Select Page

Privacy Notice

SONNOS is committed to protecting your privacy. This Notice explains how we collect information about you and how we may use that information, this is called processing. We ask that you take time to read this Notice and contact us if you have any questions.

Who we are

This Privacy Notice describes how SONNOS Limited (also referred to as “we” or “us” or “our” or “SONNOS“) collects and processes Personal Data about individuals. Our services are that of a consultancy, providing advisory and operational assistance in becoming compliant with Data Protection Laws and Regulations.

In order to operationalise our business, which allows us to provide services, we may collect and process Personal Data about individuals. Due to the nature of our business, in that we provide commercial services to other businesses, the amount of Personal Data we process will be minimal and primarily be business contact Personal Data. This means that SONNOS is a ‘Data Controller’ and responsible for complying with Data Protection Laws.

Where we make reference to, “individuals” or “you” or “your” in this Privacy Notice, this indicates any persons Personal Data we receive in line with the services we provide to our clients.

If you have any questions about how we collect, store or use your personal information, you may contact us by emailing us at: info@sonnos.co.uk or by using the contact form on our website.

Processing your Personal Data

The Personal Data we collect will depend on the service(s) you have engaged us to provide. For example, we will collect more information about you if you are a client than we would if you only made an enquiry about the services we provide.

Sometimes we will ask for or obtain Special Categories of Data (information relating to your health, genetic or biometric data, criminal convictions, sex life, sexual orientation, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership). Due to the services that we provide, this would only be information relating to criminal convictions for the purposes of preventing, detecting and investigating crime.

If you provide Personal Data to us about other individuals, you must provide them with a copy of this Privacy Notice and obtain any consent where it is required to do so.

(Prospective) Clients

This section of the Privacy Notice explains what Personal Data we may collect about you and use if you are a (prospective) client and/or you have provided your Personal Data via our contact form on our website so that you can find out more about the services we provide.

Data we may collect

  • Information such as your name and title
  • Contact details including address, telephone number and email address
  • Details about your job including your job title and the nature of your business
  • Information relating to the advice that you request or the services that we are providing.
  • Information obtained when we carry out checks of sanction lists
  • Any information that you choose to provide to us in relation to the nature of your query
  • Your IP address
  • Information obtained through our use of cookies. Please see our cookies policy for more information
  • Information captured during recordings of our telephone calls and meetings
  • Your marketing preferences
  • Any information we record about your preferences when doing business with us

Special Categories of Data we may collect

  • Information relating to criminal sanctions (including offences and alleged offences and any caution, court sentence or criminal conviction). This information may be received from carrying out checks of sanctions lists

How we collect your Personal Data

There are a number of ways we may collect your Personal Data:

  • Directly from you (or from someone on your behalf) in a number of ways including where it is submitted through our website, through interactions with our website and through any form of communication such as face to face, written, telephone and email correspondence
  • From third parties who might introduce potential clients to us
  • Directly from the SONNOS website you use
  • From publicly open sources such as internet search engines and social media sites
  • Through customer satisfaction surveys and market research

What your Personal Data is used for

Your Personal Data may be processed for a number of different purposes. Each purpose is supported by a legal ground/basis. SONNOS will rely on the following legal grounds/bases:

  • Where your Personal Data is required to enter into a legally binding contract with us to provide you with our services
  • Where we have a legitimate business interest to use your Personal Data to maintain our business records and to also analyse and improve our services
  • Where we have a legal or regulatory duty to use your Personal Data. An example of this would be where our regulators stipulate various recording retention periods which we must comply with

Where the Personal Data that we process is classed as Special Categories of Data, we must be able to evidence one of the following additional legal grounds/bases prior to processing:

  • It is in the substantial public interest. This will apply where we are processing to meet due diligence requirements in order to prevent and detect crime
  • You have provided your consent
  • Where the use of this Personal Data is required to establish, exercise or defend our legal rights. An example of this would be where legal proceedings are being brought against us or we want to bring a legal claim ourselves.

Below sets out further details of the different ways we may use your Personal Data the legal grounds/bases we rely on when doing so:

Purpose for Processing

  • To assess your risk appetite and provide appropriate and transparent recommendations related to your business and customer base.
  • To set you up as a customer, including fraud, sanctions, credit, and anti-money laundering checks.
  • Tracing and recovering debt.
  • Client/Customer Services, including communicating with you and responding to enquiries.
  • Complying with legal and/or regulatory obligations.
  • Providing improved quality, training, and security.
  • Managing business operations (e.g. maintaining records, tax or legal advice).
  • Monitoring usage of the SONNOS website.
  • Advertising, marketing, and promotional purposes via email, post, or telephone.

Legal Grounds for Using Your Personal Data

  • Necessary to enter into/perform a contract.
  • Legitimate business interest (e.g. making assessments, conducting credit and fraud checks, tracing debt).
  • Legal or regulatory obligation.
  • Consent (e.g. marketing purposes, risk assessment).

Legal Grounds for Using Your Special Categories of Data

  • Your consent.
  • Prevention and detection of fraud in the substantial public interest.
  • Necessary to establish, exercise, or defend legal rights.

Who we share your Personal Data with

  • We may share Personal Data with the following third parties for the reason set out above:
  • Our regulators who request this information
  • The police and other third parties or law enforcement agencies where necessary for the prevention or detection of crime
  • Credit reference agencies
  • Debt collection agencies
  • Our third party services providers such as IT suppliers, finance and payment providers, auditors, lawyers, marketing agencies, document management providers and tax advisers
  • Selected third parties in connection with the sale, transfer or disposal of our business

If you would like further information regarding the disclosures of your personal information, you can contact us by emailing us at: info@sonnos.co.uk or by using the contact form on our website.

Sending Personal Data outside of the EEA

Where we (or third parties acting on our behalf) transfer Personal Data that we collect about you to countries outside of the United Kingdom (“UK”) or European Economic Area (“EEA”) we will ensure that the appropriate measures and controls are in place and inform you of such transfers.

Where other transfers to countries outside of the UK or EEA takes place, this will be subject to appropriate mechanisms to ensure they have an adequate level of protection.

If you would like further information regarding our data transfers and the steps, we take to safeguard your Personal Data, you can contact us by emailing us at: info@sonnos.co.uk or by using the contact form on our website.

Marketing Activities

Currently we do not carry out any B2C marketing activities.

Our current marketing strategy is non-targeted and we use various social platforms to provide a wider non-specific audience with information about the services we provide.

We have found that our best marketing tool is ‘word of mouth’.

Our marketing activities comply with all applicable legal requirements.

Automated Processing and Profiling

We do not conduct any automated processing or profiling.

Retention of Personal Data

SONNOS only stores your Personal Data for as long as reasonably necessary to fulfil the purposes set out in this Privacy Notice and to comply with our Legal and/or Regulatory obligations.

When Personal Data is no longer required, we will return or securely destroy it.

For further information regarding how long your personal information will be kept, you can contact us by emailing us at: info@sonnos.co.uk or by using the contact form on our website.

Your Data Privacy Rights

Data Protection laws give you the right to make certain requests in relation to the Personal Data that we may hold about you. If you wish to exercise these rights at any time, you can contact us by emailing us at: info@sonnos.co.uk or by using the contact form on our website.

Where we cannot comply with your request, we will tell you the reason. This may happen if there is a conflict with your request and our duty to comply with a Legal or Regulatory Requirement. In such an event, we will provide a detailed response.

You have the following rights:

  • The right to access your Personal Data – You are entitled to a copy of the Personal Data we hold about you and details of how we use it
  • The right to Rectification – You can ask us to amend/update Personal Data about you which you believe is incorrect
  • The right to Erasure – You can ask to delete you Personal Data in some circumstances, for example, where you withdraw your consent
  • The right to Restrict Processing – You can ask us to stop using your Personal Data
  • The right to Data Portability – You can ask us to transfer your Personal Data where appropriate, to another third party in a machine-readable format
  • The right to Object to Marketing
  • Rights relating to Automated Decision Making
  • The right to Withdraw Consent

Making a Complaint

We would encourage you to contact us directly if you have any concerns about how we use your Personal Data and we will always do our best to resolve your concerns. However, you do have the right to complain to the Information Commissioner’s Office if you believe that any use of your Personal Data by us is in breach of applicable Data Protection Laws and/or Regulations. More information can be found on the Information Commissioner’s Office website:  https://ico.org.uk/.

Protecting your Personal Data

To protect your Personal Data, we use a range of organisational and technical security measures.
We restrict access to your Personal Data to only those who need to know that information for the purposes set out above.
Our internal procedures cover the storage, access and disclosure of your Personal Data.

Updates to this Privacy Notice

This Privacy Notice will be updated periodically. When we do, we will post the current version on this site, and we will revise the version date located at the bottom of this page.

This Privacy Notice was last updated on: 1st September 2024

Get in Touch

If you’re ready to take the next step, please contact us to arrange your free consultation. Let us help you navigate the complexities of Data Protection and Marketing with ease and confidence.

Let's Talk