Privacy policy

This notice explains what personal data (information) we hold about you, how we collect it, and how we use and may share information about you during your employment and after it ends. We are required to notify you of this information under data protection legislation. Please ensure that you read this notice (sometimes referred to as a ‘privacy notice’ or ‘privacy policy’) (the ‘Notice’) and any other similar notice we may provide to you from time to time when we collect or process personal information about you. 

This Notice also explain what your rights are in relation to any personal data about you that is processed by us.

Who collects the information?

‘Company’ (Coconutcomms) is a ‘data controller’ and gathers and uses certain information about you.

This information may also be used by our service providers who may carry out work for you on behalf of the Company. In this instance,this notice references to ‘We’, ‘Us’ and/or ‘Our’ mean the Company and our Group Companies. 

Relevant Law 

The way in which we process personal data is governed by data protection law, which includes the Data Protection (Jersey) Law 2018 (the ‘DPJL 2018’), the Data Protection Authority (Jersey) Law 2018 (the ‘Authority Law’) [and, where relevant, the General Data Protection Regulation (EU) 2016/679 (‘GDPR’)]. 

Data protection principles 

We will comply with the data protection principles when gathering and using personal information.

What information

We process data in order to provide a service to our customers.

The type of information we collect includes:

• Your name, contact details (i.e. address, phone numbers, email address); 
• We may collect information such as your business contact details if We meet you in person, or at a telephone, or online meeting (including images or video obtained during visits to events hosted by Us or in which We are involved); 
• Information provided in the course of the provision of services (for example, social media logins, information relating to your business);
• Service provider information, retained for the duration of our working relationship; 
• Service provider contract information;
• Any other information you may provide to Us including that which you provide by filling in the contact form on Our website. 

How we collect the information 

We will usually collect most information from you directly. However, we may also collect information from: 

• Publicly accessible sources, e.g. the Jersey Financial Services Commission website, the Public Registry or social media sites such as LinkedIn; 
• From your colleagues or third-party business contacts who have referred you to us, or put you in touch with us; 
• From our service providers
• From a third party with your consent 

Why we collect the information and how we use it

We will typically collect and use this information for the following purposes:

• For the performance of a contract with you, or to take steps to enter into a contract; 
• For the purposes of our legitimate interests or those of a third party, but only if these are not overridden by your interests, rights or freedoms. 
• Because it is necessary for carrying out obligations or exercising rights in employment law; 
• For reasons of substantial public interest (equality of opportunity and regulatory requirements); 
• To enter into client relationships and provide the services you have asked us to provide; 
• The ensure the security of our computer systems and premises; 
• To notify you about goods or services and updates about relevant industry developments and our services, which may be of interest to you. 

We seek to ensure that our information collection and processing is always proportionate. We will notify you of any material changes to information we collect or to the purposes for which we collect and process it.

How we may share the information

We will never sell your information or pass it to any third party for marketing purposes or for any other purpose unconnected with the Company.

We may need to share some of the above information with other parties such as:

• Any sub-contractors, agents or professional service providers; 
• Potential purchasers of some or all of our business or on a re-structuring; 
• Courts or tribunals; 
• Third parties with whom we engage for the hosting of events or other marketing initiatives; 
• Law enforcement agencies where considered necessary for me to fulfil legal obligations applicable to it; 
• Regulators or other governmental or supervisory bodies with a legal right to the material or a legitimate interest in any material.

Information may be transferred internationally to the UK and other countries around the world, including countries that do not have data protection laws equivalent to those in Jersey, for the reasons described above. 

Where we enter into an engagement with a third party pursuant to which data may be processed by that third party, we will impose contractual obligations on them to ensure that they are only allowed to use your information to complete the tasks we have asked them to carry out and that they take appropriate measures to protect your personal data.

We may also disclose your personal data to third parties:

• If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce any agreement with you; or 
• To protect our rights, property, or safety or that of our clients or any third party we interact with.

Other than as set out above, and save insofar as is necessary in order for us to carry out our obligations arising from any contracts entered into between us and you, we will not share your data with third parties unless we have procured your express consent to do so. 

Where information may be held 

Information may be held at our offices and those of our service providers, and third party agencies, service providers, representatives and agents as described above.

Information is stored on secure systems provided by our third party service providers within Jersey and the UK.

How long we keep your information

We keep your information during and after your contract for no longer than is necessary for the purposes for which the personal information was collected.

Your rights

Under data protection legislation, you have various rights in connection with any personal data about you that is processed by us as data controller. These include rights to:

• Access to your personal data and to certain other supplementary information that this notice is already designed to address; 
• Require us to correct any mistakes in your information which we hold; 
• Require the erasure of personal data concerning you in certain situations; 
• Receive the personal data concerning you which you have provided to Us in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations; 
• Object at any time to processing of personal data concerning you for direct marketing; 
• Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you; 
• Object in certain other situations to our continued processing of your personal data; 
• Otherwise restrict our processing of your personal data in certain circumstances; and 
• Claim compensation for damages caused by our breach of any data protection laws. 

Further information on those rights can be found on the website of the Jersey Office of the Information Commissioner: www.jerseyoic.org

If you would like to exercise any of those rights, please call, email or write to us. We are obliged to respond to your request.

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it.

Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Our website may, from time to time, contain links to and from other websites including the websites of our clients or partners who have provided feedback or testimonials; industry-related websites; or networking or social media websites such as LinkedIn and Twitter. If you follow a link to any of these websites, please note that these websites have their own privacy policies and terms of use and we do not accept any responsibility or liability for these policies and terms of use. Please check these policies before you submit any personal data to these websites. 

How to complain

You can also complain to the Jersey Office of the Information Commissioner (JOIC) if you are unhappy with how we have used your personal data.

JOIC’s address:

2nd Floor
5 Castle Street St. Helier Jersey
JE2 3BT 

enquiries@jerseyoic.org

+44 (0) 1534 716530

Changes to this Notice

We reserve the right to modify this notice at any time.