Flamingo Marketing Strategies Ltd is committed to preserving the confidentiality and integrity of all information it holds and processes and to operating its business in compliance with the requirements of relevant Data Protection Laws and Regulations.
We recognise the importance of Personal Data and of respecting the privacy rights of individuals. This Data Protection Policy (“Policy”) sets out the principles which we apply to our Processing of Personal Data and use of Confidential Information and our commitment to safeguard one of the most valuable assets which belong to our Clients.
Any questions about this Policy should be raised with the Flamingo Marketing Strategies Data Officer whose details are at the end of this Policy.
The following key words and phrases are used within this Policy:
means the entity which determines the purposes and means of the Processing of Personal Data;
means the entity which Processes Personal Data on behalf of the Controller;
“Data Protection Laws and Regulations”
means all laws and regulations, including laws and regulations of the European Union, the European Economic Area and their member states and the United Kingdom, applicable to the Processing of Personal Data as part of the Services;
means the identified or identifiable person to whom Personal Data relates;
means the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation);
means any information relating to an identified or identifiable natural person where such data is Customer Data. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
Under the Data Protection Laws and Regulations, Personal Data must be processed in accordance with certain data protection principles, under which Personal Data must be:
Flamingo Marketing Strategies ensures it employs appropriate technical and organisational measures to adhere to these principles.
The purposes for which we use your information and the legal basis under the Data Protection Laws and Regulations on which we rely to do this are explained below.
Where You Have Provided Consent
We may use and process your Personal Data where you have consented for us to do so to contact you via email or text with marketing information about our Services if you (i) indicate that you would like to receive such marketing from us; (ii) sign up to our newsletter, emails/ texts via our website or other medium where available; or (iii) when you refresh your marketing preferences when responding to a request from us to do so.
You may withdraw your consent for us to use your information in any of these ways at any time by using the unsubscribe automated link included at the bottom of Flamingo Marketing Strategies marketing emails. Alternately you can send an email to email@example.com, putting OPTOUT in the title.
Where There is a Legitimate Interest
We may use and process your Personal Data where it is necessary for us to pursue our legitimate interests as a business, or that of a third party, for the following purposes:
When making the decision to process personal data under the basis of legitimate interest we make an assessment, including completing where appropriate a formal Data Protection Impact Assessment (DPIA), to ensure our interests are balanced with the interests of the individual. This assessment will consider:
Where There is a Legal Requirement
We will use your Personal Data to comply with our legal obligations: (i) to assist a public authority or criminal investigation body; (ii) to identify you when you contact us; (iii) to send you any required information if you are a shareholder, and/or (iv) to verify the accuracy of data we hold about you.
Where it is Required to Complete a Contract
Flamingo Marketing Strategies will process Personal Data as necessary to perform its training and consulting services and as further instructed by the Customer in its use of the services, as a Data Controller.
Flamingo Marketing Strategies has implemented procedures designed to ensure that Personal Data remains secure throughout the entire chain of processing activities by Flamingo Marketing Strategies and its sub-processors (specifically Keap, Zapier, myleadpages.net, Calendly, Stripe and Quickbooks). Additionally, the Flamingo Marketing Strategies website undergoes security assessments by internal personnel and third parties, which include infrastructure vulnerability assessments and application security assessments.
Flamingo Marketing Strategies adopts a number of internal security controls, which include:
Flamingo Marketing Strategies, or an authorised independent third party, will monitor the website for unauthorised intrusions using network-based intrusion detection mechanisms.
All Flamingo Marketing Strategies systems used in the provision of the website, including firewalls, routers, network switches and operating systems, log information to their respective system log facility in order to facilitate security reviews and analysis.
Flamingo Marketing Strategies maintains security incident management policies and procedures. Flamingo Marketing Strategies with notify impacted individuals without undue delay of any unauthorized disclosure of their respective Personal Data by Flamingo Marketing Strategies or its agents of which Flamingo Marketing Strategies becomes aware to the extent required by Data Protection Laws and Regulations.
The physical data centre, provided by our partner Thinkology, used to provide the website has secure access control systems. These systems permit only authorised personnel to have access to secure areas. These facilities are designed to withstand adverse weather and other reasonably predictable natural conditions, are secured by around the-clock guards, two-factor access screening, including biometrics, and escort-controlled access, and are also supported by on-site back-up generators in the event of a power failure.
Flamingo Marketing Strategies have entered into written agreements with sub-processors containing privacy, data protection, and data security obligations that provide a level of protection appropriate to their processing activities.
Flamingo Marketing Strategies utilises the services of the following sub-processors to process Personal Data as part of its marketing activities and to complete the necessary processing needed to provide its training and consulting services:
The GDPR requires that Personal Data must not be transferred to a country or territory outside the European Economic Area (i.e. the member states of the EU plus Iceland, Liechtenstein and Norway), unless that country or territory or organization ensures an adequate level of protection for the rights and freedoms of Data Subjects in relation to the Processing of Personal Data.
Subject to paragraph 3.20, where Flamingo Marketing Strategies shall not transfer Personal Data to any country outside of the EEA without prior written consent from the individual, except for transfers to and from: (i) any country which has a valid adequacy decision from the European Commission; or (ii) any organization which ensures an adequate level of protection in accordance with the applicable Data Protection Laws and Regulations.
You have a number of rights in relation to your Personal Data under Data Protection Laws and Regulations. In relation to certain rights to access your Personal Data, we may ask you for information to confirm your identity and, where applicable, to help us to search for your Personal Data. Except in rare cases, we will respond to you within one month from either (i) the date that we have confirmed your identity or (ii) where we do not need to do this because we already have this information, from the date we received your request.
Accessing your Personal Data
You have the right to ask for a copy of the information that we hold about you by emailing or writing to us at the address at the end of this policy. We may not provide you with a copy of your Personal Data if this concerns other individuals or we have another lawful reason to withhold that information.
Correcting and Updating your Personal Data
The accuracy of your information is important to us and we are working on ways to make it easier for you to review and correct the information that we hold about you.
In the meantime, if you change your name or address/email address, or you discover that any of the other information we hold is inaccurate or out of date, please let us know by contacting us using the details described at the end of this policy.
Withdrawing Your Consent
Where we rely on your consent as the legal basis for processing your Personal Data, as set out under, you may withdraw your consent at any time by contacting us using the details at the end of this policy. If you would like to withdraw your consent to receiving any direct marketing to which you previously opted-in, you can do so using the unsubscribe automated link included at the bottom of Flamingo Marketing Strategies marketing emails. Alternately please send an email to firstname.lastname@example.org, putting OPTOUT in the title.
If you withdraw your consent, our use of your Personal Data before you withdraw is still lawful.
Objecting to our Use of Your Personal Data and Automated Decisions Made About You
Where we rely on your legitimate business interests as the legal basis for processing your Personal Data for any purpose(s), you may object to us using your Personal Data for these purposes by emailing or writing to us at the address at the end of this policy. Except for the purposes for which we are sure we can continue to process your Personal Data, we will temporarily stop processing your Personal Data in line with your objection until we have investigated the matter. If we agree that your objection is justified in accordance with your rights under data protection laws, we will permanently stop using your data for those purposes. Otherwise we will provide you with our justification as to why we need to continue using your data.
Erasing your Personal Data or Restricting its Processing
In certain circumstances, you may ask for your Personal Data to be removed from our systems by emailing or writing to us at the address at the end of this policy. Unless there is a reason that the law allows us to use your Personal Data for longer, we will make reasonable efforts to comply with your request.
You may also ask us to restrict processing your Personal Data where you believe it is unlawful for us to do so, you have objected to its use and our investigation is pending or you require us to keep it in connection with legal proceedings. In these circumstances, we may only process your Personal Data whilst its processing is restricted if we have your consent or are legally permitted to do so, for example for storage purposes, to protect the rights of another individual or company or in connection with legal proceedings.
Transferring your Personal Data in a Structured Data File
Where we rely on your consent as the legal basis for processing your Personal Data or need to process it in connection with the Services, you may ask us to provide you with a copy of that information in a structured data file. We will provide this to you electronically in a structured, commonly used and machine readable form, such as a CSV file.
You can ask us to send your Personal Data directly to another service provider, and we will do so if this is technically possible. We may not provide you with a copy of your Personal Data if this concerns other individuals or we have another lawful reason to withhold that information.
Complaining to the UK Data Protection Regulator
You have the right to complain to the Information Commissioners Office (ICO) if you are concerned about the way we have processed your Personal Data. Please visit the ICO’s website for further details.
Flamingo Marketing Strategies has appointed a “Data Officer”. This individual is responsible for:
Ensuring that Flamingo Marketing Strategies’ employees receive appropriate training and are working in compliance with this Policy;
Undertaking regular assessments of Data types and ensure that the right levels of protection are in place;
Acting as a key point of contact for data protection queries and the reporting of breaches for all Data Owners, employees, customers and Data Subjects;
Monitoring and ensuring the compliance with this Policy within Flamingo Marketing Strategies and dealing with any disputes which may arise concerning data protection issues;
Conducting reviews of internal procedures to ensure that they continue to provide adequate protection of Personal Data and Confidential Information;
Updating this Policy to reflect any changes in data protection laws;
Registering with government agencies (such as the UK Information Commissioner’s Office).
If you have any queries regarding this Policy, please contact our Data Officer by email at sending an e-mail to email@example.com and putting FAO: DATA OFFICER in the subject.
This Policy will be updated from time to time by the Data Officer to reflect any changes in legislation or in our methods or practices. The current issue of the Policy will be available from our website at breakthrough-partners.com or from our Data Officer.
We recommend you regularly check for changes and review this policy whenever you visit our website. If you do not agree with any aspect of the updated policy you must immediately notify us and cease using our website.