By working with GDA, you should be prepared to have your ideas challenged.
It is only by working in this way that we feel the best ideas, strategies and campaigns are produced.

Privacy policy

Visitors to our websites

When someone visits www.gda.co.uk we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.

Use of cookies by GDA

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns and does not identify any individual. We may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our Site and to deliver a better and more personalised service. You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our Site.

Security and performance

We use a third-party service to help maintain the security and performance of the GDA website. To deliver this service it processes the IP addresses of visitors to the website.

Website

We use a third-party service to publish our website. We use a standard service to collect anonymous information about users’ activity on the site, for example the number of users viewing pages on the site, to monitor and report on the effectiveness of the site and help us improve it.

People who email us

We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government guidelines. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.

We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

People who use our ‘Contact Us’ service

If you use the ‘Contact Us’ service we will receive an email which contains your name, email address, company name, phone number and the contents within the additional details field. This information will not be shared with any other organisations.

Prospects

Where promoting our services, we may purchase databases of business contacts within our target sectors. These contacts will only be purchased from credible sources who can provide sufficient assurances that they are meeting their data protection obligations.

Additionally we may combine these records with other publicly available information to ensure that our records are accurate.

Our primary market is Business to Business therefore we will only email, call or direct mail prospects where there is either evidenced consent or where there is a legitimate interest to do so. Where legitimate interest is considered the ground for processing, an assessment shall be made to ensure that this legitimate interest is valid that this interest does not outweigh an individual’s right to privacy.

Job applicants, current and former GDA employees

We are the data controller for the information you provide during the recruitment process unless otherwise stated. If you have any queries about the process or how we handle your information, please contact us on the details at the bottom of the page.

What will we do with the information you provide to us?

All information you provide during the application process will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements if necessary.

We will not share any of the information you provide during our internal recruitment process with any third parties for marketing purposes. Data sent electronically or processed beyond the initial application will be stored within the European Economic Area. The information you provide will be held securely by us whether the information is in electronic or physical format.

We will use the contact details you provide to us to contact you to progress your application. We will use the other information you provide to assess your suitability for the role you have applied for. 

What information do we ask for, and why?

We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary.

The information we ask for is used to assess your suitability for employment. You don’t have to provide what we ask for, but it might affect your application if you don’t. 

Application stage

Applications may be received by email, physically by post or through a third-party recruitment agency. We may ask you for your personal details including name and contact details. We will also ask you about your previous experience, education, referees and for answers to questions relevant to the role you have applied for. Our recruitment team will have access to this information.


You may also be asked to provide equal opportunities information. This is not mandatory information – if you don’t provide it, it will not affect your application. This information will not be made available to any staff outside of our recruitment team, including hiring managers, in a way which can identify you. Any information you do provide will be used only to produce and monitor equal opportunities statistics.

Conditional offer

If we make a conditional offer of employment we will ask you for information so that we can carry out pre-employment checks. You must successfully complete pre-employment checks to progress to a final offer. We are required to confirm the identity of our staff, their right to work in the United Kingdom and seek assurance as to their trustworthiness, integrity and reliability.

You will therefore be required to provide:

  • Proof of your identity – you will be asked to attend our office with original documents, we will take copies.
  • Proof of your qualifications – you will be asked to attend our office with original documents, we will take copies.
  • We will contact your referees, using the details you provide in your application, directly to obtain references

If we make a final offer, we will also ask you for the following:

  • Bank details – to process salary payments
  • Emergency contact details – so we know who to contact in case you have an emergency at work

Use of data processors 

If you are employed by us, relevant details about you will be provided to a number of third-party providers, including our payroll and pensions providers. All employees will be given an appropriate privacy notice to explain this in detail.

How long is the information retained for?

If you are successful, the information you provide during the application process will be retained by us as part of your employee file for the duration of your employment plus 6 years following the end of your employment.

If you are unsuccessful at any stage of the process, your CV shall be retained for up to 6 months. If you would prefer us to delete your CV then please let us know. Information generated throughout the assessment process, for example interview notes, is retained by us for 6 months.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

Your rights

Under data protection legislation, you have rights as an individual which you can exercise in relation to the information we hold about you.

You can read more about these rights here – https://ico.org.uk/for-the-public/is-my-information-being-handled-correctly/

Complaints or queries

We try to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.

This privacy notice does not provide exhaustive detail of all aspects of GDA collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should can be emailed to hello@gda.co.uk

If you want to make a complaint about the way we have processed your personal information, you can contact the Information Commissioner’s Office in their capacity as the statutory body which oversees data protection law – www.ico.org.uk/concerns.

Access to Personal information

We aim to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’. If we do hold information about you we will:

  • give you a description of it;
  • tell you why we are holding it;
  • tell you who it could be disclosed to; and
  • let you have a copy of the information in an intelligible form.

To make a request for any personal information we may hold you need to put the request in writing to the address provided below or via email to hello@gda.co.uk

If we do hold information about you, you can ask us to correct any mistakes by, once again, contacting us on the details below.

Disclosure of personal information

In many circumstances we will not disclose personal data without consent, unless legally obliged to do or as part of contractual obligations with our customers (where you are a party to the agreement or service).

We may disclose your personal information to the following categories of recipients:

  • to our third party services providers and partners who provide data processing services to us (for example, to support the delivery of, provide functionality on, or help to enhance the security of our Website), or who otherwise process personal information for purposes that are described in this Privacy Policy or notified to you when we collect your personal information.
  • to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;
  • to a potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your personal information only for the purposes disclosed in this Privacy Policy;
  • to enforce or apply our Terms of Service or other agreements or to protect GDA and its customers (including with other companies and organisations for the purposes of fraud protection and credit risk reduction)
  • to any other person with your consent to the disclosure.

Legal basis for processing personal information

We will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with/involving you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms.  In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.

If we ask you to provide personal information to comply with a legal requirement or to perform a contact with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).

Similarly, if we collect and use your personal information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.

If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “How to contact us” heading below.

Changes to this privacy notice

We keep our privacy notice under regular review. This privacy notice was last updated in July 2018.

How to contact us

If you want to request information about our privacy policy, you can email us at hello@gda.co.uk or write to:

GDA Creative Marketing Ltd.
Fox House
1 Fox Valley Way
Stocksbridge
Sheffield
S36 2AA