Data Protection Notice Addendum for Clients

About Avondale

Avondale Corporate Ltd (“Avondale”), a company registered under Company Number 3047764 and whose registered office is at Chapter House,33 London Road, Reigate, Surrey RH2 9HZ.


Avondale are classed as Data Processors to both our business to business and business to consumer clients – because we work with personably identifiable data in the implementation of your marketing campaigns.


Security: Where and how is data held?

Avondale makes use of a number of third party organisations and software applications to store and sychronise data. This is for the purposes of maintaining and recording our direct communication with new business prospects, sending out marketing communications and delivery of corporate advisory services to our clients.  Whilst the following list is not intended to be exhaustive, Avondale typically only transfers the personal data relating to our clients where required, for the activities set out below, to the following third parties or Data Processors:

System/Software Function Data Server
Salesforce CRM and Marketing Activities Salesforce use Amazon Web Services (AWS) to host Salesforce online and mobile services. Amazon is responsible for the encryption process on their server and they hold a Comodo SSL certificate.

Pardot CRM and Marketing Activities Salesforce use Amazon Web Services (AWS) to host Salesforce online and mobile services. Amazon is responsible for the encryption process on their server and they hold a Comodo SSL certificate.

Mailing Manager Email Marketing Platform Mailing Manager have certified compliance with the EU-US/Swiss-US Privacy Shield Frameworks.

Citrix Sharefile Secure File Sharing  platform ShareFile participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework.
Memset Hosting Website Hosting Data centers are wholly maintained and managed in the UK and subject to all UK legal jurisdiction.  Memset guarantee not to store, transmit or access Customer Hosted Data outside of the UK data

Google Analytics Website and Campaign Metrics Google own and operate data centres around the world in order to keep their products running efficiently.  They adhere to the EU-US and Swiss-US Privacy Shield Frameworks for data compliance.
Google Adwords PPC Campaigns
Xero Accounting and Payroll Xero stores customer data with hosting provider Amazon Web Services to host their online and mobile services – but are not certified with Privacy Shield. Instead, they rely on a combination of measures to ensure compliance with EU data export rules, including Model Clauses.

Avondale will update this list from time to time as our systems and operations evolve and inform you accordingly.


To maintain data accuracy and ensure the correct usage of information, we monitor and adjust our physical, electronic and managerial procedures to safeguard and secure your personal data while in our care, or in the care of any outside suppliers with whom we may contract to process your data on our behalf. Such Data Processors and Sub Processors will be contractually bound to process only in accordance with our instructions and to maintain technical and organisational controls in compliance with GDPR. Data is stored on servers within the EU, or on Amazon Web Servers certified under the EU-US Privacy Shield.


How do we notify you if there is a security breach?

In the event of a security breach that may affect you, we’ll notify you of the breach, provide a description of what happened and later report the action we took in response.


How is personal data collected and recorded by Clockwise?

When you give your personal data to Avondale as a business prospect, we will process that data in accordance with our responsibilities under the Data Protection Act 1998, the Privacy and Electronic Communications (EC Directive) Regulations 2003, GDPR Regulations (May 2018) and other relevant legislation. When we are working on marketing campaigns or one-off projects for clients – we only use the data that you supply, for the purposes of the campaign or project – and the data remains the property of the client.  We do not share, sell or pass any data on to third parties for any other purpose than that of the campaign.


Your Consent

By interacting with Avondale as defined in this policy, the Subject provides their consent for the transfer and use of their data by our Data Processors and their Data Sub-Processors which Avondale believe will enhance service delivery and customer relationship management activities.  No data transfer will be undertaken that is outside the strict scope of the purposes stated in this policy, or that will materially degrade the security of the Subject’s data or the Data Subject’s rights and in any event the security provisions will be compliant with the applicable Data Protection Laws.


Under Data Protection Laws, Data Subjects can make certain choices in relation to how their personal data is processed.  These include whether your personal data is disclosed to third parties, and preferences regarding the frequency, subject matter, and/or format of communications. Data Subjects or any other concerned parties wishing to discuss matters relating to data protection, such as Subject Access Request; concern over the accuracy of collected data; or enquiries regarding a possible data breach or security incident, please email or write to:


Data Protection Officer
Avondale Corporate
33 Chapter House
33 London Road


The email address is monitored within working hours and you should receive a reply within 2 working days.


If we do not hear otherwise from you, we will assume that the information you provide to us is accurate and up-to-date and we will continue to use the information to send you any communications we think are of use to you.