Privacy Policy

1. Background

DesAcc operates in accordance with the EU General Data Protection Regulation (GDPR), Data Protection Act 2018 and Personal Information Protection and Electronic Documents Act (PIPEDA) and any other state or federal laws that maybe required during the course of its daily business.

The lawful and proper treatment of personal information by DesAcc is extremely important to the success of our business and in order to maintain the confidence of our clients and personnel. DesAcc ensures that it processes personal information lawfully and correctly.

2. Data Privacy Policy

This Data Privacy Policy has been developed so that you as a visitor to our website, social media sites or as a recipient of marketing materials are informed about what Personal Data DesAcc retains, how it is processed, and how we protect it. When conducting these activities DesAcc is acting as a data Controller and is responsible for your Personal Data as such.

At DesAcc EMEA Ltd, data management is our businesses. To this end, we are committed to maintaining the trust and confidence of our customers as such we do not sell, rent or trade email lists with other companies and businesses for marketing purposes.

3. Your Data, Your Rights

Under modern data privacy law you now have more rights than ever before - you have the legitimate right to:

Email your request to our DPO at or call our UK office: +44 (0)1566 701 203.

4. How do we use your information?

This information will be stored within our internal systems and may be used to enable our teams to remain in contact with you during a sales engagement, recruitment cycle, or whilst fulfilling a contractual service. As stated above, this information will not be sold, rented or traded with other companies for marketing purposes.

As our primary business is data management, DesAcc will also processes data on behalf of other data Controllers. We will always do this in a secure way as agreed with the data Controller for which we are contracted to perform the work. This processing is not the subject of this document.

What personal data do we collect and process? Our social media sites do allow us to identify you as an individual where you’re accessing our sites using your personal profile, we may also receive additional Personal Data that you have chosen to make publicly available on your profile.

Should we send you marketing material we may collect information about how you interact with it.

DesAcc uses Personal Data to maintain the servicing of our relationship. The following data can be collected and processed when you access the website, social media, marketing materials or contact us via our website, email or via the telephone:

5. When do we collect your information?

We collect your information when we have a legitimate need to do so, such as when you:

6. What is our legal basis for using your personal information?

We will only use your Personal Data where we have a legal basis for doing so, for example:

7. How do we use your personal data?

We use Personal Data we have collected:

8. Third parties with whom we may share your personal data.

We routinely share personal information with:

DesAcc uses Google Analytics to collect anonymized browsing statistics and therefore DesAcc discloses IP-addresses to Google Analytics. Privacy terms for Google Analytics are accepted when visiting and can be found here:

We only allow our service providers to handle your personal information if we are satisfied, they take appropriate measures to protect your personal information. We also impose contractual obligations on service providers to ensure they can only use your personal information to provide services to us and to you.

We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.

We may also need to share some personal information with other parties, such as potential purchasers of some or all of our business or during a re-structuring. Usually, information will be anonymised, but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.

We will not share your personal information with any other third party.

9. Transferring your personal information out of the UK and EEA

To deliver products and services to you, it is sometimes necessary for us to share your personal information outside the UK and/or European Economic Area (EEA), e.g., with our service providers located outside the UK/EEA, [for example IT hosting and maintenance, service providers whose servers are located in the US e.g.: Microsoft]

These transfers are subject to special rules under European and UK data protection law.

Non-UK/EEA countries do not have the same data protection laws as the United Kingdom and EEA. We will, however, ensure the transfer complies with data protection law and all personal information will be secure. As an example, we may require the third party to enter into European Commission approved standard contractual clauses with us.

If you would like further information, please contact our us (see the contact details at the bottom of this policy).

10. Transferring your personal information Inter-provincial (Canada)

DesAcc will apply federal and provincial rules stated in PIPEDA and other provincial rules when transferring data that may involve inter-provincial or international personal information flows in the course of its commercial activities.

11. Where is your personal data stored?

Your data is stored securely on servers in the UK and potentially on local servers in the country’s where we have operations or where we use 3rd party services (i.e. Microsoft 365). Where 3rd parties transfer or store your Personal Data outside of the UK, EEA or Canada we will ensure that there are adequate safeguards in place for the international transfer as detailed above.

Where servers are hosted by DesAcc, external access is restricted by a firewall and measures to prevent Cyber-attacks and all endpoints that attach to the DesAcc network are also individually protected with complex endpoint security.

Access to the data stored is restricted to users by permissions which prevent unauthorized processing. The installation of appropriate programs/applications used to process data is restricted to only those that are required to view or use this data.

12. How long do we store your personal data?

We will not retain your personal information for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of personal information. If an active customer relationship is in place, we will store your data as long as necessary in order to service you. We will store all other data in line with any applicable legislation.

We may need to retain Personal Data by law, or in order to fulfil the terms of a contract, we have with you.

13. Data Breach

If there is a suspicion of a data breach originating from DesAcc servers or external partners, prompt action will be taken, such as:

14. Cookies

A cookie is a small text file which is placed onto your device (e.g., computer, smartphone or other electronic device) when you use our website. We use cookies on our website. These help us recognise you and your device and store some information about your preferences or past actions.

We will ask for your permission (Consent) to place cookies or other similar technologies on your device, except where they are essential for us to provide you with a service that you have requested.

If you do not want to accept any cookies, you may be able to change your browser settings so that cookies (including those which are essential to the services requested) are not accepted. If you do this, please be aware that you may lose some of the functionality of our website.

For further information on cookies, our use of cookies, please see our Cookie Policy.

15. Marketing

We may use your personal information to send you updates (by email, text message, telephone or post) about our products and services, including exclusive offers, promotions or new products and services. We will only send your electronic marketing where we have your consent, or it is in our legitimate interests to do so. We will always treat your personal information with the utmost respect and never sell it to other organisations for marketing purposes.

If you have given your consent to receive marketing communications, or it is in our legitimate interests to send them because you are a business customer, you always have the right to opt out of receiving further promotional communications by following the ‘unsubscribe’ instructions contained in all marketing emails. We may ask you to confirm or update your marketing preferences if there are changes in the law, regulation, or the structure of our business.

Please note that we may also send you other communications in relation to your purchase of products or services or in order to respond to queries you have raised, such communications are service communications and are not a form of marketing.

16. Contacting us and exercising your legal rights

Should you have any issues with unsubscribing, or need to contact us for any other reason in relation to this policy, you can do so via telephone: +44 (0)1566 701 203 or via email:

Should you have a complaint relating to DesAcc and a data processing issue, you may contact our DPO via telephone: +44 (0)1566 701203 or via email: In accordance with the GDPR regulations, you have the right to make a complaint about data protection issues at any time to the Information Commissioner's Office (ICO). Complaints can be made to the ICO at or telephone: +44 (0) 303 1231 113.

You can at any point request access to the Personal Data we hold and request for it to be updated, deleted, restricted or supplied in a portable format. If you wish to exercise any of these rights, please contact: Please be aware that once this data is deleted, it is not restorable.

17. Revision of Policy

Our data processing procedures are under continual review and this policy is revised when needed.

18.0 Glossary

Controller The data controller determines the purposes for which and the means by which Personal Data is processed.
DPO Data Protection Officer, also known as Privacy Manager under PIPEDA
GDPR General Data Protection Regulation is a law that protects the privacy and data of people in the EU and the EEA, and applies to any organization that deals with their data.
Personal Data Personal Data means any information relating to an identified or identifiable natural person (‘Data Subject’), which information is subject to the GDPR or the laws of non-EU EEA countries that have formally adopted the GDPR; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
PIPEDA The Personal Information Protection and Electronic Documents Act (PIPEDA) is the federal privacy law for private-sector organizations in Canada. It sets out the ground rules for how businesses must handle personal information during their commercial activity.