Fingerprint Icon

What Data We Collect

We collect only the data necessary to support our ability to operate as a business. Such data may include the following:

  • Contact details – such as a person’s name, email address, telephone number, employer and job title, or physical address;
  • Financial information – such as a invoicing or payment details;
  • Company registration information – such as VAT registration number and office locations;

How We Collect Data

We collect data only as a result of direct interaction with potential data subjects, for example through email or hard-copy written communication when discussing or entering into a professional relationship.

How We Use Data

The data that we collect is used solely to enable us to provide services to our customers and to support our employees. We never sell sensitive or personal data. We only make such information available to third parties where required by UK law or to deliver services as agreed with the respective data subjects.

How We Store Data

All sensitive or personal data held or processed by us is stored securely on encrypted datastores located in the United Kingdom, and accessible only employees with a specific business need to do so.

How Long We Retain Data

We retain data only for as long as it is necessary to do so. When there is no longer any legitimate reason to retain information, it is destroyed. Once destroyed, we are unable to restore it.

We process information in accordance with the following conditions, under GDPR:

  1. Consent – This will only be used in very specific instances, and data subjects will be given clear details of the nature of this consent. They are also informed of their right to withdraw consent at any time.
  2. Contract – Upon entering discussion with CODA in regards to a professional relationship, contract will be considered to apply in most cases. This includes discussions of prospective services, ongoing service supply, and consideration for positions of employment.
  3. Legal Obligation – We are sometimes legally required to process, collect, or disclose information related to data subjects to a third party, such as a UK Court of Law or regulatory body. Where legally permissible and practical, we will make the data subject aware of this disclosure.
  4. Legitimate Interest – We may need to process information in the interest of our business activity, our clients, or our employees, which doesn’t meet the requirements above. This instances will be limited in nature and scope, and will be recorded when they occur in order to demonstrate the specific purpose and the necessity of the activity.

Cookies and Tracking

We do not use cookies, tracking or otherwise, on the public areas of the website.