January 2024
Our GDPR Data Privacy Policy
This policy sets out:
(1) the information we collect about you when you visit our website, use our products or services, or otherwise interact with us;
(2) how we use, share, store, and secure the information and
(3) How you may access and control the information.
In this policy, “Martello” or “we” refers to The Martello LTD of (Company Number 15176265 and “Platform” means our website at www.martello.global and our software, namely Microsoft Azure and Dynamics tools and our web hosting, which is Squarespace.
In this policy, we outline the GDPR Principles and requirements we have adopted to protect the data of clients and customers who register on our website.
How we structure our data privacy to protect your data:
We use and pay subscriptions to three businesses that manage the technology on which we engage with you our client of contact:
1. Microsoft
2. Squarespace
3. Linked In
· We have followed these platforms' security and data privacy guidance without adapting or changing the rules or protocols.
· Internally, we use two-factor authentication, change passwords regularly, limit admin access and update our security on devices and systems regularly.
· These are the key steps we take to protect your data.
About the Martello Carbon Stream Map
The Martello Carbon Stream Map team can help companies and investors navigate the EU Green Deal, ESG, Net Zero and Carbon Compliance.
Depending on the type and size of your business, our senior experienced team provides customised solutions tailored to your specific needs and compliance requirements. We enable your organisation to:
1. Understand how the legislation will affect your company now and over the next five years.
2. Measure your operational and supply chain carbon liabilities.
3. Assess your company's carbon and climate exposure and the related capital costs.
4. Unlock the metrics required to meet the mandatory and voluntary reporting standards from TCFD, TNFD, ESG Reporting and Net Zero Goals.
5. Provide the metrics baseline to unlock access to sustainable low-carbon finance and Green Bonds and engage with ESG Investors and Funds.
6. Create an Action Plan to reduce liability and establish the baseline for science-based targets.
7. If you believe we can help with your compliance needs for the Corporate Sustainability Reporting Directive (CSRD), the EU Green Deal, Net Zero compliance or other areas of ESG, please schedule a time for a consultation.
In this policy, “personal information” refers to any data, information, or combination of data and information provided by you to us or through your use of our products or services that relates to an identifiable individual.
1 WHAT INFORMATION WE COLLECT ABOUT YOU
1.1 We collect the following types of information, which you will volunteer when you register on our website to schedule a call or sign up for our newsletter.
(a) account and profile information that you provide when you register for an account or sign up for our products or services, for example, Your Name, Company Name, Title, office address, email, telephone numbers and high-level details volunteered via the registration process (collectively, “Account Data”);
(b) Information you provide through support channels, for example, when you report a problem to us or interact with our support team, including any contact information, documentation, or screenshots (collectively, “Support Data”);
(c) Communication, marketing, and other preferences that you set when you set up your account or profile or when you participate in a survey or a questionnaire that we send you (collectively, “Preference Data”);
(d) Information about your device or connection, for example, Only the data which is volunteered as part of the basic contact form and information we collect through cookies and other data collection technologies (please read our Cookies Policy for details) (collectively, “Technical Data”); and
(e) Information about your use of or visit to our Platform, for example, __________ (collectively, “Usage Data”).
1.2 We collect the above information when you provide it or use or visit our Platform. We may also receive information about you from other sources, including:
(a) our personnel, agents, advisors, consultants, and contractors based in the United Kingdom and European Union in connection with our operations or services, for example, our staff engaged in the fulfilment of your order, processing of your payment, and provision of support services.
1.3 We do not collect sensitive data or special category data about you. This includes race, ethnic origin, politics, religion, trade union membership, genetics, biometrics, health, or sexual orientation.
2 HOW WE USE INFORMATION WE COLLECT
2.1 We only use your personal information where the law allows us to. We use your personal information only where:
(a) we need to perform the contract we have entered into (or are about to enter into) with you, including operating our products or services, providing customer support and personalised features, and protecting the safety and security of our Platform.
(b) it satisfies a legitimate interest not overridden by your fundamental rights or data protection interests, for example, for research and development and to protect our legal rights and interests.
(c) You've given us consent to do so for a specific purpose; for example, we may send you direct marketing materials or publish your information as part of our testimonials or customer stories to promote our products or services with your permission or
(d) We need to comply with a legal or regulatory obligation
2.2 If you have given us consent to use your personal information for a specific purpose, you have the right to withdraw your consent at any time by contacting us (please refer to paragraph 8 for contact information), but please note this will not affect any use of your information that has already taken place.
2.3 We do not share your personal information with any company outside our group for marketing purposes unless you express specific consent.
2.4 We have set out our legal bases for processing your information in the Legal Bases Table at the end of this policy.
3 HOW WE SHARE INFORMATION WE COLLECT
3.1 We do not share personal information on aggregated or de-identified basis with third parties for research and analysis, profiling, and similar purposes to help us improve our products and services.
3.2 Use any third-party software in connection with our products or services, for example, any third-party software that our Platform integrates with. You might give the third-party software provider access to your account and information.
3.3 We do not control the policies and procedures of third-party software providers. However, they do need to comply with Squarespace and Microsoft GDPR policies. This policy does not cover how third-party software providers collect or use your information. We encourage you to review the privacy policies of third-party software providers before you use the third-party software.
3.4 Our Platform may contain links to third-party websites over which we have no control. If you follow a link to any of these websites or submit information, their policies will govern your information. We encourage you to review the privacy policies of third-party websites before you submit information to them.
3.5 We may share your information with government and law enforcement officials to comply with applicable laws or regulations, for example, when we respond to claims, legal processes, law enforcement, or national security requests.
3.6 If a third party acquires us due to a merger, acquisition, or business transfer, your personal information may be disclosed and transferred to a third party in connection with such transaction. We will notify you if such a transaction occurs and inform you of any choices you may have regarding your information.
4 HOW WE STORE AND SECURE INFORMATION WE COLLECT
4.1 We use data hosting service providers based in Microsoft Cloud to host the information we collect.
4.2 We have adopted the following measures to protect the security and integrity of your personal information:
(a) Information is encrypted using TLS/SSL technology.
(b) your account is password-protected, with the requirement(s) that No less than eight characters with a combination of letters and numbers, and two-factor authentication;
(c) access to your personal information is restricted to personnel or service providers on a strictly need-to-know basis, who will only process your information on our instructions and who are subject to a duty of confidentiality; and
(d) our information collection, storage, and processing practices are reviewed regularly.
4.3 We have put in place procedures to deal with any suspected privacy breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
4.4 While we implement safeguards designed to protect your information, please note that no transmission of information on the Internet is entirely secure. We cannot guarantee that your information, during transmission through the Internet or while stored on our systems or processed by us, is safe and secure.
4.5 We only retain personal information for so long as it is reasonably necessary to fulfil the purposes for which we collected it, including to satisfy any legal, accounting, or reporting requirements. We will retain data collected for as long as it is reasonably necessary for our business. We periodically review the basis and appropriateness of our data retention policy.
5 YOUR RIGHTS
5.1 You have the right to:
(a) be informed of what we do with your personal information;
(b) Request a copy of personal information we hold about you;
(c) Require us to correct any inaccuracy or error in any personal information we hold about you;
(d) Request erasure of your personal information (note, however, that we may not always be able to comply with your request of erasure for record-keeping purposes, to complete transactions, or to comply with our legal obligations);
(e) Object to or restrict the processing by us of your personal information (including for marketing purposes);
(f) request to receive some of your personal information in a structured, commonly used, and machine-readable format, and request that we transfer such information to another party; and
(g) withdraw your consent when we rely on consent to process your personal information (although this will not affect the lawfulness of any processing before you withdraw your consent).
5.2 You may opt out of receiving marketing materials from us By opting out at the registration page or any marketing emails you receive. Please note, however, that even if you opt out of receiving marketing materials from us, you will continue receiving notifications or information from us that are necessary for using our products or services.
5.3 As a security measure, we may need specific information from you to help us confirm your identity when processing your privacy requests or when you exercise your rights.
5.4 Any request under paragraph 5.1 will normally be addressed free of charge. However, we may charge a reasonable administration fee if your request is clearly unfounded, repetitive, or excessive.
5.5 We will respond to all legitimate requests within one (1) month. Occasionally, it may take us longer than a month if your request is particularly complex or if you have made several requests.
6 CHANGES TO THIS POLICY
We may amend this policy occasionally by posting the updated policy on our Platform. By continuing to use our Platform after the changes come into effect, you agree to be bound by the revised policy.
7 POLICY TOWARDS CHILDREN
Our products and services are not directed to individuals under 14. We do not knowingly collect personal information from individuals under 14. If we become aware that an individual under 14 has provided us with personal information, we will take steps to delete such information. Contact us if you believe we have mistakenly or unintentionally collected information from someone under 14.
8 CONTACT US
8.1 Please contact us by submit any written request to:
The Martello LTD
Jonny Mulligan Managing Director
Attn: Data Privacy Officer
8.2 Please contact us immediately if you have any questions or concerns. If you have unresolved concerns, you can file a complaint with a data protection authority in the country where you live or work or where you feel your rights have been infringed.
8.3 If you reside in the United Kingdom, you may file a complaint to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).
8.4 If you reside in the European Union then you may file a complaint to the Information Data Protection - European Commission (europa.eu)
Last updated: 20th January 2024
COOKIES POLICY
When you access our Platform, cookies are small text files placed on your device by a web server. We use cookies to identify your access and monitor usage and web traffic on our Platform to customise and improve our products and services.
Squarespace hosts our website, and we follow their cookies policy with the settings in place to ensure you know and understand what cookies the platform is using. More details on Squarespace Cookies and GDRP can be found here: Privacy Policy – Squarespace
We use both persistent cookies and session cookies. A persistent cookie stays in your browser and will be read by us when you return to our Site or a partner site that uses our services. Session cookies only last for as long as the session lasts (usually the current visit to a website or a browser session).
We use the following types of cookies:
(a) Strictly necessary cookies – these are required for our site's operation. They include, for example, cookies that enable you to log into secure areas of our website.
(b) Analytical/performance cookies – These allow us to recognise and count the number of visitors and see how visitors move around our site when they are using it. This helps us improve how our site works, for example, by ensuring that users easily find what they are looking for.
You can block cookies by activating the setting on your browser that allows you to refuse the use of all or some cookies. However, if you do so, you may be unable to access all or parts of our site.
LEGAL BASEs
Processing Purpose
Type of data processed: Name, Company and contact detail on an opt-in
Legal basis: Opt-in basis
Preference Data: opt-in basis
Individual and Company Information: Only on an opt-in basis
Consent: Opt in provided by client or customer