What Does This Policy Cover?
What is Personal Data?
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
What Are My Rights?
Under the GDPR, you have the following rights:
The right to be informed about the collection and use of your personal data. This Privacy Notice should tell you everything you need to know, but you can find out more or ask any questions using the contact email address listed below.
The right to access the personal data we hold about you.
The right to have your personal data rectified if any of your personal data held is inaccurate or incomplete.
The right to be forgotten, i.e. the right to ask for your personal data to be deleted or disposed of.
The right to restrict (i.e. prevent) the processing of your personal data.
The right to object to your personal data being used for a particular purpose or purposes.
The right to data portability. This means that, if you have provided personal data directly, it is being used with your consent and that data is processed using automated means. You can ask us for a copy of that personal data to re-use with another service or business in many cases.
For more information about use of your personal data or exercising your rights as outlined above, please use the email contact details provided below.
Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.
If you have any cause for complaint about use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
What Personal Data is Collected?
Some or all of the following personal data (this may vary):
- Operating systems and platforms
- Browser plug-in types and versions
- Time-zone settings
- Browser type and version
- IP address
- Job title
- Email address
- Business name
How Do You Use My Personal Data?
Under the GDPR, there must be a lawful basis for using personal data. This may be because you have consented to use of your personal data, or because there is a legitimate business interest to use it. Your personal data may be used for one of the following purposes:
- Providing and managing your account.
- Supplying you with information by email that you have opted into (you may unsubscribe or opt out at any time).
- Communicating with you. This may include responding to emails or calls from you.
- Personalising and tailoring The Site for you.
With your permission and/or where permitted by law, your personal data may also be used for marketing purposes, which may include contacting you by email with information, news, and offers. Your rights will be protected and compliance with obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003 will be adhered to, and you will always have the opportunity to opt out.
If you have opted in to receive cookies from our website automated profiling may take place. Depending on your interaction with the website, you may be targeted with text ads and/or targeted display ads.
How Long Will You Keep My Personal Data?
Your personal data will not be kept for any longer than is necessary in light of the reason(s) for which it was first collected. Your personal data will therefore be kept for the following periods
- Cookies will be retained for a maximum of 540 days, unless they are reset by, for example, a further visit to our website;
- A record is kept of exactly what personal data is being retained and processed.
- Your personal data is only retained for as long as is necessary.
- Email addresses will be retained for as long as they are considered useful for marketing purposes, or until a valid removal request is received.
Do You Share My Personal Data?
Third parties may be contracted to supply services to you. These may include marketing. In some cases, third parties may require access to some or all of your personal data that we hold.
- Google. We may share your personal data for online marketing purposes.
- MailChimp. We may share your personal data to add you to any mailing lists that you have opted into.
- Microsoft. We may share your personal data for online marketing purposes.
- Twitter. We may share your personal data for online marketing purposes.
- Facebook. We may share your personal data for online marketing purposes.
- Youtube. We may share your personal data for online marketing purposes.
If any of your personal data is required by a third party, as described above, steps will be taken to ensure that your personal data is handled safely, securely, and in accordance with your rights, the site owner’s obligations, and the third party’s obligations under the law.
If any personal data is transferred outside of the EEA, we will take suitable steps in order to ensure that your personal data is treated just as safely and securely as it would be within Germany and under the GDPR.
In some limited circumstances, there may be a legal obligation to share certain personal data, which might include yours, if any legal proceedings or compliance with legal obligations, a court order, or the instructions of a government authority are effected.
How Can I Access My Personal Data?
If you want to know what personal data is held about you, you can ask for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.
All subject access requests should be made in writing and sent to the contact email address shown below.
There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover administrative costs in responding.
Your subject access request will be responded to within 28 days and, in any case, not more than one month of receiving it. Normally, a complete response is issued, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required, up to a maximum of three months from the date your request is received. You will be kept fully informed of progress.
Special Category Data
Special category data is not processed, such as:
- sexual orientation
- sex life
- trade union membership
- ethnic origin
- Criminal Offence Data
Data about criminal convictions or offences is not processed.
Information about children aged 16 or under is not actively sought. If information about a child under the age of 16 is inadvertently collected, we will delete it. If you have any concerns about your child’s privacy, or if you believe that your child may have shared personal information via this website, please contact the site owner and such information will be deleted from any records within a reasonable time.
How Do I Contact You?
The contact email address regarding your personal data and data protection, including to make a subject access request, is as follows:
Email address: firstname.lastname@example.org
Changes to this Privacy Notice
This Privacy Notice may be changed from time to time. This may be necessary, for example, if the law changes, or if the business changes in a way that affects personal data protection.
Any changes will be made available via the website selfconquering.com