Privacy & Cookies Policy
Who we are
This is the Privacy & Cookies Policy of Hilton-Baird Collection Services Limited, part of the Hilton-Baird Group of companies, which comprises:
- Hilton-Baird Financial Solutions Limited, a company registered in England and Wales under company number 03832884;
- Hilton-Baird Collection Services Limited a company registered in England and Wales under company number 04319452;
- Hilton-Baird Audit & Survey Limited, a company registered in England and Wales under company number 04126136; and
- Hilton-Baird Management Services Limited, a company registered in England and Wales under company number 09719155.
Each company’s registered address is Fleming Court, Leigh Road, Eastleigh, Hampshire, SO50 9PD and additional contact details are available on our websites. Any Data Protection enquiries should be directed to firstname.lastname@example.org.
We are committed to protecting any data that we collect concerning you and processing it only in ways which comply with the Data Protection Act 1998 (and any replacement legislation) (“the DPA”, for short) and the European Union’s General Data Protection Regulation (“the GDPR”).
This notice explains what personal data we collect about you, how we will tell you about the data we collect and what we do with it, and explains the legal basis on which we process your personal data under the GDPR.
We collect two types of information from site users: statistical data (e.g. how many users use the site, and which pages they view); and personal data (including names and e-mail addresses).
The statistical data we capture includes your IP address as you browse the site. This is purely for website statistics, recording the number of users to the site and which pages they visit. This information does not tell us who you are, and we only use this to monitor the effectiveness of the site.
Personal data is only captured online when you provide it, such as but not limited to when you fill in a quotation or contact form, subscribe to our email service, engage in a Live Chat conversation, download a resource or enter a competition, for example.
We also obtain personal data through offline methods, either directly (for instance, over the telephone or when you formally instruct us by signing our Debt Instruction Form) or indirectly (for instance, from your colleagues when they advise you’re the most appropriate contact, or through reputable, GDPR compliant third-party data suppliers).
If you are a debtor of a company who has instructed us, we will collect details relating to that debt such as your name, address, phone number, email address and invoice/order information. We will use these details to perform our contractual obligations to our client. We may also collect personal data from publicly available sources (Social media sites/ Companies House) to assist with fulfilling our contractual obligations to our client.
How we will tell you what we are going to do with your information
Where we obtain information directly from you, we will provide you with a copy of the information in this notice at that point or direct you to where this information is available on our website. If we require you to provide specific items of information, we will also explain the consequences if you do not provide these.
Where we obtain information from third parties, including your colleagues or other data controllers, with some exceptions we’ll provide you with a copy or link to this Privacy Notice within one month, when we first use it to communicate with you, or before we disclose your data to any other person or organisation – whichever comes first.
We don’t have to provide this information to you if we’re obliged by law to obtain or disclose your information, or if we have professional or legal obligations of secrecy under European or domestic law. Sometimes it may be impossible to provide this information, or it may involve disproportionate effort. In such cases, we’ll take measures which we think are appropriate in the circumstances to protect your interests, and we’ll always ensure that this Privacy Notice is publicly available.
This Privacy Notice (and copies of privacy information which we give to you in the circumstances above) explains the purposes for which we process your data. If we intend to process that data for a new purpose which is incompatible with the information we gave you previously, we’ll provide you with new and updated information.
How we use your information
Keeping you informed about our products and services
In order to pursue our legitimate interests in promoting our services and providing you with information which may be helpful to you, we will use your information to contact you via direct mail, email, SMS and/or telephone with selected material, tips and guides you may find useful and of interest, as well as relevant information about the products and services provided by Hilton-Baird Collection Services and the other companies within the Hilton-Baird Group until such a time as you object.
Where we hold your information for these purposes, we may also process it in order to deal with any enquiry about or objection to how we use it, to personalise our offers or the information we provide to you, and to ensure that our records are accurate and up-to-date. We may use third party service providers to help us check and verify information you have given to us.
We may also use your information to conduct market research and analysis, to enable us to better understand the needs of our customers and business contacts, and to tailor our services and communications to their needs and circumstances.
We may do this ourselves or may engage a third-party service provider to do so. Third party service providers may compare your data to publicly available information or to information they legitimately hold or obtain about you and may analyse or provide this data to us to help us in the conduct of our business. We will ensure that any service provider only processes your information in a way that complies with the law.
You have a right to tell us not to process your personal data for direct marketing purposes. We will give you the option to refuse marketing when we collect your details. You can also exercise this right at any time by contacting us at email@example.com, or by updating your communication preferences in, or unsubscribing from, any marketing email which we send to you.
Performing contracts with you
We may use your information to take steps to enter into, or to perform, a contract with you. This might include responding to an enquiry you make about our products or services.
Complying with our legal obligations
We may use your information where necessary to comply with a legal obligation to which we are subject.
Other services to which you have given consent
From time to time, we may offer the opportunity to receive other specific services or communications from third parties to persons who consent to our doing so. Where we ask for consent, we will explain how your data will be processed and ask for a clear expression of consent to each specific service or communication.
Telling us about your preferences
You may change your preferences or withdraw your consent at any time using any of the following methods:
- By clicking the manage your preferences or unsubscribe links contained within any email we send you, and proceeding to complete the on-page form
- By emailing firstname.lastname@example.org requesting to be removed from our mailing list
- By calling 0800 9774848 and informing our team that you wish to be removed from our mailing list
Under the DPA and GDPR, you have a right of access to information we hold on our records about you. Please note that the DPA allows us to charge a fee for this service.
Should you wish to make a complaint over our use of your personal data at any time, you can do so by contacting the Information Commissioner’s Office (ICO).
Sharing of your data with third parties
Data may be shared with other companies within the Hilton-Baird Group.
We use a third-party service, WordPress.com, to publish our website. These sites are hosted at WordPress.com, which is run by Automattic Inc. We use a standard WordPress service to collect anonymous information about users’ activity on the site, for example the number of users viewing pages on the site, to monitor and report on the effectiveness of the site and help us improve it. WordPress requires visitors that want to post a comment to enter a name and email address. For more information about how WordPress processes data, please see Automattic’s privacy notice
We use a third-party provider, Salesfusion, to deliver our email communication, capture visitors’ personal data when they choose to supply it through the forms on our website, and to assign lead scores to our contacts based on their website activity. This information allows us to send more relevant information to visitors. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our communication. For more information, please see Salesfusion’s privacy notice.
We use the WOW Analytics software of a third-party provider, CommuniGator, to collect and analyse visitor information such as browser usage, new visitor numbers, responses to marketing activity and other general website trends, helping us to improve the website and to make our marketing campaigns more relevant. For more information, please see CommuniGator’s privacy notice.
We use a third-party provider, ClickDesk, to supply and support our LiveChat service, which we use to answer enquiries in real time. If you use the LiveChat service we will collect your name, email address, company name (all optional) and the contents of your LiveChat session. You can request a transcript of your LiveChat session at any time by selecting this option from the top menu and providing your name and email address.
We use Oktopost as a social media management platform to engage audiences, measure results, and amplify reach on social media. Because the content on social media is user-generated, it may at any time contain personal data if users of social media decide to share such information. Oktopost is considered a data processor of content generated, requested or published through its support platforms.
Your email address and personal information will never be made available to another organisation for marketing purposes without your explicit consent. However, please note that under Article 6(1)(f) of GDPR, from 25 May 2018 we will have the right to contact you and pass your details to third parties where we have a genuine and legitimate reason to do so, unless this is outweighed by harm to your rights and interests. We also have the right to share your details in the event the sharing of such information is necessary for the performance of a contract.
We will always maintain control over the confidentiality of your information. However, we can disclose your information to authorised parties if we are required to by law.
Transferring your data outside the European Union
All data is securely stored and processed within the EU, with the exception of the following data processors we work with. Where this is the case, this data transfer is GDPR compliant.
Salesfusion customer data is housed in a secure SOC 1 & 2 SSAE 16 audited facility at Amazon Web Services, utilizing a multi-tenant environment that is partitioned logically and isolated to prevent unauthorized access. Salesfusion has rigorous processes and security controls in place, including physical access controls, data access controls, data transmission controls, and data entry controls.
Salesfusion monitors for intrusion detection to ensure that our best-in-class security is constantly maintained and maintains a detailed set of logs for platform user and API activities.
All data is hosted in Europe on Amazon Web Services facility in Ireland.
Salesfusion participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. They are committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. Salesfusion Privacy Shield Certification
OptinMonster may transfer and process Customer Data anywhere in the world where OptinMonster, its Affiliates or its Sub-processors maintain data processing operations. OptinMonster shall at all times provide an adequate level of protection for the Customer Data processed, in accordance with the requirements of Data Protection Laws.
The data export solution shall not apply if and to the extent that OptinMonster adopts an alternative data export solution for the lawful transfer of Personal Data (as recognized under EU Data Protection Laws) outside of the EEA (“Alternative Transfer Mechanism”), in which event, the Alternative Transfer Mechanism shall apply instead (but only to the extent such Alternative Transfer Mechanism extends to the territories to which Personal Data is transferred).
Data Storage and Processing Facilities. Customer agrees that Google may, subject to Section 10.2 (Transfers of Data Out of the EEA and Switzerland), store and process Customer Personal Data in the United States of America and any other country in which Google or any of its Subprocessors maintains facilities.
Transfers of Data Out of the EEA and Switzerland. Google will ensure that:
(a) the parent company of the Google group, Google LLC, remains self-certified under Privacy Shield on behalf of itself and its wholly-owned U.S. subsidiaries; and
(b) the scope of Google LLC’s Privacy Shield certification includes Customer Personal Data.
Automated Decision Making
We use our marketing automation provider, Salesfusion, to assign lead scores to our contacts based on various factors. These scores can be generated by reviewing the webpages visited, any action taken off the back of any email we have sent, or by matching any personal information that has been provided to us, for instance job title. This allows us to contact or send more relevant information to visitors, based on this information.
How long we keep your data
Under the GDPR, we’re required to ensure any personal data we hold is accurate and, where necessary, kept up to date, but also that we keep it no longer than is necessary for the purposes we use it for. We may also be required by law to retain certain types of data for a longer period.
All telecommunications data is kept in line with the European Union’s Data Retention Directive, for a minimum of one year and a maximum of two years. A copy is archived for the minimum period, after which time all archived data is purged and erased.
We take appropriate technical and organisational security measures to ensure any information you provide to us is stored securely and confidentially and is not processed except in accordance with the GDPR and the DPA. However, we cannot guarantee the security of any information disclosed online, including the possibility that another person or organisation may monitor, intercept or obtain your information other than from us. By using this website, you accept the security implications of providing information over the internet and agree not to hold us responsible for any harm arising from those risks, unless we have been proved to be negligent.
You have the following rights in relation to your personal data under the GDPR, which can be exercised from 25 May 2018:
1. The right to require us to correct any inaccurate personal data we hold on you or to supplement or complete any incomplete personal data.
2. The right to object to any processing we undertake for our own legitimate interests on grounds related to your own personal situation.
3. The right to have your personal data erased:
a. if it is no longer necessary for the purposes we have processed it;
b. where we have used it only by your consent and you have withdrawn your consent;
c. where we hold that data for direct marketing only;
d. where you have exercised a right under article 21(1) of the GDPR, we cannot meet the requirements of that article for continued use of your data, and there is no other legal basis for our use of it;
e. if we have unlawfully used your data;
f. if we have a separate legal obligation under European or domestic law to erase it; or
g. if you are a child under the law of your own EU member state.
To assist your navigation of this website, make full use of the tools and aid our prevention of fraud, we may send ‘cookies’ from this website to your computer, mobile phone or tablet. However, we do not collect any personal data or personal information about you unless you provide information to our server.
For the best browsing experience when using our website and to ensure that we can continue to adapt the site to our visitors’ interests and expectations, your computer, mobile phone or tablet will need to accept cookies.
Below is a list of the main cookies we use on our site and what they are used for:
bid, BNI__BARRACUDA_LB_COOKIE, BNI_BARRACUDA_LB_COOKIE, Recipient, ASP.NET_SessionId, PHPSESSID
Description: These are used when you have visited our website from an email marketing campaign via one of our providers, Salesfusion. These allow us to link individuals already known to us and opted in to our communication to website activity.
CRMC, CC, CC2, PostID, gator_td
Description: These are used when you have visited our website from one of our email marketing campaigns via our provider, CommuniGator. These allow us to link individuals already known to us and opted in to our communication to website activity.
Description: This is used when you have visited our website from our social media posts via our provider, Oktopost. These allow individuals already known to us and opted in to our communication to website activity.
OriginalReferralURL, OriginalTargetURL, RecentReferralURL, RecentTargetURL
Description: These cookies show us how you found our website, which website you came from and which of our webpages you visited first. This helps us to review which of our online marketing channels is most effective. They also enable us to reward some external websites for directing you to us.
om-second-297444, om-297444, om-global-cookie, om-interaction-cookie
Description: This allows us to serve a subscribe pop-up to our regular blog visitors and also prevent it from being shown if you come from one of our newsletters.
Description: This cookie allows some of the features on our website to function correctly, such as our quote and solutions engine tools. The website and these features wouldn’t work without it.
__utma, __utmb, __utmc, __utmz, _gat, utm_campaign, utm_content, utm_medium, utm_source, utm_term
Description: These cookies enable the function of Google Analytics software. This software helps us to collect and analyse visitor information such as browser usage, new visitor numbers, responses to marketing activity and other general website trends.
This information helps us to improve the website and to make our marketing campaigns more relevant. The data stored by these cookies can only be seen by the team at Hilton-Baird Financial Solutions and Google, and never shows any confidential information.
The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and Internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.
For more information, visit https://www.google.com/intl/en/privacy/privacy-policy.html
wow.anonymousId, wow.session, ASP.Net_SessionId, PHPSESSID
Description: These cookies enable the function of WOW Analytics software. This software helps us to collect and analyse visitor information such as browser usage, new visitor numbers, responses to marketing activity and other general website trends.
This information helps us to improve the website and to make our marketing campaigns more
relevant. The data stored by these cookies can only be seen by the team at Hilton-Baird Financial Solutions and WOW Analytics, and never shows any confidential information.
X-LI-IDC, __qca, bcookie, X-LI-IDC, visit, NSC_MC_WT_FU_IUUQ)
Description: LinkedIn cookies are introduced by the LinkedIn share button. This is only present on our blog pages. They are used to track which pages you visit.
Additional information: For more information, visit https://www.linkedin.com/static?key=privacy_policy
pid, _twitter_sess, k, guest_id and original_referer
Description: This enables the Tweet button on our blog pages, which allows you to easily compose a Twitter message containing a link to the page. The cookies store anonymous session data and, if your computer is already logged in to Twitter, may contain session or other data identifying the logged in account.
Additional information: For more information, visit https://twitter.com/privacy
khcookie, NID, SNID and PREF
Additional information: For more information, visit https://www.google.co.uk/intl/en-GB/policies/. For terms of service for Google Maps, visit https://www.google.com/intl/en_uk/help/terms_maps.html
Should you opt to ‘share’ content through social networks such as Twitter and LinkedIn directly from our website, you may be sent cookies from these websites. Hilton-Baird Financial Solutions has no control over the settings of these cookies, so we would advise you to check their individual websites for more information about the cookies they send and how to manage them.
Any site containing a social sharing button may set a cookie when you are also logged in to their service. We do not control the dissemination of these cookies and you should check the relevant third party website for more information about these.
Manage your cookies
Your website browser gives you the option of enabling or disabling cookies when using the Internet. Enabling cookies ensures that your browsing experience will be improved. Here, Hilton-Baird Financial Solutions explains how you can check that cookies are enabled on your computer, mobile phone or tablet.
Microsoft Internet Explorer
- Select ‘Tools’ at the top of your browser window and then ‘Internet options’;
- Next, click on the ‘Privacy’ tab;
- Ensure your Privacy level is set to Medium or below. Settings above Medium will disable cookies.
- Select the spanner icon at the top of your browser window and then ‘Settings’;
- Click ‘Show advanced settings’ and then the ‘Content settings’ button below the Privacy section;
- Ensure ‘Allow local data to be set’ is selected below the Cookies section.
- Select ‘Tools’ at the top of your browser window and then ‘Options’;
- Next, click on the ‘Privacy’ tab;
- Select the drop-down box below History and select ‘Use custom settings for history’;
- Ensure ‘Accept cookies from sites’ is selected.
- Select the cog icon at the top of your browser window and select ‘Preferences’;
- Next, click on the ‘Privacy’ tab;
- Ensure ‘Block third-party and advertising cookies’ is selected;
- Click ‘Save’.
Microsoft Internet Explorer
- Select ‘Explorer’ at the top of your browser window and then ‘Preferences’;
- Next, click on the ‘Cookies’ button below the Receiving Files section;
- Ensure ‘Never ask’ is selected.
- Select ‘Safari’ at the top of your browser window and select ‘Preferences’;
- Next, click on ‘Security’ and then ‘Accept cookies’;
- Ensure ‘Only from site you navigate to’ is selected.
Mozilla and Netscape
- Select ‘Mozilla’ or ‘Netscape’ at the top of your browser window and then ‘Preferences’;
- Scroll down to ‘Cookies’ below the Privacy & Security section;
- Ensure ‘Enable cookies for the originating website only’ is selected.
- Select ‘Menu’ at the top of your browser window and select ‘Settings’;
- Next, click on ‘Preferences’ and then the ‘Advanced tab’;
- Ensure ‘Accept cookies’ is selected.
For all other browsers, please consult your online help files.
Updates to this Policy
We reserve the right to update our Privacy & Cookies Policy at any time. We will take reasonable steps to draw your attention to any changes in our Policy. However, to be on the safe side, we suggest that you read this document each time you use the website to ensure that it still meets with your approval. Should you disagree with any changes made, you may withdraw your consent at any time using the methods outlined above.