Grasshopper Communications is committed to protecting the privacy of our clients and members of the public. We have procedures in place based on the General Data Protection Regulations Regulation (GDPR) (EU) 2016/679 and we comply with all aspects of the UK’s data protection legislative framework. Grasshopper is registered with the Information Commissioners Office (ICO) and our registration number is ZA345016.
We do not process any “sensitive data”, and most of the data we process will already be in the public domain.
We use a GDPR compliant Content Management System to securely store and manage all stakeholder data collated. For more information refer to www.tractivity.co.uk/.
Grasshopper Communications will collect and process data for the following purposes:
Community and Stakeholder Engagement
As part of our community engagement/campaigns we will utilise address databases (addresses only) to notify local residents and businesses of proposed development and regeneration projects. We will process this data based on Legal Requirements. The Planning (Wales) Act 2016 and the Housing and Planning Act 2016 (England) requires this consultation.
As part of our community engagement/campaigns during statutory and non-statutory consultation for development and regeneration projects, we will collect data (organisations, address, emails, telephone numbers and contact details) to create stakeholder databases of individuals, local businesses, community groups, elected officials and local government officers who are likely to be interested in or affected by the projects. We will gather this data from information in the public domain and internet searches. We will process this data based on Legitimate Interests.
- We will use this data solely for the purpose of notifying local residents and stakeholders of development proposals, upcoming consultations and project updates.
- We will share this data only with our clients and with any third parties needed for mail fulfilment purposes.
- As part of our procurement procedures, we will ensure that any third parties used for mail fulfilment are also GDPR compliant.
- You have the right to notify us if you would like to be removed from any future mailings and receive no further updates on the proposed developments.
- We will keep this data only to show that we have met statutory requirements for consultation and will dispose of this data one year after our involvement in the project is complete.
Stakeholder and Community Surveys
As part of our community engagement program, we may utilise surveys to gather feedback for our clients. These surveys will be voluntary and can be anonymous if desired. We will process this data based on Legitimate Interest.
- Consultation reports will be provided to our clients and will include redacted summaries of these survey responses, no personal identifiers will be included.
- Consultation reports will be submitted as part of the planning application for the proposed project and will be in the public domain.
- We will detail at the beginning of each survey how the information will be used as part of the consultation process.
Grasshopper Communications will periodically send updates, invitations to events or newsletters by email to those who have requested to be on our mailing list.
- As part of our preparation for GDPR compliance, we have contacted those on our current database and have kept the data only for those who have opted-in to receive information from us.
- We will provide an unsubscribe link on each newsletter to provide an easy way for you to inform us you no longer wish to receive any further information.
- You have the right to request your contact details be removed from our database and we will remove your information immediately.
Employee and Recruitment Information
Grasshopper Communication will process employee data based on Legal Requirement and Consent
- Grasshopper Communications will keep all accounting records for six years after the accounting period they relate to as this is the HMRC requirement for VAT and corporation tax.
- We will hold personal data on our employees confidentially and will only share data with organisations required by law (such as HMRC) or with your consent (such as pension providers or third parties required to process payroll).
- Employee records are kept off site at our accountant’s office and accessed only by the accountant and Directors.
- All personnel records will be kept for three years after an employee leaves our employment in accordance with PAYE requirements.
- If you have submitted your CV for consideration for a role at Grasshopper and have not been successful, we will only hold this data for three months so please feel free to re-apply for any future openings.
Our Security and Your Data
- Our computer system is supported by Orbits IT and description of our IT systems are available on request.
- Each laptop we use is password protected.
- Any confidential paperwork or paperwork containing personal data will be shredded before disposal.
- Any security breach will be reported in accordance with Information Commissioner’s Office (ICO) policy in a timely fashion
- Grasshopper Communications Ltd holds a Certificate of Registration with the ICO, reference number ZA345016
Our website is hosted by Squarespace and their cookies policy can be found here:
Reviewing the Policy
- Grasshopper Communications commits to review this policy at least once a year
- Grasshopper Communications commits to review this policy any time there is a change in how we do business or a change in the law
You have several rights under the new GDPR regulations that can be better understood by reading the ICO’s guidance here:
- You have the right to correct or update your personal information processed by Grasshopper Communications
- You have the right to request us to inform you what data we hold about you
- You have the right to withdraw your consent for us to use your data (where relevant)
- You have the right to lodge a complaint with the ICO if you feel your data has not been managed well