rent your personal information to anyone.
In the delivery of the Services, we may engage third party contractors, service providers, consultants or agents (‘third parties’), and may share your information in order to do that work. In these cases, we will have contracts in place that are designed to help safeguard your personal information. They will only use that information for the purposes for which they have been instructed by us. They will not share your personal information with any other organisation. Types of third parties that may be instructed by us to process information include:
- Cloud Service Providers
- Data Storage Providers
- Analytics Tools
- Customer Support Tools
- Learning Management Systems
- Event Management Tools
- Finance/Accounting Tools
- Sales/Marketing Tools
- Communication/Collaboration Tools
- Identity and Authentication Services
Your information may also be shared a part of a business transfer, in connection with any financing, merger, sale, or acquisition of all or a portion of our business to another company.
Within the Services, when you post comments, contributions, or other content, or otherwise interact with the Services, your personal information may be shared with other users. For example, other users may be able to view your profile, your activity on the Services, or communicate with you.
Where do we store your information
For the most part your personal information will be stored in servers in the UK, or in the EEA (European Economic Area). In some situations, your data may require to be transferred outside of the UK or EEA to areas which have less strict data protection laws compared. If this happens, we will take legally required steps to make sure that adequate safeguards are in place to protect your personal information and privacy rights.
How long we keep your personal information
We keep your information for as long as it is necessary to perform the purposes outlined in this privacy notice (except where a longer retention period is required by law, such as tax, accounting, or other legal requirements).
When we no longer have a legitimate business need to process your personal information, we will delete, anonymise, or securely store your information and isolate it from any further processing until deletion is possible. User account personal information will not be stored for longer than twelve months past the start of the idle period of the account.
How do we protect your information?
We take the security of your data seriously, and implement appropriate and reasonable technical, physical and organisational measures to safeguard the confidentiality, availability and integrity of personal data that we process. There are a number of layers of information security measures in place to protect your information, including but not limited to:
- SSL, TLS, data in transit encryption
- Asset protection including encryption of devices
- Role and profile based access management
- MFA where possible
- Regular vulnerability and penetration testing
- Secure development standards
- Supply chain management
What are your rights?
You may have rights under applicable data protection laws depending on your location (e.g. the UK and EEA). These may include the right to:
- Request access and obtain a copy of your personal information that we hold
- Request rectification or erasure of your personal information
- Request restriction of processing of your personal information
- Request a portable copy of your personal information.
You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of this site. Therefore, it is recommended that you do not disable cookies.