At Coda, (referred to in this policy as “Coda”, “we” or “us”) we take your privacy seriously and we see it as our duty of care to keep personal data safe and to ensure that all personal data is used and stored appropriately. We do not misuse personal data in our possession. Any personal data provided to us will be controlled by us. Any personal data we have access to through our clients adheres to both this privacy statement and the client’s statement.
This Privacy Notice explains what kind of personal data is collected and how it is used by Coda when you interact with us, such as through visiting our Website, your use or purchase of our products or services, your contact with our team, your subscription to our newsletters or any other interaction with Coda, including without limitation all online and offline collection of personal data, and your rights in respect of your personal data.
If you have questions or concerns regarding this Privacy Notice, please e-mail us at email@example.com
Who we are
Coda is a marketing and communications agency which generates print and digital campaigns for customers.
Types of personal data we may collect
When you interact with Coda, for example when contacting us through our site, we collect personal data. The personal data we collect depends on the type of interaction, but may include the following:
Contact details: your name, job title, employer name, email address, postal address, phone number(s), and other similar contact details.
Demographic data, such as your country, preferred language, IP address and site usage is collected through cookies and Google Analytics – we can’t link this data to you personally. More detailed information about the cookies we use can be found in our Cookie Notice.
Personal data access from clients and third parties
As an agency we work closely with our clients to deliver marketing campaigns. As such, we may receive personal data about you from them or have access to your data through their software and applications. Such data obtained from third parties and clients will be kept in accordance with the same duty of care as described in this notice, and with any additional restrictions imposed by the third party/client that shared your personal data.
Use and processing of your personal data
Coda uses your personal data for:
We may convert your personal data into statistical or aggregated data in such a way as to ensure that you are not identified or identifiable from that data. We may use this aggregated data to conduct market research and analysis, including to produce statistical research and reports. We may share such anonymous aggregated data with third parties and clients. Aggregated and anonymous personal information does not personally identify you.
We will generally process your personal data only for the purposes set out above. If we use your personal data for other/additional purposes, we will provide you with information relating to that further purpose, and any other relevant information if required by law. In addition, in some jurisdictions, data protection law requires that the processing of your personal data for some or all of the purposes described above (including the provision of direct marketing to you) must be on the basis of your consent and, therefore, where consent is necessary, our processing of your personal data is on the basis of your consent.
Please note that where your consent is required in order to process your personal data, you are entitled to refuse to give your consent or revoke it any time. However, by not providing your consent (or revoking it), we may not be able to provide the relevant services to you. If the data is owned by a third party or client, you will need to contact them and opt out of any relevant services.
Sharing of your personal data
We may share your personal data with your consent or as necessary to complete or follow up on any transaction with us or to provide a service or solution you have requested or authorised.
We may share your personal data with governmental and regulatory bodies and other third parties where required to do so by applicable law, such as to comply with a court order or a request from a regulator or similar legal process or where otherwise necessary to comply with a legal obligation or for the administration of justice.
In some cases, this may involve transferring your personal data to other countries (including the U.S., Canada and other countries inside and outside the European Economic Area) where Coda and/or other third parties operate and process your personal data. Please be aware that countries which are outside your jurisdiction may not offer the same level of data protection as is provided in your jurisdiction. We will, however, conclude agreements with the relevant third parties involved, limiting the purposes for which your personal data can be used and disclosed, and requiring your personal data to be adequately safeguarded.
We may wish to provide you with information about services or solutions similar to those which you receive or have enquired about and which may be of interest to you. Such communications may be via e-mail, telephone, post or SMS.
However, we will not send such communications without your prior consent (where required, in accordance with applicable laws) and you can exercise your right to prevent such processing by either not opting in to receive such communications or you may opt-out of receiving them by following the instructions included in each marketing communication. You have the right to opt-out of receiving marketing communications at any time and free of charge.
Any communications from Coda are sent out to leads obtained by Coda for Coda. We will never contact an individual obtained by a client. If you wish to opt out of communications from a client or third party you will need to contact them directly.
Please note that marketing communications are not the same as “information only” communications and that we may communicate with you about the projects we’re working on or the services / solutions you have requested, using contact details you have provided for this purpose without your express consent being required.
Protection of your personal data
We use the industry-standard security protocol Secure Sockets Layer (SSL) to encode more sensitive information, such as credit card numbers for online purchase transactions via the Website. We employ the latest 256-bit encryption technology in all areas of the Website which require you to provide personal or account information. This means that the credit card information you send is encrypted by your computer, and then decrypted again on our side, which limits the risk of others from accessing your private information when in transfer. You can verify this by looking for a closed lock icon at the bottom of your web browser or looking for “https” at the beginning of the address of the web page.
While we use encryption to protect credit card numbers and similar transaction information, please be aware that no method of transmission over the Internet is 100% secure. Although we take reasonable security measures to protect your personal data when we receive it, you also need to ensure you take appropriate steps to protect your personal data.
We also seek to protect your personal data offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to relevant personal data. We hold and follow internal processes and security measures for dealing with data breaches and handling of client data which can be shared upon request from customers and prospects.
Retention of your personal data
We will retain your personal data as long as necessary for the purposes set out when collecting your personal data or as required by relevant laws and regulations.
The criteria we use to determine data retention periods include the following:
Retention in case of queries
We may retain your personal data for a reasonable period after you have worked with us in case of follow-up queries from you.
Retention in accordance with legal and regulatory requirements
We will consider whether we need to retain your personal data after the period of retention in the case of queries (above) because of a legal or regulatory requirement. Some or all of these criteria may be relevant to retention of your personal data collected from you in connection with our services, solutions and/or your use of the Website.
Retention permitted under applicable law
We will continue to retain personal data where necessary to provide our services to you and the retention of such personal data if necessary for the purposes of pursuing our legitimate interests or where it is necessary for public interest purposes.
Retention in case of employment opportunity
We will retain your personal information and CV documents (with your consent) if applying for a position at Coda. We will use this to contact you should a relevant position become available in the future. You can request that this information is deleted at any time; see ‘your rights’.
Should a data breach occur we have internal processes setup to assess risk, contact governing bodies, clients and individuals concerning the data breach. Steps are taken to mitigate future breaches. For more information on our processes please contact us at firstname.lastname@example.org
You have the right to request confirmation as to whether or not your personal data is processed by us and you have reasonable access to your personal data, in order for your personal data to be updated, rectified, or, if legally possible, deleted. In order for us to respond to your request, we may require you to verify your identity. You also have the right to withdraw your consent to any processing for which you have previously given that consent or to request the erasure of your personal data held by us.
Please be aware that we may reject requests that are unreasonably repetitive, require disproportionate technical effort (for example, developing a new system or fundamentally changing an existing practice), risk the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup systems).
If your data is held by a client, we will inform you to contact the client yourself as we do not have the permission to amend or delete data on their behalf.
Links to other websites
Our Website may contain links to other websites of interest. We do not have any control over external websites. Therefore, we cannot be responsible for the protection and privacy of any information that you provide while visiting such sites and such sites are not governed by this Privacy Notice. You should exercise caution and look at the privacy statement applicable to the website in question.
Amendments to this Privacy Notice
We may update this Privacy Notice to reflect changes to our information practices. As such we encourage you to periodically review the Website for the latest information on our privacy practices and this Privacy Notice.
Should you have any questions about this Privacy Notice, your use of the Website, our services, solutions or your dealings with us, in relation to our use of your personal data or your rights in relation to your personal data, you can email us: email@example.com