Definitions and interpretation
|The Globeflower Agency Ltd, and Globeflower Books or us||The Globeflower Agency Ltd, a company incorporated in England and Wales with registered number (10718352) whose registered office is at Studio 12, Coventry Canal Warehouse, Leicester Row, Coventry, CV1 4LH. Email: firstname.lastname@example.org Tel: 07432090223 ;|
The Globeflower Agency is registered with the Information Commissioner’s Office (ICO) – Reference number A8346602.
For purposes of GDPR, The Globeflower Agency Ltd is the “data controller”;
|Data||collectively all information that you submit to The Globeflower Agency Ltd via the Website. This definition incorporates, where applicable, the definitions provided in the new General Data Protection Regulation (GDPR).|
|Website||the website that you are currently using, https://www.globeflower.co.uk, and any sub-domains of this site unless expressly excluded by their own terms and conditions.|
|User or you||any third party that accesses the Website and is not either (i) employed by The Globeflower Agency Ltd / Globeflower Books and acting in the course of their employment or (ii) engaged as a consultant or otherwise providing services to The Globeflower Agency Ltd and accessing the Website in connection with the provision of such services.|
|GDPR||The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU.|
|Cookies||a small text file placed on your computer by this Website when you visit certain parts of the Website and/or when you use certain features of the Website. Details of the cookies used by this Website are set out in the clause titled Cookies.|
UK and EU Cookie Law
|the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended by the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011.|
|“including”||is understood to mean “including without limitation”.|
We are working hard on complying with the full detail of the GDPR rules. Here is a summary of what we have been doing:
- Analysed and identified what data we collect, why, and and how we collect, store, and safely remove personal data.
- Obtaining consent from all of our existing email subscribers.
- Audited our list of suppliers who may process data – checked their GDPR compliance including their processes to secure your data, and ensured that they meet the Privacy Shield
- We have taken further security measures to keep your data secure, both in the cloud and our IT systems. Our website is now McAfee SECURE Certified
- Added active consent tick-in boxes to all our forms.
- Updated our Cookie Consent Policy.
- Introduction and scope
- Data collected
We may collect the following Data, which includes personal Data, from you including:
- Identity Data: First name and surname.
- Contact Data: Email address, billing address, delivery address, and telephone number.
- Transaction Data: Any purchases and payments made to us.
- Technical Data: Login data, browser type, time zone setting, and location etc (IP address tracking disabled in comments and contact forms).
- Profile Data: Username and password for this website (and subsites), your interests. (books, arts etc), preferences, feedback and survey responses.
- Usage Data: How you use our website, services, and products.
- Marketing and Communications Data: Your marketing and communication preferences from us and our third parties.
We do not collect any sensitive data about you (i.e. ethnicity, religious beliefs, sexual orintation, health, genentics, criminal offences etc)
We have disabled the tracking of your IP address in all of our forms, the comments function, and in Google Analytics.
- How we collect data
We collect data using various methods, icluding:
Direct Interaction: When you fill in any forms on our websites or when you communicate with us via email, post, phone, or social media and also:
- Order our products and services.
- Create an account with us.
- Subscribe to our publications.
- Enter a competition or prize draw.
- Request information to be sent to you.
- Take part in a survey or provide us with feedback.
- Leave a comment on our blog.
Automated technologies and interactions: Whilst you use our website, we may automatically collect Technical Data through cookies, servers logs, and similiar technology. If you would like to disable cookies, please visit our Privacy Center.
We use Google Analytics in order to improve our website and services. In this instance, Google is the Data Processor and The Globeflower Agency Ltd is the Data Controller.
In order to comply with GDPR, we have ensured that our Google Analytics embedded tracking code has IP Anonymization. This means that your IP address will not be tracked or used by Google Analytics.
You can opt out of being tracked by Google Analytics via our Privacy Center.
To opt out of being tracked by Google Analytics across ALL websites, visit http://tools.google.com/dlpage/gaoptout.
- Our use of Data
We will only use your personal data when legally permitted to do so, including:
- Perform a contract of services (PR, web design, graphic design, marketing work, book publishing, event hosting)
- Provide you with a free or paid product that you ordered.
- Give you access to any forum, course, or online resource centre that we have on our website and any sub-domains.
- Internal record keeping for legal and regulatory obligation (Tax etc)
- Send you an e-newsletter that you have double opted-in to and can unsubscribe from at any time via the ‘unsubscribe’ button, via our Privacy Center, or emailing email@example.com
We will retain any Data you submit for 12 months (unless we are lgeally required to hold it for longer, i.e. for tax purposes.)
All personal Data is stored securely in accordance with GDPR. For more details on security see the clause titled Security.
- Marketing Communications
You will only receive marketing communication from us, if you have:
Voluntarily provided us with your details and ticked the box providing consent for us to send you marketing communications and in each case you have not opted out of receiving that marketing. You can unsubscribe at any time by clicking ‘unsubscribe’ at the bottom of the email, via our Privacy Center, or by emailing our Data Protection Officer at: firstname.lastname@example.org
All of our e-newsletters are handled by MailChimp (GDPR compliant and Privacy Shield certified). We use double optin for subscription. You will only recieve an e-newsletter directly from us, if you have provided consent. You can unsubscribe at any time by clicking ‘unsubscribe’ at the bottom of the email, via our Privacy Center, or by emailing us at: email@example.com
- Disclosure of your personal data
We will only disclose your personal data to the following parties located in the UK and the European Economic Area (EEA) for the reasons explained below:
|HM Revenues & Customes||If you undertake any financial transactions with us (purchasing products and services) we legally have to record all transactions for tax purposes.|
|Professional advisers (accountants, bankers, auditors, insurers, legal etc)||Our accountant processes our financial data, and any payments you make to us will be recorded in our banking system. We are insured and legally covered. Any data relevant to claims would need to be legally provided to our professional advisers.|
|Service Providers (IT and System administration)||We may employ third party IT companies to manage our website and systems. We will ensure any company that we use is GDPR compliant.|
- Third party services providers outside of the EEA
Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European Law has prohibited transfers of personal data outside of the EEA unless the transfer meets the criteria.
The Globflower Agency Ltd currently uses the following third party service providers which are based outside of the EEA.
(The Rocket Science Group LLC )
(Lite Speed Technologies Inc)
|Speed up the website||USA||www.litespeedtech.com/company/privacy-policy|
|Google Analytics||Improve the website||USA|
Any Data used by such parties is used only to the extent required by them to perform the services that we request. Any use for other purposes is strictly prohibited.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
Before our Website places Cookies on your computer, you will be presented with a message bar requesting your consent to set those Cookies.
By giving your consent to the placing of Cookies, you are enabling The Globeflower Agency Ltd to provide a better experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however certain features of the Website may not function fully or as intended.
How to change your Cookie setting
You can manage your cookies on this website via our Privacy Center.
Please note that most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit www.aboutcookies.org or www.allaboutcookies.org.
Find out how to manage cookies on popular browsers:
Our website currently uses the following Cookies:
|Strictly Necessary (SessionCookie)||PHPSESSID||Cookie generated by applications based on the PHP language. This is a general purpose identifier used to maintain user session variables. It is normally a random generated number, how it is used can be specific to the site, but a good example is maintaining a logged-in status for a user between pages.||The Session|
|Analytical/performance||_gid||Google Analytics||14 Months|
|Consent||wordpress_AIO_GDPR_has_seen_cookie_notice||We have installed ‘All-In-One GDPR’ to create a Security Center so that users can manage their privacy settings on this website||One year|
|Session||wp-settings-time-1||Purpose: supports optimized display and use of the wordpress website by the Administrator||One year|
|CloudFlare||__cfduid||We use CloudFlare to speed up page load times. According to CloudFlare, this Cookie it is used to override any security restrictions based on the IP address the visitor is coming from. It does not contain any user identification information.||6 Months|
|We use wpDiscuz on our blog so that you can leave comments and interact with other readers.||You can disable these cookies. Otherwise they are set for 6 months.|
- Accessing your own Data / Subject Access Request
You have the right to ask for a copy of any of your personal Data held by The Globeflower Agency Ltd (where such Data is held) either via contacting our DPO at firstname.lastname@example.org or via our Privacy Center.
- Your right to be forgotten (Erasure Request)
You have the right to have all of your personal data (with the exception of data that is required for legal reasons i.e. financal transactions) removed from all of our systems.
Please submit a request via email, post, or our Privacy Center.
- Links to other websites
Data security is of great importance to The Globeflower Agency Ltd and to protect your Data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure Data collected via this Website.
Our website is McAfee SECURE Certified and we use a number of other well-respcted security software on our website, emails, and electronic equipment.
If password access is required for certain parts of the Website, you are responsible for keeping this password confidential.
We endeavour to do our best to protect your personal Data. However, transmission of information over the internet is not entirely secure and is done at your own risk. We cannot ensure the security of your Data transmitted to the Website.
- Breach Notification
If there is a data breach, we will report it to you within 72 hours, unless the breach is considered harmless and poses no risk to individual data. However if a breach is high-risk, then we will inform all individuals who’re impacted right away.
Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.
This Agreement will be governed by and interpreted according to the law of England and Wales. All disputes arising under the Agreement will be subject to the exclusive jurisdiction of the English and Welsh courts.
- Changes of business ownership and control
We may also disclose Data to a prospective purchaser of our business or any part of it.
In the above instances, we will take steps with the aim of ensuring your privacy is protected.
Updated on: 24 May 2018