We promise to protect your data
We collect personal information about you in a variety of ways:
The personal information we collect might include your name, address, email address and contact telephone number. If we process a claim for a tax credit or grant we may collect or have disclosed to us your date of birth, national insurance number and details of your remuneration.
We may also collect, and our third party providers (e.g. Google Analytics) may collect, information about where you are on the internet (e.g. the URL you came from, IP address, domain types like .co.uk and .com), your browser type, the country and telephone area code where your computer is located, the pages of our website that were viewed during your visit (“user information”). Collecting this helps us understand who uses our website and where they come from. We may collect this information even if you do not register with us. Similarly, certain third party providers used by us (e.g. Mailchimp, whom we use to distribute emails and newsletters), may embed web beacons, pixels (or “clear gifs”) and other tracking technologies. These are tiny graphics files that contain a unique identifier that enable them to recognise when someone has visited our website or, in the case of web beacons, opened an e-mail sent by them on our behalf. If you don’t wish to receive emails with these technologies embedded you can opt-out of marketing emails as described below.
We use personal information for the following purposes:
Where we have your consent, we may also use the personal information to provide you with information about the products and services we offer.
If you do not want your personal information to be used for marketing purposes, please click on an unsubscribe link or contact your GrantTree representative.
Personal information may be disclosed to other businesses under common control with GrantTree. However, we will not release your personal information to any company outside of the GrantTree group for their mailing or marketing purposes. If we are acquired or sell one of our businesses, we may transfer your personal information to the new owner to be used by them and their group companies but only if they are in the same line of business as us.
We may share your personal information where we are permitted to do so by contract or we have a legitimate interest in doing so.
We may pass your information to third party service providers (e.g. software as a service providers), agents, and subcontractors (including independent contractors who assist with evaluating and drafting claims) for the purposes of completing tasks and providing services on our behalf. You can view a list of those third parties on request by contacting us as detailed below. Where these third parties are treated as sub-processors of personal information we will put a written contract in place with them requiring them to comply with applicable data protection law.
We may transfer personal information outside the European Economic Area but we will only do so where we judge the jurisdiction concerned has an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal information.
How long we retain personal information depends on its type. For example:
A list of the main cookies we use is available on request.
If you’d like to learn more about cookies in general and how to manage them, visit aboutcookies.org.
If you’d like to opt out of cookies, please go to the Network Advertising Initiative website.
Please note that we’re not responsible for the content of external websites.
GrantTree is a trading name of GrantTree Limited. We are a company incorporated in England. Our company number is 07403467. Our registered office is 116-120 Goswell Road, London EC1V 7DP. You can write to us there.
Our Data Protection Officer is Christopher Brown. You can reach him by writing to her at the address above (mark the letter “PRIVACY”) or by email to firstname.lastname@example.org with “PRIVACY” in the subject line.
You have a right (commonly referred to as "subject access") to see a copy of your personal information, to be told its source, and to be told whether and for what purposes it is being processed. You are entitled to be told whether it will be given to any other organisations or people. Where you believe there is an error in the information you are entitled to request its correction; and you may request its deletion. Some of these rights are subject to exceptions that may be applicable depending on the exact circumstances.
For assistance and to exercise these rights feel free to contact us in the first instance. Where we are the "controller" we will address your request directly. Where we are a "processor" or "sub-processor" of information we will liaise with you and the controller of the information to allow you to exercise your rights via them. If you believe we have not complied with the requirements of the General Data Protection Regulation you have the right to lodge a complaint to the Information Commissioner's Office. They may require you to contact us first to see if we can resolve your complaint.