Data Privacy/Retention Policy


novi.digital

Data Privacy/Retention

novi.digital operates to a comprehensive privacy policy. We are GDPR compliant and will only work with suppliers that operate with explicit GDPR
compliance.
We do not sell data or share it with third parties. Nor do we retain it beyond useful, reasonable timeframes.
This statement sets out what data we retain, and what we use it for. If you have any questions or concerns, please get in touch.

Data Held

novi.digital will only retain data concerning specific data subjects relating to the following:
• Individual contacts for its current clients
• Individual contacts for whom it has produced a quotation or proposal for services
• Individual contacts that have submitted enquiries through the website, telephone, in person, or via email.
• Individual contacts with whom novi.digital retains an on-going partnership or provides passive services or products such as email newsletters,
consultation, and recruitment.

Data Retention

Novi.digital will handle personal data as follows:
• Unsubscriptions from the novi.digital mailing list will be removed from our database immediately by the platform provider: MailChimp.
• On-going relationships with clients, partners, or passive recipients of services are stored securely within a GDPR compliant database.
• Individual contacts for whom we have provided a quote or proposal to will remain on our systems for 6 months following their receipt of a quote or
proposal. After this time, if the quote or proposal has not been accepted, then a new one would need to be issued, thus rendering the retention of
that original data not worthwhile. Potential clients are held on a GDPR compliant database for the 6 months following quote generation.

novi.digital works with anonymised data relating to demographics and user behaviour through Google Analytics, Google Search Console, and Bing
Webmaster Tools. We do not hold personal, identifying data on website visitors to our own websites, or those of our clients.
novi.digital will retain data on businesses and other organisations they have come into contact with for means of forecasting and growth. This data will not
identify specific individuals within that business or organisation.
Data Security
• novi.digital will only use software with organisations that explicitly adhere to GDPR legislation such as Teamwork, BrightHR, and Microsoft365.
• novi.digital itself is based within a secure building which requires admittance by a full-time Receptionist who will contact individuals within the
building to confirm validity (in the case of visitors), or by means of an electronic swipe card system which records all entry and exits of known
individuals.
• novi.digital’s offices are locked when not in use.
• novi.digital employees operate to best practice within its offices: all computers must be locked when not in use, hard copies of confidential
paperwork is stored in lockable drawers and filing cabinets, and we operate – where possible – in a paper-free environment.
• Passwords are stored on KeePass. Best practice within the company prevents employees from saving or sharing passwords locally, such as within
browsers.
• novi.digital operates to a robust remote working policy detailing best practice for how data must be handled when used off-site.