This policy sets out the basis on which any personal data that you provide to us, will be processed by us. Please read the following to understand our views and practices regarding your personal data and how we will treat it.
Personal Data – any information relating to an identified or identifiable natural person.
Processing – any operation or set of operations which is performed on Personal Data or on sets of Personal Data.
Data subject – a natural person whose Personal Data is being Processed.
Child / Children – a natural person under 18 years of age.
Data Protection Principles
We promise to follow the following data protection principles:
- Processing is lawful, fair, transparent.
- Our processing activities have lawful grounds.
- We always consider your rights before processing Personal Data.
- We will provide you information regarding Processing upon request.
- Processing is limited to the purpose.
- Our processing activities fit the purpose for which Personal Data was gathered.
- Processing is done with minimal data. We only gather and process the minimal amount of Personal Data required for any purpose.
- Processing is limited with a time period. We will not store your personal data for longer than needed.
- We will do our best to ensure the accuracy of data.
- We will do our best to ensure the integrity and confidentiality of data.
Data Subject’s rights
The Data Subject has the following rights:
Right to information – meaning you have to right to know whether your Personal Data is being processed; what data is gathered, from where it is obtained and why and by whom it is processed.
- Right to access – meaning you have the right to access the data collected from/about you. This includes your right to request and obtain a copy of your Personal Data gathered. In certain circumstances we can request a fee of £10 to cover administration costs.
- Right to rectification – meaning you have the right to request rectification or erasure of your Personal Data that is inaccurate or incomplete.
- Right to erasure – meaning in certain circumstances you can request for your Personal Data to be erased from our records.
- Right to restrict processing – meaning where certain conditions apply, you have the right to restrict the Processing of your Personal Data.
- Right to object to processing – meaning in certain cases you have the right to object to Processing of your Personal Data, for example in the case of direct marketing.
- Right to object to automated processing – meaning you have the right to object to automated Processing, including profiling; and not to be subject to a decision based solely on automated Processing. This right you can exercise whenever there is an outcome of the profiling that produces legal effects concerning or significantly affecting you.
- Right to data portability – you have the right to obtain your Personal Data in a machine-readable format or if it is feasible, as a direct transfer from one Processor to another.
- Right to lodge a complaint – in the event that we refuse your request under the Rights of Access, we will provide you with a reason as to why. If you are not satisfied with the way your request has been handled please contact us.
- Right for the help of supervisory authority – meaning you have the right for the help of a supervisory authority and the right for other legal remedies such as claiming damages.
- Right to withdraw consent – you have the right withdraw any given consent for Processing of your Personal Data.
2 – How We Collect Your Information
Comments – WordPress
If you leave a comment on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you provide us with personal information whilst on a call with us, we may make a record of it.
When you submit a form on our website we will record all information submitted including any personal information provided (such as your name and email address).
This information is stored on our website’s database for a short period of time before being sent securely a mail delivery service called Mailgun. We consider Mailgun to be a third party data processor.
Should you choose to contact us using a mailto email link, none of the data that you supply will be stored by this website or passed to / be processed by any of the third party data processors. Instead, the data will be collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the internet. The email content is then decrypted by our local computers and devices.
You are responsible for the security of your email software used to send emails to us.
A cookie is a tiny text file stored on your computer. Cookies store information that is used to help make sites work. Only we can access the cookies created by our website. You can control your cookies at the browser level. Choosing to disable cookies may hinder your use of certain functions.
- Necessary cookies – these cookies are required for you to be able to use some important features on our website, such as logging in. These cookies don’t collect any personal information.
- Functionality cookies – these cookies provide functionality that makes using our service more convenient and makes providing more personalised features possible. For example we anonymously measure how our site is used to help us improve the layout. We may also remember a choice or preference searched to help guide you to useful parts of the site.
You can remove cookies stored in your computer via your browser settings. Alternatively, you can control some 3rd party cookies by using a privacy enhancement platform such as optout.aboutads.info or youronlinechoices.com. For more information about cookies, visit allaboutcookies.org.
Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.
Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us.
Some websites allow GA to track your IP address, however we anonymise your IP address from Google so no personal information is passed. We consider Google to be a third party data processor.
We use Square to bill for our services online. This company will have access to your personal and payment information. We never store or have any access to your credit or debit card details.
We share information with this company only to the extent necessary for the purposes of processing payments.
3 – Third Party Data Processors
We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
4- How we store your information
Any data provided (including personal data) will be stored for our records and minimum legal requirements. For example we need to keep records of our clients for 5 years.
We store all email address preferences for Newsletters so that we know if you are subscribed or unsubscribed.
We annually remove personal information from our system that we have no legal requirement to keep.
We reserve the right to store your data in secure locations for processing such as a bespoke administration system or protected Google Sheets / Drives.
We take many precautions to prevent the loss, misuse or alteration of your personal information. These precautions include:
- Use of SSL encryption for sensitive data
- Hardware stored in secured UK data centres behind firewalls
- All access to information restricted by password and/or secure key
We monitor our systems for possible vulnerabilities and attacks. Even though we try our best, we cannot guarantee the security of information.
In operating our website it may become necessary to transfer data that we collect from you to locations outside of the European Union for processing and storing. By providing your personal data to us, you agree to this transfer, storing or processing. We do our upmost to ensure that all reasonable steps are taken to make sure that your data is treated stored securely.
Unfortunately, the sending of information via the internet is not totally secure and on occasion such information can be intercepted. We cannot guarantee the security of data that you choose to send us electronically. Sending such information is entirely at your own risk.
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
Our website is intended for over 18’s only. Any information regarding a child or children must only be submitted on request when provided by a parent, guardian or the child where a parent or guardian is present. Any information requested is always kept strictly to a minimum for us to provide our service.
5 – Contact
PO Box 159,
Last change: 20th December 2018