Dataxcel Ltd – Data Compliance Policy Updated October 2017
The Policy covers the collection and processing of data for our two core data collection sites, Freeprizedraws.ie and Winnersville.co.uk. and is focused on the current Data Protection Acts and preparation for the key components of the General Data Protection regulation due to go Live May 2018
Updated: October 2017
Author: Data Protection Officer at Dataxcel Ltd on behalf of the brands Winnersville and Freeprizedraws
Data Protection Compliance and the protection of the data subject’s privacy rights are at the core ethos of Dataxcel’s data usage policy.
Background: We collect data online from our managed consumer facing websites, www.freeprizedraws.ie in Ireland and www.winnersville.co.uk.in the UK.
Our registered address is Dataxcel Ltd, 29 Lower Patrick Street, Kilkenny, Co. Kilkenny.
Dataxcel Ltd is registered as a Data Controller and Data Processor with the office of the Data Protection Commissioner in Ireland and the Information Commissioner’s office in the UK.
Our Data Protection registration numbers are:
All data collected is compliant with the current Data Protection Act of 1988 and 2003 and the Privacy and Electronic Communications Regulations of 2011, and all relevant industry regulatory bodies.
All data is collected with the focus on legitimate and unambiguous consent by the data subject. Our consent statements and consent process have received guidance from external Data Protection Consultants, IDMA, and the Office of the Data Protection Commissioner in Ireland.
The dynamic link to third party lists by vertical sector the brand names we will share the data with in the future, providing the data subject the choice to opt in or not.
Note the following core Data Usage rules for any data supplied by Dataxcel Ltd or their associated parties:
- Rule one applies to Real Time Leads only –Data subjects who consent to a specific brand partner to contact them by telephone is referred to as a double opt in to a specific brand to contact the consumer either by mobile or landline and this process over rides the consumer marketing preferences on the NDD.
- – Rule Two applies to List Rental Data only – All landline data is pre – screened against the NDD, MPS and internal DNC/UNSUB/Suppression Data Sets.
- Rule Three applies to Telephone data usage: All outbound calls, the first line of the script must include a statement clarifying the source of the data and allowing the data subject the choice to continue with the call or not. We apply this rule to our data usage terms and conditions when supplying data to a third party brand. We monitor this rule though a system known as seed checking and react where we see the rule not being followed by a third party brand.
– Dataxcel will remain the gate keepers for such data and will deploy email campaigns from creatives sent to Dataxcel Ltd deployment team. If a client wishes to take email data in house for internal deployment a Data Processor agreement must be agreed and signed in advance to the transfer of data.
The source of the data should be, where possible, stated in the opt out statement.
– The source of the data must be stated in the first 27 characters of the text as follows
”As a member of Freeprizedraws” or Winnersville apply as appropriate.
Retention of Data
All one time use list rental orders must be deleted from all servers within 30 days of the data supply. If the data has not been used you need to contact your account manager for a data resupply. An email confirming the data has been removed from all servers to be sent to email@example.com
The first principle of the Data protection legislation requires data controllers to process personal information “fairly and lawfully”. The legislation requires that where data is obtained from data subjects the data controller must ensure, so far as practicable, that the data subject is provided with or has made readily available to him the following information:
- • The identity of the data controller
- • The purpose or purposes for which the data is intended to be processed,
- • Any further information which is necessary taking into account the specific circumstances in which the data is to be processed to enable the processing in respect of that data to be fair.
We make all data subjects aware of how their data will be processed, the purpose of the processing (direct marketing) and the brands their data may be passed onto. As stated above at consent stage we provide the data subject a dynamic link to third parties so the data subject can view who the data may be shared with and is provided with full transparency as to the intended use of their data and by who..
Data Subject Access Requests:
Under the data protection act individuals can exercise their right to object to the disclosure of their personal data to third parties for marketing purposes. Data subjects can also revoke their consent to the processing of their personal data for direct marketing purposes, including future marketing approaches from the data controller itself.
As such Dataxcel Ltd has provided several touch points by which data subjects can contact us to revoke their consent for their details to be used for marketing purposes.
Firstly in all communications to our users we provide the option at the start of every communication the option to update their data preferences through the My Preference section of our data collection site freeprizedraws.ie and winnervile.co.uk.
An example of the my preference section and process can be viewed here
Once a user updates their data preferences the database is updated in real time and the marketing database flagged accordingly. Secondly we have a dedicated Data Protection officer with a support team who are trained in handling a range of complaints/enquiries that have the authority and experience to resolve complaints and answer enquiries.
Thirdly we have assigned a dedicated telephone number 056 7790295 and postal address, DataXcel, C/O Data Compliance Dept, 29 Lower Patrick Street, Kilkenny to take in data subject queries and complaints:
Opt-out information can also be sent to the email address firstname.lastname@example.org or email@example.com and such requests are processed within 48 hours by the data protection team. The data protection team will record the data subject’s ’ Full Name, Address, eircode or postcode, Telephone Number and email address to ensure accurate suppression.
These details are added within 24 hours to Winnersville’s/freeprizedraws ‘Do Not Contact File’ by our Data Protection Team. Details marked as “ do no contact” will no longer be used by Dataxcel Ltd in the production of real time leads or data for direct marketing campaigns. Where a multiple use license is in place, a pre agreed data feed will be set up to provide updated DNC data for all data touch points with a client.