Policy Key Definitions
"I", "our", "us", or "we" refer to the business: Your Private PA
"you", "the user" refer to the person(s) using this website
GDPR means General Data Protection Act
PECR means Privacy & Electronic Communications Regulation
ICO means Information Commissioner's Office
Cookies mean small files stored on users’ computer or device
Key Principles of GDPR
Types of Data Collected
Most of our website pages can be accessed without providing us with your personal information. However, you may choose to provide us with your personal information such as your name, address, email address and/or contact telephone number in order to confirm that you wish for us to get in touch and/or provide you with further information about us and/or our services. This may be through an enquiry form, requesting further information on our services or requesting marketing material, or by emailing or telephoning us with an enquiry, expressing an interest in our services. By submitting your personal information, you consent to our use of the information as set out in this Privacy Notice. We may also contact you to follow up about enquiries you have made with us. If you engage us to carry out work on your behalf, you will be provided with a copy of our Privacy Notice for clients. If you do not agree to our use of your personal information in this way, please refrain from using our website, or contacting us with an enquiry.
Cookies, Google Analytics & IP Addresses
Your Individual Rights
Under the GDPR your rights are as follows. You can read more about your rights in details here;
the right to be informed;
the right of access;
the right to rectification;
the right to erasure;
the right to restrict processing;
the right to data portability;
the right to object; and
the right not to be subject to automated decision-making including profiling.
If you feel there is a problem with the way we are handling your data, you have the right to complain to the ICO viawww.ico.org.uk. We handle subject access requests in accordance with the GDPR.
Data Security and Protection
We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.
Lawful Basis for Processing Your Personal Data
We will only use your personal information were the law allows us to. Generally, this will be for one or more of the following reasons:
where you have provided your consent
to enable us to perform the work you have engaged us for
for compliance with a legal or regulatory obligation to which we are subject
for our legitimate interests, such as facilitating the provision of services to you, business analysis to help improve the management of our practice, governance and good practice and to notify you about changes to our services
Updating, Deleting & Restricting Use of Your Personal Data
It is important that the information we hold about you is accurate and current. Please keep us informed if any of the personal information we hold about you changes at any time. You have the right to object to the processing of your personal information in certain circumstances, or you can withdraw your consent to the processing where this has been provided. You also have the right to access the personal information held about you. If you wish to inform us of any changes, object, withdraw consent for us processing your personal information or access the information we hold about you, please contact Chantell Riches. If you are requesting access to personal information, please also let us have sufficient information to identity you (including proof of your identity and address, by way of: a copy of your passport, driving licence and a recent utility bill or bank or credit card statement). You should also let us know the information to which your request relates, including any matter or reference numbers if applicable. This request is free of charge unless the request is manifestly unfounded or excessive. We hope that we can resolve any query or concern raised by you about our use of your personal information. If you are unsatisfied with our response to any issues you raise, you have the right to lodge a complaint with the Information Commissioner, who is the supervisory authority for data protection in the UK. Further information about your rights can also be found on their website at: www.ico.org.uk
You can also contact them on the below:
0303 123 1113
Email Marketing & Subscription
Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed in the "Processing of your personal data" above. Any email marketing messages we send are sometimes done through an EMS - Email Marketing Service provider. An EMS is a third-party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users. Email marketing messages that we send may contain tracking beacons/tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
Any email marketing messages we send are in accordance with the GDPR and the PECR (further information found here: https://ico.org.uk/for-organisations/guide-to-pecr/what-are-pecr/). We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences/the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences. If in doubt, please email us requesting to do this at: email@example.com.
16 or Under
We aim to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent or guardian’s permission prior to providing us with personal information.
Sharing Your Information
We do not share your information with any third parties unless reasonably required and prior consent has been given by you.
Data Retention Period
We will continue to process your information under the above basis, until you withdraw consent, or it is determined your consent no longer exists.