Privacy Policy

Privacy Policy

This document provides you with everything you need to know about how we handle data, which data we control and which data we process on behalf of our clients, why we process it and what your rights are.

This Privacy Notice concerns the data for which we are the Data Controller.

In addition to this Notice we provide information about our role as Data Processor working on behalf of our clients who may be your Data Controller.

Note: This Privacy Notice may be referenced elsewhere and by others as a Privacy Policy, Privacy Statement or Fair Processing Notice.

Summary

  • Electoral Reform Services is registered with the Information Commissioner’s Office.
  • We keep to a minimum the information we hold about you.
  • If you are visiting our corporate website, we use your data to offer our services to you, respond to your enquiries, manage our relationship with you, collect your details if you wish to receive more information about any of our services, meet our contractual obligations and improve our website. In this capacity we are working as a Data Controller.
  • If you are submitting information on a website, platform or service that that we provide on behalf of a client to whom you are associated e.g. a member, employee or stakeholder, we use your data to help that client manage their election, provide other related services to you, and improve our website or platform. In this capacity we are usually working as a Data Processor.  We refer you to that organisation to which you are associated (e.g. a member, employee etc.), to inspect their Privacy Notice describing their role as Data Controller in relation to your data, and to find details of their DPO.
  • You have privacy rights as described by the Data Protection Act 2018 (the UK’s implementation of the General Data Protection Regulation -GDPR) and we operate in accordance with this, taking security and privacy extremely seriously.
  • If you need any further information we are happy to help and you should contact us at DPO@theERSgroup.com

Who Is ERS?

ERS is the UK’s leading independent provider of end-to-end ballot, election and voting services. Our corporate website is www.electoralreform.co.uk.

If you have reached us either on our corporate website or a website/platform provided on behalf of one of our clients, it is hosted and maintained by Electoral Reform Services Ltd (ERS), 33 Clarendon Road, London, N8 0NW.

ERS is part of The ERS Group (www.theERSgroup.com), a Civica Group company.

ERS is registered with the ICO as a Data Controller. However for many of our activities ERS is the Data Processor working on behalf of a client; the client is the ‘Data Controller’. You can find the ICO’s definitions of Data Controller and Data Processor here.

This website is hosted and maintained by Electoral Reform Services Limited (ERS), 33 Clarendon Road, London N8 0NW. Our Data Protection Officer can be contacted via dpo@theersgroup.com.

Who Is Our Data Protection Officer (DPO)?

Our DPO for the ERS Group of companies is:

Ian Robinson

33 Clarendon Road

London

N8 0NW

The DPO can be contacted at DPO@theERSgroup.com

What information is gathered via our corporate website? (www.electoralreform.co.uk)?

The primary purpose of the site is for marketing purposes for the business. Information in this site is gathered in two ways: indirectly (for example, through our site’s technology); and directly (for example through information that you enter). Examples of information we collect indirectly are your internet (IP) address which is automatically collected and is placed in our internet access logs, and the date and time of when you access the site. Examples of information collected directly are the details you may enter in order for us to be able to communicate with you, such as our ‘Contact Us’ form.

We may also use Cookies, which are small text files stored on your computer or device when you visit a website, which allow the website to work properly and help keep it secure, and help us understand how people are using the website so that we can improve it. For more information about the cookies we use, please read our [Cookie Information] below.

Using this information is done so on the basis of GDPR Articles; 6 (1) (b): we need to use your details to follow up with enquiries prior to entering a contract, and 6 (1) (f): strategy planning via the use of gathering information regarding website visitors is a legitimate, indeed sensible, thing for a business to do.

With regard to our corporate website we are acting as a Data Controller.

What other information do we hold as a business?

For customers, prospective customers, suppliers, and staff, we hold names, identity and contact information, business activities, communications. We also hold and billing and payment information for customers and suppliers.

Using this information is done on the basis of GDPR Articles; 6 (1) (b) necessary to deliver services to our customers and prospective customers; 6 (1) (c) we have legal and regulatory obligations to protect our clients and their information, and; 6 (1) (f) legitimate interests regarding strategy planning and administrative business functions for day-to-day activities such paying staff, suppliers, etc.

With regard to this business level information we are acting as a Data Controller.

How long will we keep this information?

We will only keep information for as long as it is needed for the purposes described when it was collected. The information will not be kept for longer than legislation permits. You may also request that your information is removed or forgotten, that processing is restricted or consent is withdrawn by emailing DPO@theERSgroup.com or writing to the address below.

How is information gathered on this site used?

The primary purpose of the site is for marketing purposes for the business. It also allows interested visitors to submit their details electronically for future correspondence about our services. We may also analyse information gathered to determine what is most effective about our site, to help us identify ways to improve it. If data is used for any other purposes, we will describe these to you at the point we collect the information. ERS does not pass the data on to third parties.

Access to your details and other rights

Relevant rights where we are acting as a Data Controller include the right to request personal information held and to have any inaccurate information, such as your name or contact details, corrected. You also have the right to object to processing, the right to be forgotten (or to restrict processing), and the right to data portability. Please contact the ERS Data Protection Officer via dpo@theersgroup.com if you wish to exercise any of these rights. Note that in cases where ERS is acting as Data Processor, you should contact the Data Controller i.e. the client on whose behalf ERS is working (if you contact the ERS Data Protection Officer there may be a delay while your request is forwarded to the relevant client).

If you are unhappy with the way your request or objection is handled, you also have the right to lodge a complaint. Please tell us first, so we have a chance to address your concerns. If we fail in this, you can address any complaint to the UK Information Commissioner’s Office, either by calling their helpline or as directed on their website at https://ico.org.uk

Will we share this information with outside parties?

ERS will not disclose personal information unless required by law, that is if we have a good-faith belief that such action is necessary to comply with a current judicial proceeding, a court order or legal process served on our website. ERS will not sell individual information. Data does not leave the UK.

What security controls are in place?

We want you to be secure when visiting our site and we are committed to maintaining your privacy when doing so. ERS has physical security in our facilities to protect against the loss, theft, misuse, or alteration of information. There are also different layers of security implemented throughout our website platform, for example hardware and application firewalls; intrusion detection systems; and SSL encryption.

Who is the supervisory authority?

The Information Commissioner’s Office: https://ico.org.uk

ERS is registered with the ICO and our registration number is Z857675X.

Copyright

© 2004-2018 Electoral Reform Services Limited. All rights reserved.

Unless otherwise stated, the contents of this site including, but not limited to, the text and images contained herein and their arrangement are the property of ERS. All trademarks used or referred to in this website are the property of their respective owners. Nothing contained in this site shall be construed as conferring by implication, estoppel, or otherwise, any license or right to any copyright, patent, trademark or other proprietary interest of ERS or any third party. This site and the content provided in this site, including, but not limited to, graphic images, audio, video, html code, buttons, and text, may not be copied, reproduced, republished, uploaded, posted, transmitted, or distributed in any way, without the prior written consent of ERS, except that you may download, display, and print one copy of the materials on any single computer solely for your personal, non-commercial use, provided that you do not modify the material in any way and you keep intact all copyright, trademark, and other proprietary notices

Email disclaimer

  1. The email you have received is confidential to the addressee. If you are not the addressee you are not permitted to use or copy the email or its attachments nor may you disclose the same to any third party. If it has been sent to you in error please notify us as soon as possible.
  2. Unless stated to the contrary, any opinions expressed in the message are personal and may not be attributed to any of the following:

Electoral Reform Services Limited (ERS)

Membership Engagement Services Limited (MES)

Xpress Software Solutions Limited (Xpress)

Modern Mindset Limited (MML)

Shaw and Sons Limited

  1. The e-mail message has been cleared for Viruses and Content by MailMarshal Email Content Filter. Mailmarshal does not scan outbound emails as we have sophos antivirus installed on each endpoint which should pick up a virus before it’s attached to an email. We endeavour to exclude viruses from our data but it is the obligation of the recipient to check any attachments for viruses.
  2. Internet e-mails are not necessarily secure. We will try to deliver the emails securely over TLS. If TLS is not accepted by the receiving SMTP server its then sent in plain text. ERS, MES, Xpress and Modern Mindset do not accept responsibility for changes made to messages after they have been sent.
  3. Electoral Reform Services (ERS) is a company registered in England and Wales with company number: 2263092.
  4. Membership Engagement Services (MES) is a company registered in England and Wales with company number: 5872670. It is a business of ERS.
  5. Xpress Software Solution (XSSL) is a company registered in England and Wales with company number: 4152280. It is a business of ERS.
  6. Modern Mindset is a company registered in England and Wales with company number: 02208130. It is a business of XSSL.
  7. Shaw and Sons is a company registered in England and Wales with company number: 176653. It is a business of ERS
  8. ERS, MES, Xpress, Modern Mindset and Shaw and Sons’ registered offices are at: The Election Centre, 33 Clarendon Road, London, N8 0NW.

Cookie Information

Some ERS websites use Google Analytics cookies, which allow us to collect information such as the browser, operating system and screen resolution used, the pages you visit on our website, an anonymised version of your IP address, and your location (country only). This information helps us to improve the usability and performance of the website. These Google Analytics cookies are first party cookies (i.e. only placed by ERS websites) and may persist on your computer for up to two years. The anonymous information collected is sent to Google so that we can use their analytics reporting tools. We do not send personally identifiable information to Google. For more information on how Google uses the data we send them, please see https://www.google.com/policies/privacy/partners/

If you do not want Analytics to be used by your browser, you can install the Google Analytics opt-out add-on from https://tools.google.com/dlpage/gaoptout. Examples of Google Analytics cookies include _ga, _gid, __utma, __utmb etc.

On webpages that include videos, there are third party cookies placed by vimeo.com, we cannot show videos without these.

Finally, our websites use a first party, persistent cookie called cookieconsent_status, which is used to prevent the re-display of the cookie policy banner on subsequent website visits if it has been previously closed.