top of page



Innovation Software Limited is strongly committed to protecting personal data.  This privacy statement describes why and how we collect and use personal data. It also provides information about individuals’ rights.  It applies to personal data given to Innovation Software by the individuals or by 3rd parties about:-

  1. Clients - Personal information about Individuals within client organisations.

  2. Prospective clients – personal information about individuals within prospective client organisations.

  3. Visitors to our Website.

We may use personal data provided to us for any of the purposes described in this privacy statement or as otherwise stated when it is collected.


This privacy policy is issued on behalf of the Innovation Software Limited. This is the company responsible for processing your personal data as the controller and is responsible for personal data collected via our website. 

We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact the DPO using the details set out below.

Controller Contact details

Full name of legal entity: Innovation Software Limited

Name and title of DPO: Caroline Lyons, Director

Email address:

Postal address: Innovation Centre, F26, Maidstone Road, Chatham, Kent, ME5 9FD

Telephone number: +44 (0)1 634 812300.


When collecting and using personal data, our policy is to be transparent about the reasons why we collect it and how it is processed. This is described in the relevant sections below.


The Personal Data We Collect 

The collection of personal data about contacts and the storage of that personal data in our systems will include:- 


  • Name and Job Title

  • Employer name 

  • The nature of your Employer’s Business

  • Your work address

  • Contact title, and Job Title

  • Main Work Telephone number

  • Direct and Mobile telephone numbers

  • Email address

  • Recordings using Microsoft Teams in which you have participated to store records of Presentations and Project Meetings so we can communicate better with you. 


How We Collect Personal Data

We collect Marketing and Communications Data about individuals via our Website. We may also use professional social media sites, such as LinkedIn, to contact you via that platform or share your content.

We may also collect Data from publicly available sources such as Companies House.

We will collect Personal information about our Clients’ employees at the commencement of our relationship with the Client.

Our policy is to collect only the personal data necessary for the purposes described below. 


How we Use personal data of Employees or Individuals associated With our Clients

Our use of your personal data is subject to your instructions, and Lawful Purposes as defined by the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act, 2018, any replacement legislation in force in the United Kingdom from time-to-time (the data protection legislation) and our duty of confidentiality owed as regulated solicitors.

We use the information you provide primarily to provide Software and Services to our clients, but we may also use it for other purposes including:-

  • updating and enhancing client and third-party records;

  • analysis to help us manage our Company

  • call recording using Microsoft Teams either for Product Presentations or Project Management Meetings – your information will be kept confidential at all times 

  • contacting you for the purpose of investigating opportunities for further processing or consent.

We use personal data for the following purposes:-

  • Providing our Software and services - Our services cover the provision of, implementation, and training in the use of our Software Products.

  • Security, quality and risk management activities - We have security measures in place to protect our and our clients’ information (including personal data), which involve detecting, investigating and resolving security threats.  Personal data may be processed as part of the security monitoring that we undertake; for example, automated scans to identify harmful emails.  

  • Complying with any requirement of law, or regulation-As with any Business, we are subject to legal, obligations.  We need to keep certain records to demonstrate that our services are provided in compliance with those obligations and those records may contain personal data.


We are continually looking for ways to help our clients and improve our business and services.  Where agreed with our clients, we may use information that we receive in the course of providing our software and services for other lawful purposes, including analysis to better understand a particular issue, industry or sector, provide insights back to our clients, to improve our business, service delivery and offerings and to develop new Innovation Software Limited technologies and offerings.  To the extent that the information that we receive in the course of providing professional services contains personal data, we will remove the personal data prior to using the information for these purposes.  

Data retention

We retain the personal data processed by us for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). 

In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for records and other documentary evidence created in the provision of services is 6 years from the end of our relationship with a Client.

Disclosure of your Personal Data

Our policy is not to share your Personal Data with 3rd Parties other than it may reside on our Marketing CRM, our Azure 365, and Accounting system, and Freshworks Support System for Users of our Software.

Your personal data will always be used on a Lawful Basis, but may need to be shared for the following reasons: -

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Our Personnel and Recruitment Applicants

We collect personal data concerning our own personnel as part of the administration, management and promotion of our business activities.


Recruitment applicants

When applying online for a role at Innovation Software Limited via the Innovation Software Limited website, applicants should refer to the information made available when applying for a job for details about why and how personal data is collected and processed.  

Suppliers (including subcontractors and individuals associated with our suppliers and subcontractors)

Collection of Supplier Personal data

We collect and process personal data about our suppliers (including sub-contractors and individuals associated with our suppliers and subcontractors) in order to manage the relationship, contract, to receive services from our suppliers.

Use of Supplier Personal Data

We use personal data for the following purposes:

  • Receiving services

  • We process personal data in relation to our suppliers and their staff as necessary to receive the services. For example, where a supplier is providing us with facilities management or other outsourced services, we will process personal data about those individuals that are providing services to us.

  • Providing professional services to clients

  • We do not use Sub-Contractors to provide services to our Clients.

  • Administering, managing and developing our businesses and services

  • Security, quality and risk management activities

We have security measures in place to protect our and our clients’ information (including personal data), which involve detecting, investigating and resolving security to threats.  Personal data may be processed as part of the security monitoring that we undertake; for example, automated scans to identify harmful emails.  We have policies and procedures in place to monitor the quality of our services and manage risks in relation to our suppliers.  We collect and hold personal data as part of our supplier contracting procedures.

Providing information about us and our range of services

Unless we are asked not to, we use business contact details to provide information that we think will be of interest about us and our services.  For example, industry updates and insights, other services that may be relevant and invitations to Webinars and other events.

Visitors to our offices

We have security measures in place at our offices.

We require visitors to our offices to sign in at reception and keep a record of visitors for a short period of time.  Our visitor records are securely stored and only accessible on a need-to-know basis (e.g. to look into an incident).

Visitors to our website

Collection of personal data

Visitors to our websites are generally in control of the personal data shared with us.  We do not capture any information via the use of cookies on our website.

We receive personal data, such as name, title, company address, email address, and telephone numbers, from website visitors; for example when an individual subscribes to updates from us.

Visitors are also able to send an email to us through the website. Their messages will contain the user’s screen name and email address, as well as any additional information the user may wish to include in the message.    

Use of personal data

When a visitor provides personal data to us, we will use it for the purposes for which it was provided to us as stated at point of collection (or as obvious from the context of the collection).  Typically, personal data is collected to:

  • register for certain areas of the site;

  • subscribe to updates;  

  • enquire for further information;

  • distribute requested reference materials;

  • submit curriculum vitae;

  • monitor and enforce compliance with our terms and conditions for use of our website;

  • administer and manage our website, including confirming and authenticating identity and preventing unauthorised access to restricted areas, premium content or other services limited to registered users; and

  • aggregate data for website analytics and improvements.

Unless we are asked not to, we may also use your data to contact you with information about Innovation Software Limited’s business, services and events, and other information which may be of interest to you. Should visitors subsequently choose to unsubscribe from mailing lists or any registrations, we will provide instructions on the appropriate webpage, in our communication to the individual, or the individual may contact us by email with the subject line "Unsubscribe Me" to:

Our websites do not collect or compile personal data for the dissemination or sale to outside parties for consumer marketing purposes or host mailings on behalf of third parties.  If there is an instance where such information may be shared with a party that is not an Innovation Software Limited member firm, the visitor will be asked for their consent beforehand.

Data retention

Personal data collected via our websites will be retained by us for as long as it is necessary (e.g. for as long as we have a relationship with the relevant individual).

Your Legal Rights

Under data protection laws you may have the following rights in relation to your personal data.

  1. Request access to your personal data

    Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

  2. Request correction of your personal data

    Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us

  3. Request erasure of your personal data

    Request erasure of your personal data. This enables you to ask us to delete personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. We may not always be able to comply with your request of erasure for specific legal reasons about which we will notify you, if applicable, at the time of your request.

  4. Right to withdraw consent

    Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent. If you wish to exercise any of the rights set out above, please contact:

Download this policy

Click here to download this Privacy Statement as a PDF.

bottom of page