Please read the information below carefully. If you access this site, you will be deemed to have
read and accepted all of the terms and conditions presented in the Legal Notice.
The information contained in this web site has been prepared solely for the purpose of providing
general information about Calleva Sales Consulting and the products and services Calleva Sales
Consulting offers. Details published on the Calleva Sales Consulting website are provided as a
convenience to visitors and should be used for information purposes only.
Any dated information is published as of its date only. While Calleva Sales Consulting takes
reasonable care to provide information which is accurate, up to date and complies with all
prevailing UK legislation when it is first included on the website, it does not undertake to
or correct such information and reserves the right to change, delete or move any of the material
this website at any time without notice.
Calleva Sales Consulting (hereinafter Calleva Consulting) needs to gather and use certain
information about individuals.
These can include clients, business contacts, employees and other people with whom Calleva
Consulting has a relationship and whom it may need to contact.
This Policy describes how this personal data must be collected, handled and stored to meet the
Company's data protection standards - and comply with the law.
This Data Protection Policy ensures that Calleva Consulting:
Complies with data protection law and follows good practice
Protects the rights of staff, clients and partners
Is open about how it stores and processes individuals' data
Protects itself from the risks of a data breach
The General Data Protection Regulations (GDPR) 2018 describe how organisations - including
Calleva Consulting - must collect, handle and store personal information.
These regulations apply regardless of whether data is stored electronically, on paper or on other
To comply with the law, personal information must be collected and used fairly, stored safely,
and not disclosed unlawfully.
The GDPR 2018 is underpinned by six important principles. Personal data must be:
Processed lawfully, fairly and in a transparent manner
Collected for specified, explicit and legitimate purposes
Adequate, relevant and limited to what is necessary
Accurate and, where necessary, kept up to date
Retained only for as long as necessary
Processed in an appropriate manner to maintain security
This policy applies to all Calleva Consulting staff
This policy applies to all data that Calleva Consulting holds relating to identifiable
individuals. This can include:
Names of individuals
Any other information relating to individuals
This policy helps to protect Calleva Consulting from data security risks, including:
Breaches of confidentiality - for instance, information being given out inappropriately.
Failing to offer choice - for instance, all individuals should be free to choose how Calleva
Consulting uses data relating to them.
Reputational damage - for instance, Calleva Consulting could suffer if hackers successfully
gained access to personal data.
Everyone working for Calleva Consulting has some responsibility for ensuring data is collected,
stored and handled properly in line with this policy and data protection principles.
The Director is responsible for ensuring that Calleva Consulting meets its legal obligations.
Reviewing all data protection procedures and related policies, in line with an agreed
Arranging data protection training and advice
Handling data protection questions from staff and anyone covered by this policy Dealing with
requests from individuals to see the data that Calleva Consulting holds about them (Subject
Checking and approving any contracts or agreements with third parties that may handle Calleva
Consulting's personal data
Ensuring all IT systems, services and equipment used for storing data meet acceptable security
Performing regular checks and scans to ensure security hardware and software is functioning
Evaluating any third party services Calleva Consulting is considering using to store or process
data, such as cloud computing services
Approving any data protection statements attached to communications
Calleva Consulting will provide training to staff to help them understand their responsibilities
when handling data.
All data must be kept secure by taking sensible precautions and following the guidelines below.
Strong passwords must be used on all systems.
Personal data should not be disclosed to unauthorised people outside Calleva Consulting.
Data should be regularly reviewed and updated if it is found to be out of date. If no longer
required, it should be deleted.
Staff should request help the Director if they are unsure of any aspect of data protection.
These rules describe how and where data should be safely stored.
When data is stored on paper, it should be kept in a secure place where unauthorised people
cannot see it. Data print-outs should be shredded and disposed of securely when no longer
When data is stored electronically, it must be protected from unauthorised access, accidental
deletion and malicious hacking attempts:
Data should be protected by strong passwords that are changed regularly. If data is stored on
removable media, these should be locked away securely when not being used.
Data should only be stored on designated drives and servers, and should only be uploaded to
approved cloud computing services.
Data should be backed up frequently. These backups should be tested regularly. All servers and
computers containing data should be protected by approved security software and a firewall.
The Regulations require Calleva Consulting to take reasonable steps to ensure data is accurate
and kept up to date. It is the responsibility of all staff implement this.
Data should be kept in as few places as necessary. Staff should not create any unnecessary
additional data sets.
All individuals whose personal data is held by Calleva Consulting are entitled to:
Ask what information Calleva Consulting holds about them and why
Ask how to gain access to it
Be informed how to keep it up to date
Be informed how Calleva Consulting is meeting its data protection obligations
Access requests from individuals should be made by email, addressed to
In certain circumstances, GDPR 2018 allows personal data to be disclosed to law enforcement
agencies without the consent of the data subject.
Under these circumstances Calleva Consulting will disclose such data in response to a proven
legitimate request, seeking assistance from the Company's legal advisors where necessary.
Our contact details are Calleva House, Ascot Road, Holyport, Berkshire, SL6 3JY and
We hold the following personal data which you have provided to us -
name, telephone number and email address.
Our purpose is to maintain contact with you and our legal basis is that our purpose is also a
We will retain this information for up to 7 years after we cease to do business with you, or you
notify us that you have left the company or you advise that you no longer wish to be contacted.
You have qualified rights to access, rectify and erase your personal data, and to restrict or
object to processing and to make your data portable. You have the right to complain to a
Supervisory Authority (e.g. The Information Commissioner?s Office).
16 May 2018