Who we are
Sonder is a collaborative project involving the following organisations:
Registered Company Name of Lead Partner: Private Public Ltd. Company Number 6405704. ICO notification number Z1199536. Registered Office: 23 Jacob Street, London SE1 2BG.
Registered Name: ASE Consulting Ltd. Company Number: 04246530. Registered address: 8 Fenchurch Place, London, England, EC3M 4AJ.
Registered Name: Cobic Solutions Ltd. Company Number: 7915598. Registered address: 5-9 Eden Street, Kingston upon Thames KT1 1BQ.
Registered Name: The Collaborate Foundation. Company Number: 02513936. Registered address: Clarence Centre For Enterprise And Innovation, St. Georges Circus, London, England, SE1 6FE.
Registered Name: Cordis Bright Ltd. Company Number: 3620136. Registered address: 23-24 Smithfield Street, London EC1A 9LF.
Registered Name: The Innovation Unit Ltd. Company Number: 05997039. Registered address: Unit 520 Highgate Studios Highgate Road, London, England, NW5 1TL.
Registered Name: Laing Buisson Ltd. Company Number: 02088064. Registered address Harben House, Harben Parade, Finchley Road, London, NW3 6LH.
Registered Name: N A Wilson Associates LLP. Registered Number: OC 319939. Registered address: 7 The Close, Norwich
Registered Name: National Voices. Registered charity number: 1057711. Registered office: 1st Floor, Bride House, 18-20 Bride Lane, London, EC4Y 8EE
Registered Name: Social Care Institute for Excellence. Registered charity number: 1092778 and registered company number: 4289790. Registered address: Watson House, 54 Baker Street, London, W1U 7EX.
Registered Name: SSAT (The Schools Network) Ltd. Company Number: 08073410. Registered address: 5th Floor, 142 Central Street, London, Greater London, EC1V 8AR
Registered Name: Office for Public Management Ltd trading as Traverse. Registered number: 02343617. Registered address: 252B Gray’s Inn Road, London WC1X 8XG.
‘Sonder’, ‘we’, ‘us’ and ‘our’ refers to all of the above partners, of whom PPL takes the lead role.
Our Privacy Notice
Sonder are committed to protecting and respecting your privacy. Under data protections laws, PPL is a data controller in relation to personal information. This means PPL are responsible for deciding what information to collect and how it is used. PPL’s contact details are set out in the CONTACTING US section of this privacy notice.
This notice explains what personal information we collect, how and why we use it, who we disclose it to, and how we protect it.
Our website is intended for use by, our current clients, prospective clients and professional and business contacts.
What are the Data Protections Laws?
The Data Protection Act 1998 and EU General Data Protection Regulation (GDPR) 2018 contain most of the rules about how personal information should be collected and processed. Other rules exist which govern things like email direct marketing.
This privacy notice takes into account of all of the rules, including GDPR.
What personal information do we collect?
People who contact us directly, for example with an enquiry. We will store the information you submit via our website or other forms of contact, which may include your name, contact details, and details about the service you’re interested in or enquiring about.
Existing business contacts. We may collect and hold your contact details and relevant professional information as required to enable our work with you e.g. to support contractual or payment requirements, or to support communication with key stakeholders and the delivery of specific engagement activities.
We will always try to keep the amount of personal information we collect to the minimum needed.
How will we use the information about you and why?
We take your privacy seriously and will only use your personal information to provide the Services you have requested from us, detailed in our Master Service Agreement, Statement of Works and supporting Schedules and as we have identified above. We will use this information subject to your instructions and in accordance with data protection legislation requirements and our duties related to confidentiality.
For business with our Clients our lawful reason for processing personal information will be “legitimate interests”. Under “legitimate interests” we can process your personal information if we have a genuine and legitimate reason and we are not harming any of your rights and interests.
Our work for you may require us to pass your information to our third-party service providers / sub-contractors for the purposes of completing tasks and providing the Services to you on our behalf. However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the Services and we have contracts in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.
We will never share your information for marketing purposes with other companies or organisations so that they may offer you their services.
What is the lawful basis for processing?
In general, we do not require your consent to process your personal information because the processing is necessary:
- in order to provide you with the information or services that you’ve requested, or
- in order to respond to your enquiry, submitted via the website or by email, or
- for legitimate interests, which are to develop and diversify our business and to provide us with insight into the types of people who use our services (this basis applies to business-to-business direct marketing in particular), or
- because we need it to comply with the law.
However, you do have the right to object to how we process your personal information, or ask us to restrict processing.
We do not generally collect “sensitive personal data” or “special categories of data” where the rules about how we process it are stricter.
If you object to or ask us to restrict the processing of your personal information, this won’t affect the lawfulness of the processing we’ve already carried out.
Please see the below for YOUR RIGHTS section for more details.
How we protect your personal information
We will ensure an appropriate level of security to protect your personal information, including protection against unauthorised disclosure or unlawful processing and against accidental or intentional loss, destruction or damage.
We employ up to date technologies and systems to protect your personal information from unauthorised disclosure or damage or misuse. We ensure that our staff receive regulation training about information security and data protection.
PPL meet the ISO/IEC 27001:2017 standard for information security management systems.
We regularly review all our systems, policies and technologies to ensure that these continue to work effectively to protect your personal information.
How long we keep your personal information
We will keep your personal information for as long as is required for the purpose explained in this notice. When we no longer need it, we will archive your personal information, then after twelve (12) months, this will be deleted permanently. We may in certain circumstances need to hold your personal information for longer, for example in relation to a legal dispute or because of regulatory requirements.
Your rights in relation to your personal data
You have a number of rights under data protections laws. These are:
- to request access to your personal information.
- to request that your personal information is corrected if it is out of date, inaccurate or incomplete.
- to request that your personal information be deleted or removed from our records and systems.
- to make a complaint to the Information Commissioners Office.
You also have the right to:
- withdraw your consent to the processing of your personal information (where we need your consent to process your personal information).
- object to or restrict the processing of your personal information (where we don’t need your consent to process your personal information).
- obtain an electronic file of your personal information or have it transferred to another data controller in limited circumstances.
How do i exercise my rights
If you would like to make a request to access or correct your personal information, or to exercise any of your other rights, you can contact us at any time using the details set out in the CONTACTING US section below.
We will respond to any request received from you within 30 days from the day we receive your request.
Please note that some of your rights are restricted, and apply only in certain circumstances. For example, we may refuse to delete your personal information whilst we need it for a valid purpose, including to defend any potential legal claims. We will set out in our response our reasons if we are unable to meet your request.
To find out how to make a complaint to the Information Commissioner’s Office, please visit their website.
If you have any queries about how we use your personal information you can contact the Data Protection Officer through any of the following means:
By Post: PPL, 23 Jacob Street. London. SE1 2BG.
By Email: firstname.lastname@example.org
By Phone: 020 7692 4851
Changes to this privacy notice
This privacy notice is current as at 28 November 2018. We make changes from time to time and you should regularly check for updates.