SBSA Privacy Policy

SBSA conducted a review of its data policies during May 2018 as part of its General Data Protection Regulation (GDPR) compliance preparations.  This included revising our Privacy Policy, which is published below.


Privacy Policy


The General Data Protection Regulation, numbered Regulation 2016/679, entered into force on 25 May 2016. It will apply from 25 May 2018.   Once the GDPR is in effect, the current Data Protection Directive 95/46/EC is repealed.

Scott B Sullivan Associates Ltd (SBSA), 10 Roman, East Tilbury, RM18 8SE (“we”/”us”) is a data controller and processor and is committed to protecting and respecting your privacy.  This policy sets out the basis on which any personal data (“data”) we collect from you, or that you provide to us, will be processed by us.  All data about you that we store is stored using iCloud and Dropbox secure servers.


Your data

Your data will be held by SBSA and we will not share information with third parties based outside the European Economic Area (“EEA”).

When you enquire or purchase services from SBSA, we will receive your name and email address from you.  We will only use these details to process and deliver the services requested, or deal with any queries you have relating to the services that SBSA operates.

We will never sell, distribute use or release your information to third parties for marketing purposes or any other purpose.  SBSA does not currently hold a mailing list, however should a mailing list be compiled in the future, SBSA will not add you to such a mailing list without your explicit consent.

We will only retain your details for as long as necessary in order to plan, deliver and maintain the services requested and we will securely store any data collected during that period.  We retain personal data related to orders for seven years for tax purposes and those relating to queries for two years.  After this time we will delete your data from our records.

You have the right to know what personal data we hold about you, and to ask for that data to be changed or deleted.  You also have the right to complain to the ICO if you believe there is a problem with the way we handle your data.


Uses made of your data

We will process and use your data for the following purposes (“Purposes”):

  • To provide you with information that you request from us;
  • To provide you with services that you order from us;
  • To carry out our obligations arising from any contracts entered into between you and us
  • To contact you with reference to telephone interviews, surveys, feedback forms, focus groups;
  • To support written fundraising applications where data is anonymised unless we or our client has secured your explicit consent to use data in such applications in a manner attributable to you


Data processed on the basis of contractual necessity

SBSA collects personal data for the completion of surveys, telephone interviews, feedback forms or focus groups when required through contractual necessity.  This is either collated in Excel spreadsheets or through Survey Monkey for project-related analysis.  Whilst individuals may be identifiable from the raw data due to multiple data points being collected, this information is not released by SBSA to anyone other than our client through contractual necessity.

Analysis of such personal data may be included within project reports or fundraising applications, which may become publicly accessible either as requested by the client or as a result of a Freedom of Information disclosure.  This data analysis will be presented in graphs and charts with accompanying descriptive text.  SBSA does not use direct identifiers such as names or pictures unless consent to do so has been explicitly given for this purpose.  SBSA will only use the first part of a postcode for spatial analysis to reduce the risk that an individual is identifiable.  For indirect identifiers such as age, salary and occupation, SBSA aggregates such information into categories to reduce the precision and therefore the risk that an individual will be identified.

At the end of the contract, we will keep project data for a period of five years.  Any personal data used for the completion of surveys, telephone interviews, feedback forms or focus groups will be kept in the cloud using iCloud and Dropbox for a period of two years before permanently deleting it.  This data may include names, address, telephone numbers and email addresses.


Interaction on Our Website and via Social Media

When you interact with us with comments, articles, posts and tweets on our website and via social media, certain additional and related data is passed to us based on your online identity, such as username, IP address, for instance.  This data is stored as part of this interaction and is determined by the relevant application.

We strongly advise you to think carefully about any sensitive personal information you include in the content of these interactions as they are likely to remain public to all others accessing our website, Facebook page and Twitter account.


Withdrawing content

You may withdraw your consent at any time, by contacting us at any of the following:


Post                             10 Roman, East Tilbury, RM18 8SE

Telephone                   +44 (0) 7732 596857


Links to other websites

Our website may contain links to enable you to visit other websites of interest easily.  However, once you have used these links to leave our site, you should note that we do not have any control over that other website.  Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement.  You should exercise caution and look at the privacy statement applicable to the website in question.


Changes to our Privacy Policy

Any changes we may make to our data protection statement in the future will be posted on this website.  Please check back frequently to see any updates or changes.



Questions, comments and requests regarding this privacy policy are welcomed and should be sent to


Policy Review

SBSA privacy statement is reviewed annually.  Reviews are also undertaken whenever SBSA introduces a new product or service.

Back To Top