From August 2018
GDPR: What is it?
GDPR stands for General Data Protection Regulation and it’s a European privacy law which is enforceable from May 25th 2018. Whether you’re within the European Union or dealing with customers in the EU, you’re compliant. This new and revised policy aims to ‘strengthen, harmonise and modernise’ EU data protection law. Essentially, the law enhances your individual rights over your personal data, in a digital world.
Who is affected by GDPR?
- All organizations established in the European Union
- Organizations involved in processing the personal data of EU citizens
- It affects all industries and sectors, and all types of businesses
What counts as personal data?
- Email address
- Bank details
- IP address
- Medical information
- Social media posts
- A photo
- Location details
Our policy for clients and associates
As a company who do pretty much all of our work online, it’s majorly important to us to get this right. In this policy, we’ll outline the general rules and what you can expect from us going forward. And of course, we’ll make it very clear what your rights are! If anything doesn’t look right, or you’re confused about anything, please don’t hesitate to contact us so we can make things a little more clear from you.
Your personal data
Here at alpha, there are certain types of data we require to store and use in order to carry out our normal business tasks. We store and use both data that qualifies as personal and data that is only associated with a business. Names, phone numbers, email addresses and IP addresses are generally the types of personal data we store and use.
How we use your data
There are two main reasons for us storing your data. Firstly, so we can contact you with regards to the work we are doing for you. Secondly, to follow up on a sales lead where you have already shown interest or passed your details to us. We use names, phone numbers and email addresses for the aforementioned purposes. We never use this data for marketing purposes. For example, we may have access to your email address to give you a quote on a project but we will never give this away to third parties or allow access to anyone outside of alpha. We will only ever use your contact details to speak to you about the work we are doing together or to give you the information you have requested.
If you wish to access your data
Deleting or changing your data
By the same token, we are obligated by GDPR guidelines to completely dispose of the personal data we hold that identifies you if you request that we do so. We are also required to update your personal data in any way if you ask us to. Again, please just let us know by getting in touch via the contact details above.
Obtaining your data for other purposes
Data portability is another right you have within GDPR rules. Essentially, if you wish to obtain and reuse your personal data for another purpose, we are required to provide it to you. This can be in either a physical or digital format. Please just let us know using the outlined contact details in the above two sections.
Collecting new data
We do not partake in any outbound marketing but if you enter your details into our website contact form, we will specifically state what we are collecting your data for. Look out for the mandatory checkboxes on our contact forms – these are a requirement any time you fill in a form. The reasons for collecting and storing your data are outlined in the ‘How we store your data’ and ‘How we use your data’ sections. We will never ask for any more personal data than is necessary and we will only contact you if we have a legitimate business-related interest. We never pass on your personal data to third-parties or use for external marketing purposes. If we wish to collect any new data from you (that identifies you personally), we must receive clear, unambiguous consent from yourself. And you must give it freely. If you feel at any point that you are unsure about what we are collecting your data for, do not hesitate to ask for further clarification.
Accessing data via your website
As we mentioned at the beginning of this policy, we have access to personal data in two main ways. Firstly, the data we store on our own systems relating to clients and the data stored on our clients’ websites.
Due to the nature of our work with our clients, we have access to the data stored on your website in two scenarios. Firstly, it is necessary for us to access the back-end whilst we build your website and integrate your databases, software and other features. Secondly, we need access to the back-end to be able to carry out continuing work such as retainers or content packages. It’s up to you how involved we continue to be. However, we give our full assurance that we will never use the data on your site for our own purposes, pass it onto any third parties or access it without need. We will only access the personal data stored on your website if you have given us permission and we are carrying out necessary work on your site with your full consent. We understand that more sensitive information may be stored on your website’s backend, compared to the simple contact details we store on our site. It is our responsibility to ensure that we do not access this data unless absolutely necessary and we will never use it.
Alter the way we use your data
If you have previously given your consent for us to store or use your data in a certain way, you have the right to amend this. Simply let us know at any point if you object to the way we use your data and we will adjust this accordingly. For example, if we have been in contact with you regarding an interest in working together, you are entitled at any point to end this communication and we can either keep your records without using them or delete them entirely.
In case of a data breach
In the very unlikely event of a security breach involving your personal data, we will inform you within the GDPR guideline of 24 hours. But of course, if this ever did happen, we’d hope to let you know much sooner. And with regards to the individual policies of any software or programs we use, please refer to the ‘How we store your data’ section.
Our social media accounts
As a company, we have a social media presence on the following platforms: Twitter, Facebook, Instagram and LinkedIn. If we ever use anything that could identify you on our social media accounts (such as names, photos or testimonials), we will get full, explicit consent and you have the right to decline or ask us to remove such content in the future.
What are cookies?
You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of this site. Therefore it is recommended that you do not disable cookies.
The cookies we set
Email newsletters related cookies: This site offers newsletter or email subscription services and cookies may be used to remember if you are already registered and whether to show certain notifications which might only be valid to subscribed/unsubscribed users.
Forms related cookies: When you submit data to through a form such as those found on contact pages or comment forms cookies may be set to remember your user details for future correspondence.
- The Google AdSense service we use to serve advertising uses a DoubleClick cookie to serve more relevant ads across the web and limit the number of times that a given ad is shown to you. For more information on Google AdSense see the official Google AdSense privacy FAQ.
- We also use social media buttons and/or plugins on this site that allow you to connect with your social network in various ways. For these to work the following social media sites including; [Twitter, Facebook, LinkedIn, Instagram] will set cookies through our site which may be used to enhance your profile on their site or contribute to the data they hold for various purposes outlined in their respective privacy policies.
Got any questions?
Whether you’re unsure of your rights when it comes to alpha storing, using and accessing your personal data, or you’re confused about a scenario with another business, don’t be afraid to get in touch with us at email@example.com or on 01604 300187. We’d be happy to give you any advice and inform you of your rights.