d3 Group

Our GDPR Policy

GDPR Policy

D3 group is committed to GDPR compliance, we are also committed to helping our customers with their GDPR compliance journey by providing them with the protections we have built into our services and contracts over the years.


What is GDPR

The General Data Protection Regulation (GDPR) is a European Union (EU) law which took effect on May 25, 2018. The goal of GDPR is to give EU including UK citizens control over their personal data and change the data privacy approach of organisations across the world.


Standards and Certifications

D3 group undertakes regular audits, maintain certifications and provide industry-standard contractual protections. We are registered with the Information Commissioner’s Office.


Identity and contact details of the Data Controller

D3 group is a Data Controller and is committed to protecting the rights of individuals in line with the Data Protection Act 1998 (DPA) and the new General Data Protection Regulation (GDPR).


Contact details of the Data Protection Officer

D3 group has a Data Protection Officer who can be contacted through adrian.graves@d3group.co.uk


What information do we collect about you?

Information from the customer is required by us to be able to deliver your contracted services. Where personal data as defined with the GDPR guidance is required by D3 group to deliver a contracted service, you will be asked for your consent. At any point, you can withdraw your consent and any data obtained by the company will be deleted securely.


How will your information be used?

The information that we collect is to help us provide services to you. In addition to this, we may use the information for one or more of the following purposes:

  • To provide contractual services to your organisation that you have purchased from us;
  • To provide information to you that you request from us relating to our services;
  • To provide information to you relating to other services of interest to you;
  • To inform you of any changes to our services.


Conducting benchmarking surveys?

D3 conducts numerous Industry Benchmarking studies. While participating in benchmarking surveys, participants may provide data which may be personal data, as defined within the GDPR guidance and where applicable, you will be asked for your consent.

To protect and preserve any Confidential or Personal Information, the D3 group agree as follows:

  • we will use Confidential Information for the sole purpose of producing the Benchmarking Survey Reports, for the sole distribution to named individuals of Disclosing Parties to that survey;
  • use the Disclosing Party’s Confidential Information disclosed only in relation to the individual survey;
  • in producing the benchmarking reports, present the Disclosing Party’s Confidential Information anonymously and in such a way that it can in no way identify the Disclosing Party or any individual;
  • maintain as confidential all the Disclosing Party’s Confidential or Personal Information which may come into its possession in any manner and all other information generated from it;
  • not disclose any of the Disclosing Party’s Confidential Information to any third party; and
  • only allow access to the Disclosing Party’s Confidential Information to those employees, consultants, and/or professional advisors who need to see and use it for the performance of the survey;
  • D3 group undertakes to use at least the same degree of care to protect the use and/or disclosure of the Disclosing Party’s Confidential Information as it uses to protect its own Confidential Information (subject to the fact that the Recipient must have used at least a reasonable level of care to prevent unauthorised use and/or disclosure);
  • It is understood information that is in the public domain is not covered by these undertakings.


Transferring data internationally

D3 conducts numerous Industry Benchmarking studies. While participating in benchmarking surveys, participants may provide data which may be personal data, as defined within the GDPR guidance and where applicable, you will be asked for your consent.


How long will your information be held?

We retain your data for no longer than is necessary. What is necessary will depend on the circumstances of each case, considering the reasons how that the data was obtained.


Website – privacy policy

Personal information about visitors to our website is collected only when knowingly and voluntarily submitted. For example, we may need to collect such information to provide you with further services or to answer or forward any requests or enquiries. It is our intention that this policy will protect your personal information from being dealt with in any way that is inconsistent with applicable privacy laws in the United Kingdom.

Personal information that visitors submit to our site is used only for the purpose for which it is submitted or for such other secondary purposes that are related to the primary purpose unless we disclose other uses in this Internet Privacy Policy or at the time of collection. Copies of correspondence sent from the website, that may contain personal information, are stored as archives for record-keeping and backup purposes only.

We DO NOT supply any data collected through the website to any third party and we DO NOT use any cookies on the website.


How to make a GDPR complaint

If you are unhappy with the way in which your personal data has been processed, you may in the first instance contact the D3 group Data Protection Officer using the contact details above.

If you remain dissatisfied, then you have the right to apply directly to the Information Commissioner for a decision. The Information Commissioner can be contacted at :–

Information Commissioner’s Office,
Wycliffe House,
Water Lane,


Click here to read our Terms

Quick links to our key services

Contact Us for more info

If you have any queries or questions regarding our services, we will be delighted to hear from you.