Privacy
Privacy notice
Who are we?

Shyield Consulting is a boutique privacy and data protection consultancy that provides comprehensive advice to assist organisations manage risk and build trust with customers. It is also the operator of the website www.shyieldconsulting.com and the data controller that resides at 8 The Green, Suite № 5159, Dover, Delaware 19901.

We can be reached via e-mail at dpo@shyieldconsulting.com. Please, feel free to contact us should you require additional information regarding ourselves, our services or the way we manage data.
Why do we process data?

We process personal data to register you as a client, contact you or identify you for the provision of our services and to manage our relationship with you. 

We collect your personal data such as your name, e-mail address, phone and any other information when you contact us either through the form on this site or via e-mail and telephone. We may also receive personal data indirectly when your personal data is given to us by our client in the course of the provision of our services such as, if you are our client's point of contact.
On what basis do we process data?

The information we collect and store relating to you is primarily used to enable us to provide our services. In doing so, we rely on the following legal bases:

- Legitimate interest - For example, to respond to your queries about our services or follow up after you have handed us your business card. Also, we may notify you of any changes to this Privacy Notice, our website, our services or even provide you with information regarding services similar to those that we have previously provided to you.
- Entrance into and performance of a contract - For example, to take the necessary steps to prepare a contract for the provision of our services and to perform our contractual obligations under the same.
Whom might we share data with? 

For security and efficiency purposes, we deem it necessary to work with global companies that are best positioned to guarantee the security of the infrastructure we use to operate this website. Therefore, although any data we may share with them should be limited to purely what is required to maintain a requisite level of security and functionality of our website, we feel compelled to share their details with you here:

- Microsoft - We use some of Microsoft's software such as Word, Excel, PowerPoint as well as their operating system;
- Ionos - Our website is hosted with Ionos and we use their 'cloud based' e-mail service application to communicate with you or schedule consultations using the integrated calendar feature;
- Google & Lenovo - We use Google's open-end operating system, Android, to power up our mobile phones and Motorola, as part of Lenovo, to provide the hardware;
- LinkedIn - Our use of the platform is limited strictly to allowing customers to engage with us and for us to respond on their queries. Any personal data communicated through LinkedIn may be processed in furtherance of our legitimate interest, namely to manage our relationship with you should you express interest in our services.

Please, note that due to the global operations of the above-mentioned providers, some of your data may be transferred outside the European Union, but that will mostly be to the United States where servers of these providers are situated. Additionally, despite our best effort to seek to employ the services of reputable providers who have the necessary resources to maintain state of the art security measures of their infrastructure, we are not in a position to absolutely guarantee the secure transmission of data over the Internet. To that end, however, we are committed to fully utilise all available tools such as 2FA, encryption, password protection etc. at all times when we conduct our business.
How long do we keep data for?

We retain data for a period no longer than necessary to manage ongoing relationships with clients and for a reasonable period thereafter in case of a challenge. For example:

- we may hold contracts, financial information, project notes and the like for a period of 6 years from the contract completion date;
- we may hold business contacts such as e-mail addresses, telephone numbers and the like for a period of 3 years from the end-of-relationship date;
- where we have ongoing client relationships exceeding these periods, we may retain data as necessary to manage the relationship.
What rights do you have?

Under data protection laws, you can claim certain rights which may be available, depending on the circumstances and, in particular, the legal bases on which we process your data. These include:

- Access - You can request a copy of the personal data we hold about you;
- Rectification - If we have entered your personal data incorrectly, you can request that we fix it;
- Opt-out - You can ask that we stop contacting you with information regarding our services (excludes all communication we may exchange for administrative or housekeeping purposes).;
- Restriction - In the case we enter into an argument regarding the processing of your data, you can request that we stop processing it until the argument is resolved;
- Complaint - You have the right to lodge a complaint with the supervisory authority in the country where you reside, work or where the alleged infringement took place;
- Automatic decision-making - Not to be subjected to and evaluated on the basis of automated processing;
- Portability - To receive all of your own data;
- Erasure - You can request that we delete all your personal data (applies when data is processed on the basis of obtaining your consent);
- Objection - In cases involving, for example, direct marketing, you can object to our processing of your personal data, if we continued sending you marketing communications after you have opted-out of receiving such communications.
Changes to this Privacy Notice

We try to keep this Privacy Notice up-to-date at all times but, should we introduce any changes, we will endeavour to list them in this section for ease of reference.

Last updated: 25 May 2018
Share by: