LAC Group privacy policy

Home LAC Group privacy policy

This Privacy Policy sets out the data processing practices of LAC Group and, which, going forward, will be referred to as LAC Group.  Please note that all data captured will be used and held in accordance with the requirements of the European General Data Protection Regulation (GDPR), which came into force on 25th May 2018.

If you have any requests concerning your personal data or any queries about how we handle your data you can contact us by email at [email protected] with the words “privacy policy” in the subject line.

This Privacy Policy covers two types of information gathered at the site, personal and aggregated. The term “personal information” refers to data you voluntarily provide in connection with use of the site that identifies you and/or the company on whose behalf you are accessing and using the site. Personal information includes, e.g., data submitted in connection with our services, such as your name, e-mail address, phone number, company affiliation, physical address and/or certain other personal information.

The term “aggregated data” refers to general information regarding visitors and users of the site that relates to use of the site, e.g., traffic patterns, number of visits to certain pages, visits from other web sites or to third-party web sites linked to the site, use of particular services and interest in services, information or features of the site or other parties made available through or found at the site.

The legal bases on which we rely are:

Consent—Gaining consent is part of our client and applicant contact process. Whenever we create a new contact in our client database, we ask for and then record consent and the date. We also record each time somebody signs up for our newsletters via our website and remind customers of their right to withdraw consent at any time.

Contract—Processing is necessary for us to administer the pre-contract and contractual relationship between ourselves and our suppliers/clients/potential employees in connection with the performance of a contract.

Legitimate interests—When we contact business people in relation to our services, they will operate within the markets we service and we will contact them via corporate email addresses. This will be with the interest of discussing work opportunities in an effort to help improve their processes or services and make their businesses more successful. Every email we send has a message regarding opt out/unsubscribe options. We also have a legitimate interest in processing personal data during a recruitment process and for keeping records of the process. Processing data from job applicants allows us to manage the recruitment process, assess and confirm a candidate’s suitability for employment and decide whom to offer a job. We may also need to process data from job applicants to respond to and defend against legal claims.

What information we collect and how we use it

We take the utmost care to ensure that the personal information we obtain from you is not used in a way that you may be unaware of or not agreeable to. We collect information when you register on our site, place an order, subscribe to a newsletter or email list, respond to a survey, register for a sweepstakes or fill out a form on our site. In response, we may ask for information such as your name, email, mailing address, phone number, credit card information or other details to help you with your experience.  We collect this data based on you providing your explicit consent. In the event you opt to provide us with this information, we will only use it for the purpose specified by you at the bottom of the information gathering form.

Information collected on the site may be used to:

  • Register you as a job applicant
  • Process your transactions
  • Enter your email in our promotions or sweepstakes
  • Send marketing communications or surveys to you
  • Respond to your questions or suggestions
  • Improve the quality of your visit to the site

We do not sell, rent or share any of your personal information with any other party including any third-party joint promoters, nor use it for unapproved commercial purposes. You may request to be removed from our lists at any time. All emails distributed to our lists will contain easy, online access to unsubscribe.

Secure registrations

If you decide to submit an application or register at the site, you will be linked to a registration interface and our resumé software. This site has measures in place to protect the loss, misuse and alteration of the information under our control.

Protecting your information

LAC Group would like site visitors to feel confident about using the site to search for positions, comment on stories, post to the forum, craft original blogs and register/submit resumés, so LAC Group is committed to protecting the information we collect. LAC Group has implemented a security program to keep information that is stored in our systems protected from unauthorized access.

We use regular Malware Scanning.

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.

We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.

All transactions are processed through a gateway provider and are not stored or processed on our servers.

Use of aggregated data

LAC Group is interested in improving the site and may develop and offer new features and services. We monitor aggregated data regarding use of the site for marketing purposes and to study, improve and promote use of the site. In connection with such purposes, we may share aggregated data with third parties collectively and in an anonymous way. Disclosure of aggregated data does not reveal personal information about individual site users in any way that identifies who they are or how to contact them.

Use of cookies

To enable features at the site,LAC Group may assign one or more “cookies” to your browser. Cookies, among other things, speed navigation through our site, keep track of information so that you do not have to re-enter it each time you visit our site, and may provide you with customized content. A cookie is an internet mechanism composed of a small text file containing a unique identification number that permits a web server to send small pieces of information or text by means of your browser and place them on your computer’s hard drive for storage. This text lets the web server know if you have previously visited the web page. Cookies by themselves cannot be used to find out the identity of any user.

We use cookies to:

  • Help remember and process the items in the shopping cart.
  • Understand and save user’s preferences for future visits.
  • Keep track of advertisements.
  • Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.

While in the process of browsing our site, you also provide us with information that doesn’t reveal your personal identity. We use this aggregated data only as explained in this Privacy Policy. We do not connect aggregated data to any name, address, or other identifying information.

You may occasionally receive cookies from unaffiliated companies or organizations, to the extent they place advertising on our site or are linked to the site. These third-party cookies may collect information about you when you “click” on their advertising or content or link. This practice is standard in the Internet industry. Because of the way in which the Internet operates, we cannot control collection of this information by these third parties, and these cookies are not subject to this Privacy Policy.

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser (like Internet Explorer) settings. Each browser is a little different, so look at your browser’s Help menu to learn the correct way to modify your cookies.


Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users.

We, along with third-party vendors such as Google, use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.

California Online Privacy Protection Act

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States (and conceivably the world) that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy.

– See more at:

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.

We do not specifically market to children under 13.

Fair information practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:

We will notify the users via email

  • Within 7 business days

We also agree to the Individual Redress Principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.


The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to:

  • Send information, respond to inquiries, and/or other requests or questions.
  • Process orders and to send information and updates pertaining to orders.
  • We may also send you additional information related to your product and/or service.
  • Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.

To be in accordance with CAN-SPAM we agree to the following:

  • NOT use false or misleading subjects or email addresses.
  • Identify the message as an advertisement in some reasonable way.
  • Include the physical address of our business or site headquarters.
  • Monitor third-party email marketing services for compliance, if one is used.
  • Honor opt-out/unsubscribe requests quickly.
  • Allow users to unsubscribe by using the link at the bottom of each email.

If at any time you would like to unsubscribe from receiving future emails, you can email us at: [email protected].

  • Follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence.

Marketing and job applicants

We will never pass your personal data on to any third parties for marketing purposes, unless you instruct us to do so.

We occasionally clarify existing contact details either via telephone or company websites, but we always provide the opportunity to opt out at any time. We also do not pass on information to third parties.

We would like to use your personal data to send you details of products or services that we offer that we have identified as likely to be of interest to you.  We will only send you information in line with the preferences you indicated when you provided your personal data. We may use email, phone and/or social media to send this information.

If you engage with us in relation to a job application, or submit your CV/resumé to us, you will be asked to review and agree to our LAC Group Job Applicant Privacy Policy and will be asked to allow us to hold your CV/resumé on file.

If at any point you would like to opt-out of receiving communications from us, or would like to change the channels (such as email or post) that we use to contact you, please contact us at [email protected].

Recipients/categories of recipients

In carrying out our business, including our obligations to you, we may use sub-contractors. These will be partner marketing providers, email broadcasters e.g. Campaign Monitor/database providers e.g. Salesforce. We will ensure that they respect your privacy and abide by all data protection laws.

Transfers to third countries

Your data may be transferred outside the European Economic Area (EEA), as our operations are based in the USA. In these circumstances, your personal information will only be transferred on one of the following bases:

  • the country that we send the data is approved by the European Commission as providing an adequate level of protection for personal information; or
  • the recipient has agreed with us standard contractual clauses approved by the European Commission, obliging the recipient to safeguard the personal; or
  • there exists another situation where the transfer is permitted under applicable data protection legislation (for example, where a third-party recipient of personal data in the United States has registered for the EU-US Privacy Shield).

Retention periods

We will keep your personal data in connection with the services/products we have provided for a maximum of seven years after initial receipt of your data. We need to retain this data for our own accounting purposes and for legal and tax purposes.

In terms of personal data we use for marketing and job opportunities, we will keep this data for as long as you give us your consent. If you withdraw your consent or opt-out of communications, we will archive your contact details only to ensure that we do not contact you again.

Data subject’s rights

You have rights in respect of your personal data. We will need to confirm your identity before we can consider your request so, if you wish to exercise any of these rights, we will need to see proof of identity to ensure you are the data subject. These can be in the form of a passport, driver’s license or utility bill.

Specifics rights for all residents of the EU as detailed under GDPR are as follows:

The right to be informed—you have the right to be told about the collection and use of the personal data you provide. This privacy policy sets out the purpose for which we process your personal data, how long we will keep your data, who we will share your data with. If you have any questions on how and why we process your data please contact us at [email protected]. If you want to know more about this right, the Information Commissioner’s Office (ICO) has more guidance on their website:

Right of access—you have the right to know whether we are processing your personal data, and to a copy of that data. We would need as much information as possible to enable us to locate your data. We will respond to your request within 28 days of receipt of your request. If you want to exercise this right, please contact us at [email protected]. If you want to know more about this right, the ICO has more guidance on their website:

Right to rectification—you have the right to have any incorrect personal data corrected or completed if it is incomplete. You can make this request verbally or in writing. We will need as much information as possible to enable us to locate your data. We will look at any request and inform you of our decision within 28 days of receiving the request.  If you want to exercise this right, please contact us at [email protected]. If you want to know more about this right, the ICO has more guidance on their website:

Right to erasure—this right, often referred to as ‘the right to be forgotten’ allows you to ask us to erase personal data where there is no valid reason for us to keep it. We will look at any request and inform you of our decision within 28 days of receiving the request.  If you want to exercise this right, please contact us at [email protected]. If you want to know more about this right, the ICO has more guidance on their website:

Right to restrict processing—you have the right to ask us to restrict processing of your data. We will look at any request and inform you of our decision within 28 days of receiving the request.  If you want to exercise this right, please contact us at [email protected]. If you want to know more about this right, the ICO has more guidance on their website:

Right to data portability—you have the right to move, copy or transfer your personal data from one IT environment to another. This right applies to data that you have provided to us and that we are processing on the legal basis of consent or in the performance of a contract and that processing is by automated means. We will respond to your request within 28 days of receipt of your request. If you want to exercise this right, please contact us at [email protected]. If you want to know more about this right, the ICO has more guidance on their website:

Right to object—you have the right to object to our processing of your personal data based on (i) legitimate interests, or for the performance of a task in the public interests/exercise of official authority (including profiling); (ii) direct marketing (including profiling); and (iii) for purposes of scientific/historical research and statistics.

  1. Legitimate interests/legal task – your objection should be based on your particular situation. We can continue to process the data if we can demonstrate compelling legitimate grounds which override your interests.
  2. Direct marketing – you have an absolute right to ask us to stop processing for the purposes of direct marketing. We will action your request as soon as possible.
  • Scientific/historical research and statistics – your objection should be based on your particular situation. If we are conducting research where the processing is necessary for the performance of a public task, we can refuse to comply with your objection.

If you want to exercise this right, please contact us at [email protected]. If you want to know more about this right, the ICO has more guidance on their website:

Rights relating to automated decision making including profiling—you have the right in respect of automated decision making, including profiling. Where we carry out solely automated decision making, including profiling, which has legal or similarly significant effects on you, we can only do this if it is in connection with a contract with you, we have a right under law or if you have provided your explicit consent. We will tell you if this happens and tell you how you can request human intervention or challenge the decision. If you want to exercise this right, please contact us at [email protected]. If you want to know more about this right, the ICO has more guidance on their website:

Processing based on consent

Where we process your personal data based on your consent you have the right to withdraw that consent at any time without reason. You can opt-out by using the unsubscribe/opt-out in any marketing we send you.

EU residents only—The right to lodge a complaint to the supervisory authority

If you are unhappy with any aspect of our handling of your data you can make a complaint to the ICO –

Contractual requirement to provide personal data

The personal data that you provide to us is necessary for us to carry out the contract you have entered into with us to fulfil our contractual obligations. The personal information we receive when we send out a contract includes names, email addresses and company billing details. Without this information, we cannot engage in a contract.

Third-party websites

Our website may contain links to other websites that are outside our control and are not covered by this Privacy Policy.  If you access other sites using the links provided, the operators of these sites may collect information from you that will be used by them in accordance with their privacy policy, which may differ from ours.

Policy modifications & contacting us

LAC Group reserves the right to change this Privacy Policy at any time; notice of changes will be published on this page. Changes will always be prospective, not retroactive. If you have questions about our policies, please contact us at privacy@lac-group with privacy policy in the subject line.