Simple statement about the data we hold about you as a client
Cookies: When you use this website, it may leave cookies on your computer. We cannot use them them to identify you personally. We use them to improve the experience of website visitors (like most websites in the world).
Your personal data: If you are one of our clients we hold some data on you (so we can keep in touch). Your personal information is kept private and stored securely until a time it is no longer required or has no use. At no time do we sell or pass your personal data to other companies/ people to use, unless required to do so by law.
Marketing: We will not use your personal data to market to you unless you give explicit permission and tell us what subjects you are interested in. Such data, is never passed or sold to third parties.
Our beliefs regarding your privacy and data protection
Your privacy and your data protection are human rights.
- We have a duty of care to all those people we store data on
- Data is a liability, it should only be collected and processed when necessary
- We will never sell, rent or otherwise distribute or make public your personal information
The data controller for this website, marketing, and operations is Sarah Isherwood, Director.
The following policy gives more details on the subjects above.
Our privacy and data policy.
This policy shows what data our business holds on you as a client and our website visitors, why and what we do with it. We hold this data as we have a legitimate interest in doing so. If you have any questions on this, or wish to review any data we hold on you, you should contact us.
To read individual sections of this policy, click on the + sign to open them.
1.0 External Website Links & Third Parties
Although we attempt to only include quality, safe and relevant external links, users are advised to adopt caution before clicking any external web links in this website.
External links are clickable text / banner / image links to other websites, for example this one) we cannot guarantee or verify the contents of any externally linked website despite our best efforts.
You click on external links at your own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.
2.0 Social Media Policy & Usage
We adopt a Social Media Policy to ensure the business and any representatives/ staff conduct themselves accordingly online. While we have official profiles on social media platforms you are advised to verify authenticity of such profiles before engaging with, or sharing information with such profiles.
We never ask for user passwords or personal details on social media platforms. You are advised to conduct yourself appropriately when engaging with us on social media.
This website may feature social sharing buttons, enabling you to share web content directly from this website to social media platforms. You use social sharing buttons at your own discretion and accept that doing so may publish content to your social media profile feed or page.
We may ask if we can share a recommendation (if you are kind enough to give one) with other people via the website and social media. We will only share such recommendations if you give your permission. We will remove said recommendations at any time, if you want us to.
3.0 Our core beliefs regarding user privacy and data protection
- User privacy and data protection are human rights
- We will never sell, rent or otherwise distribute or make public your personal information
- We have a duty of care to the people whose data we hold
- Data is a liability, it should only be collected and processed when absolutely necessary
4.0 Relevant legislation
This website is designed to comply with the following legislation with regards to data protection and user privacy:
- UK Data Protection Act 1988 (DPA)
- EU Data Protection Directive 1995 (DPD)
- EU General Data Protection Regulation 2018 (GDPR)
Our business and internal computer systems also are designed to comply with the same legislation.
5.0 Personal information we collect and why we collect it
As a business we process personal data. This could be of website visitors, or on our clients. We do this for the following reasons:
All visitors give permission or to deny the use of/ saving of cookies on computer/ device. This is done when you first visit the website.
The cookies we use are (click down arrow to see details):
Helps load balancer to track which web server to send the visitor to. Its purpose is to improve the performance of the website. This is an essential cookie to the operation of the site that is always set by the load balancer and does not store any personal information. Personally identifiable information:
|Google Analytics||3rd Party||
We use Google Analytics to monitor traffic levels, search queries and visits to this website. Google Analytics stores IP address anonymously on its servers in the US. These cookies enable Google to determine whether you are a return visitor to the site, and to track the pages that you visit during your session.
Personally identifiable information:
Stops the cookie warning message coming up each time you visit the site. Personally identifiable information:
You can disable cookies on your internet browser, it will stop cookies from tracking any part of your visit to pages in this website.
5.2 Website visitor tracking.
Google Analytics records data such as your geographical location, device, internet browser and operating system; however, none of this information personally identifies you to us.
Google Analytics also records your computer’s IP address which could be used to personally identify you, but Google do not grant us access to this. We consider Google to be a third-party data processor (see section 6.0 below).
5.3 Contact forms and email links
Should you choose to contact us using the contact form on our ‘Contact us’ page or an email link, the data that you supply will NOT be stored by this website. It will be processed by the third party data processors defined in section 7.0 that relates to email conversations.
Your data will be collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP). My SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the internet. The email content is then decrypted by our local computers and devices. We only use your email address to respond to you, and don’t keep the email for more than 6 months, unless the email goes on to form the basis of a contract or a marketing request (these are separate reasons for holding your data).
5.4 Downloads & Media Files
Any downloadable documents, files or media on this website are provided to users at their own risk. All precautions have been undertaken to ensure only relevant downloads are available virus free. You are advised check all files with third-party anti-virus software or similar applications.
When you request a download you will be explicitly told if your data is being stored for marketing purposes (occasional, related emails). If the form does not make this explicit, we do not keep data on you as somebody who has downloaded material from the website.
5.5 Data we hold on clients
The information we store is:
- Your name, phone number, email and physical address.
- The work you wanted us to do
- Copies of your invoices.
None of this information is passed, or sold, to any third parties unless we are legally required to.
6.0 Your personal information
Your personal information falls into two categories:
- As a website visitor. This is treated the same for all our website visitors.
- As a client. Where we need to keep information on you, to do the work you ask us to.
6.1 How this website stores your personal information
This website does not store any personal data.
6.2 This website’s server
This website is hosted by GoDaddy in Phoenix Arizona.
6.3 How we store the personal information of clients.
So we can complete the work you ask us to we have a legitimate interest in keeping data on you. You may examine this data, by asking in writing.
We store your contact details on our phones, iPad and laptop. Copies of your invoices, with your data, are stored on the laptop which is kept in a locked cabinet in our office. Any handwritten notes of your details are in a diary which is kept on our person. Old copies of diaries are destroyed annually and invoice copies are kept for the period required by the HMRC.
If we contact you by email, your emails and email address will be stored for us by our email provider (see third party data processors). Old emails are deleted annually.
7.0 Third party data processors
We use the following third parties to process personal data on our behalf. These third parties all comply with the legislation set out in section 2.0. These third parties are based in the USA and are EU-U.S Privacy Shield compliant. They are:
8.0 Data breaches
We will report any unlawful data breach of this website’s database or the database(s) of any of our third-party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
9.0 Data controller
The data controller for this website, marketing and operations is Sarah Isherwood, Director.
10.0 Data protection officer
Sarah Isherwood, contact details as above.
11.0 Changes to this policy
This website privacy and data policy may change from time to time to keep up to date with legislation or industry developments. We will not always explicitly inform clients or website users of these changes.
We recommend you check this page occasionally for any policy changes. Specific policy changes and updates are mentioned in the change log below.