We respect your privacy and are determined to protect your personal data. The purpose of this privacy notice is to inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from). We’ll also tell you about your privacy rights and how the data protection law protects you.
This privacy notice aims to give you information on how we collect and process your personal data through your use of this website, including any data you may provide through this website when you sign up to our newsletter, download hints and tips or sign up to a workshop.
This website is not intended for children and we do not knowingly collect data relating to children.
You must read this privacy notice together with any other privacy notice we may provide so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them
Karen McKeogh T/As business Growth Studio is the controller and responsible for your personal data (collectively referred to as “Business Growth Studio”, “we”, “us” or “our” in this privacy notice).
Our contact details are Business Growth Studio, 1 Longacre Cottage, Firs Lane, Shamley Green, Surrey GU5 0UU, telephone number 07733 241271, email: firstname.lastname@example.org. For all data matters contact Karen McKeogh using the above details.
VISITORS TO www.businessgrowthstudio.com
Our website uses a third-party, Google Analytics, to collect standard internet log information and details of website visitor behaviour patterns such as the pages which are most frequently visited. The information collected and processed does not result in identification of any visitor to our website. We do not find out or allow Google to find out the identities of those visiting our website. Should we wish to collect specific details we will do this openly by using a contact form or a landing page, which will be clearly marked with a specific purpose. Any person who chooses to complete any form on the site will have the ability to un-subscribe from a newsletter or have their details removed from our data-base at any time.
You may give us your name and contact details by using the contact form on the contact page. The contact form is used for collecting contact information for the purpose of
- Applying for our business consultancy services;
- Requesting marketing information;
- Applying to register for one of our workshops
The Contact form links specifically to the following email address: email@example.com. By completing any forms on our web pages (contact page) you are accepting and consenting to the practices as described in this policy.
We use a third-party provider, [Mailchimp], to collect opt in information from visitors who wish to:
- Subscribe to our newsletters;
- Receive hints and tips;
- Subscribe to receive information about our workshops;
By completing any forms on our web landing pages, you are accepting and consenting to the practices as described in this policy.
HOW WE USE YOUR PERSONAL DATA
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Performance of Contract – This means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
- Legitimate Interest- This means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
- Comply with a legal or regulatory obligation – This means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
HOW WE STORE YOUR PERSONAL DATA
In operating our website, it may become occasionally necessary to transfer data that we collect from you to locations outside of the European Union for processing and storing. By providing your personal data to us, you agree to this transfer, storing or processing. We do our upmost to ensure that all reasonable steps are taken to make sure that your data is treated stored securely with a GDPR complaint processor.
Unfortunately, the sending of information via the internet is not totally secure and on occasion such information can be intercepted. We cannot guarantee the security of data that you choose to send us electronically, sending such information is entirely at your own risk.
Information you provide to us will be stored on local PCs, laptops or portable devices which are held at our offices. Our devices are encrypted (and password protected).
We back up our data using external hard drives which are securely stored.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
THE PURPOSE FOR USING YOUR PERSONAL DATA
We have set out below descriptions of all the ways we plan to use your personal data, with the legal bases we rely on to do so.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact firstname.lastname@example.org if you need details about the specific legal grounds we are relying on to process your personal data.
Type of data
Lawful basis for processing including basis of legitimate interest
|To register you as a new customer||(a) Identity
|Performance of a contract with you|
|To process and deliver your instructions including:
(a) Manage payments, fees and charges
(b) Collect and recover monies owed to us
(e) Marketing and Communications
|(a) Performance of a contract with you.
(b) Performance of legitimate interest
(c) Performance of contract in collecting and recovering fees
|To register you as a subscriber to our newsletter||(a) Identity
|Performance of legitimate interest for newsletter or hints and tips or both|
|To manage our relationship with you
(c) Marketing and communications
|(a) Performance of a contract with you
(b) Necessary to comply with a legal obligation
(c) Necessary for our legitimate interests to keep our records updated and to study how customers use our products/services
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising:
You will only receive marketing communications from us if you have requested information from us or purchased services from us, and, in each case, you have not opted out of receiving that marketing.
You can ask us or third parties to stop sending you marketing messages at any time. Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a service purchase.
CHANGE OF PURPOSE
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact email@example.com
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
We use a third-party service “Wordfence” to help maintain the security and performance of our website. To deliver this service it processes the IP addresses of people trying to login to our dashboard without permission and alerts us so that we act accordingly.
WE USE THE FOLLOWING COOKIES:
Strictly necessary cookies – These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use online shopping facilities or make use of e-billing services.
PHPSESSID – Used to identify your unique session to the website. Expires after session
Analytical/performance cookies – They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
_ga – Used to generate statistical data on how the visitor uses the website – expires after 2 years
_gat – used by Google Analytics to boost request rate – expires after session
_gid – Generates statistical data on how the visitor uses the site – expires after session
Functionality cookies – These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
_lang – Set by LinkedIn when a web page contains an embedded “follow us” panel – expires after the session
Marketing cookies – These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
_stid – Saves the user’s navigation on the website including the pages that have been viewed and how long the user has viewed each page – expire after 9 months
_bcookie – Used by LinkedIn to track the use of embedded services – expire after 2 years
_bscookie – Used by LinkedIn to track the use of embedded services – expire after 2 years
Collect – used to send data to Google analytics about the visitor’s device and behaviour – expires after session
Lidc – Used by LinkedIn for tracking the use of embedded services – expires after session
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Details of retention periods for different aspects of your personal data are available by request. Please contact firstname.lastname@example.org
Under the Data Protection Act 1998, you have rights as an individual which you can exercise in relation to the information we hold about you.
ACCESS TO PERSONAL INFORMATION
We will do our utmost to be as open as possible when it comes to giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’ under the Data Protection Act 1998. If we do hold information about you, we will:
- give you a description of it;
- tell you why we are holding it;
- tell you who it could be disclosed to; and
- let you have a copy of the information in an intelligible form
Please send us an email to email@example.com to request the information we hold about you. If we do hold information about you, you can ask us to correct any mistakes by email and let us know if you would like it deleted.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable admin fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances
TIME LIMIT TO RESPOND
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated
DISCLOSING YOUR INFORMATION
- In the event that we sell any or all of our business to a buyer. In this event we would advise you in advance.
- Where we are legally required by law to disclose your personal information.
- To further fraud protection and reduce the risk of fraud.
LINKS TO OTHER WEBSITES
This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on other websites you visit via this website. Please see our Website Terms and Conditions
CHANGES TO THIS NOTICE AND YOUR DUTY TO INFORM US OF CHANGES
THIS VERSION WAS LAST UPDATED ON 8THMAY 2018 AND HISTORIC VERSIONS ARE CAN BE OBTAINED BY CONTACTING US.
FROM 25 MAY 2018 THERE WILL BE CHANGES IN DATA PROTECTION LAWS AND WE WILL THEN BE ABLE TO RESPOND TO SOME OF YOUR REQUESTS (FOR EXAMPLE, A REQUEST FOR THE TRANSFER OF YOUR PERSONAL DATA). WE ARE STILL WORKING TOWARDS GETTING OUR SYSTEMS READY FOR SOME OF THESE CHANGES.
Please keep us informed if your personal data changes during your relationship with us. It is important that the personal data we hold about you is accurate and current
QUERIES, REQUESTS OR CONCERNS
To exercise all relevant rights, queries or complaints in relation to this policy or any other data protection matter between you and us, please in the first instance contact our DATA PROTECTION OFFICER, Karen McKeogh by email to firstname.lastname@example.org or write to:
Business Growth Studio
1 Longacre Cottage
Surrey GU5 0UU
If this does not resolve your complaint to your satisfaction, you have the right to lodge a complaint with the Information Commissioners Officeon 0303 1231113 or via email https://ico.org.uk/global/contact-us/email/or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England, UK.