USING PRIVACY & DATA PROTECTION
The new EU General Data Protection Regulation (GDPR) will come into force in May 2018.
As a website designer and digital marketing consultant I work for many different companies and clients. I have contact details for all my clients and also process data on my clients behalf. In situations where I process the personal data of your clients on your behalf, I have a responsibility to comply with the obligations placed on Data Processors by the regulation. This is my personal commitment to data privacy.
This is a responsibility I take very seriously. I believe:
- User privacy and data protection are human rights
- I have a duty of care to the clients’ whose data i hold
- Data is a liability, it should only be collected and processed when absolutely necessary
- I hate getting spam as much as you do!
- I will never sell, rent or otherwise distribute or make public your personal information
This website and my business systems are maintained to comply with the following data protection and user privacy regulations:
- UK Data Protection Act 1988 (DPA)
and the new GDPR regulations
- EU General Data Protection Regulation 2018 (GDPR)
By sticking to these guidelines it is likely that my website and business systems will be compliant with the data protection and user privacy legislation set by many other countries and territories as well. If you have any queries please contact me directly by clicking here for the contact page on my website
COLLECTED BY THIS SITE
AND WHY IT IS COLLECTED
I may collect the following information:
- Name and job title
- Contact information including email address
- Demographic information such as postcode, preferences and interests
- Other information relevant to customer surveys and/or offers
I require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
- Internal record keeping.
- I may use the information to improve my products and services.
- I may periodically send promotional emails about new products, special offers or other information which I think you may find interesting using the email address which you have provided.
This site uses Google Analytics (GA) to track user interaction. I use this data to determine the number of people visiting my site and to better understand how they find and use my web pages.
GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to ume. GA also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. I consider Google to be a third party data processor (see below).
Should you choose to contact me using an email link like this one, none of the data that you supply will be stored by this website or passed to / be processed by any of the third party data processors. Instead the data will be collated into an email and sent to me and stored in my Google Mail Cloud. You can read more about Google Security here
STORAGE & PROCESSING
No personal data is stored by this website.
As a website designer and developer i do store company website server details, including user names and passwords and occasionally credit card details that have been supplied to me by a customer in order to purchase website and marketing related services. These are held locally on my personal computer and are password protected.
If at any time a client requires removal of these details from my computer system, I will delete them immediately and will supply whatever proof required by the client, of their deletion.
My clients are the Data Controllers for all 3rd party data that is supplied to me. I define a client as a person or company that have engaged me to produce paid work (a project) for them, such as, but my no means limited to, a website, email newsletter or logo design. When i have invoiced and received payment for a project I consider that project complete. I cannot be held responsible for changes to the data protection laws or internet technologies that effect these projects after their completion. I will however endeavor to make clients aware of any changes and they can opt to engage me in future paid work to ensure compliance with new technologies and laws.
As Data Controllers my clients have a responsibility to ensure that the personal data they collect is done so with the full knowledge of the data subject and, where appropriate, demonstrate the subject’s consent to receive marketing communications.
As a processor, I will ensure that all data is processed responsibly, securely and only for the purposes for which it was collected.
I use and recommend Mail Chimp to send marketing emails for clients. All my lists are password protected in Mail Chimp and where possible i will use their permission based sign-up form to collect personal data from your website.
Mail Chimp have the following resource about the GDPR https://kb.mailchimp.com/
All emails that I build will have a simple unsubscribe link.
All websites I manage and build following the introduction of the new regulations will have an opt in contact form.
I cannot be held responsible for websites or email newsletters that do not conform to the guidelines that were built prior to the introduction of these new laws.
AND HOSTING RECOMMENDATIONS
This website is hosted on a GoDaddy Linux Shared Server. For more information please visit https://uk.godaddy.com/
I also offer website hosting to my clients. This service is supplied on an annual contract using a Godaddy Windows Shared Server or GoDaddy Linux Shared Server. For more information please visit https://uk.godaddy.com/
Server security can be supplied as an extra service. Please read more about the options you can add to your web hosting here https://uk.godaddy.com/web-security
This is a third party service and i cannot be held responsible for their service provision. I recommend Godaddy in good faith as a company that have provided reliable hosting services to my business and clients.
I do also recommend alternative hosting companies and have no financial interest in Godaddy.
This website may contain links to other websites of interest. However, once you have used these links to leave my site, you should note that I do not have any control over that other website. Therefore, I cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
I am committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, I have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information i hold.
I will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.