Updated: 25th May 2017
For the purposes of the data protection & privacy legislation the Data Controller is:-
Nigel Hellewell (“I”,”we,” “us,” “our”)
Legal Status : Sole Trader
Trading as: eNaycH Data Protection & Privacy Consultancy &
www.enaych.com, www.enaych.co.uk & www.wPUPdate.co.uk
18 Higher Elmwood
Devon, UK, EX31 3SG
Maintaining your privacy and your trust is very important. We strive to be especially clear on how we use your personal information if and when we collect it, and on the ways in which we can work together to protect your privacy.
Data Protection Act 1998 & General Data Protection Regulation (also known as Regulation (EU)2016/679 or “GDPR”) (enforced from 25th May 2018)
- Our overriding general principles
- What products and services this policy covers
- What information we might collect from you and store, and why
- How we get your consent for the collection and storing of your information
- How we use that information
- Your rights and choices with respect to your information
- How you can access and update your information
- The steps we take to protect your information
- What happens if/when our policy changes
- Special information regarding children.
- How to contact us directly with questions
Overriding General Principles
If and when we gather and process your personal information, we are guided by the following best practical principles:
- Personal data must be processed fairly, lawfully, and in a transparent manner.
- Personal data must only be collected for specified, explicit and legitimate purposes and must not be further processed in a manner that is incompatible with those purposes.
- Personal data must be adequate, relevant and limited to only what is necessary in relation to the purposes for which they are processed.
- Personal data must be accurate and kept up to date. Inaccurate data should be updated or deleted.
- Personal data should be kept in identifiable format for no longer than necessary.
- Personal data should be kept secure.
- We are committed to the principles of data protection by design and data protection by default.
What products and services are covered by this policy?
What information do we collect from you, and how is it used?
From you directly: You can visit our website without telling us who you are and without revealing any personal information about yourself. To provide full service however, we will most often need to collect some personal information. For instance, we collect information about you when you register for an account and when you create or modify your personal data on one of our Services. The types of Information we collect may include email address, country of residence, and (optionally) your name and phone number.
Logs: We may record certain information and store it in log files when you interact with our Services. This information may include Internet protocol (IP) or other device addresses or ID numbers as well as browser type, Internet service provider, URLs of referring/exit pages, operating system, date/time stamp, information you search for, locale and language preferences, your mobile carrier, and system configuration information.
Analytics: We and our analytics providers also collect and store analytics information when you use our Services to help us improve our Services. We make sure this data is anonymous by not connecting any analytics data to personally identifiable data such as a name, email address, physical address, or phone number.
Third Party Services: We may obtain information, including personal information, from third parties such as our partners and service providers, and combine it with other information we collect from you.
How do we get your consent for collecting and storing your information?
Prior to asking for your consent to collect personal information from you for any aspect of our Services, it is our policy to make available the highest possible quality information explaining your options at the point of consent. To the extent possible, we believe that pre-consent “Notice” should be explicit, specific, informed, and intelligible. And, it should be easily accessible and use clear and plain language. Wherever practicable we will provide sufficient information prior to gathering consent, providing you with an informed choice.
As to content of this notice, as appropriate, it should clearly set forth:
- Who is collecting the data, and why
- The legal basis under which your data is being collected
- A description of what your data will be used for
- Any data processors the data controller hopes to use
- How long the data controller will keep the personal data, or how that period is calculated
- If automated processing is used the notice should reveal where data subjects may lodge complaints
- The existence of the right to be forgotten
- Whether the controller intends to further process the data
- Information on how to reach the data collector
Once proper information supporting your options have been presented, you can make your informed choice for positive explicit consent (often called opt-in), or withhold your consent (often called opt-out).
How do we use the information we collect?
We may use the information we collect for a variety of purposes, including to:
- Make our Services work for you;
- Provide, operate, maintain, improve, personalise, and promote our Services;
- Develop new products, services, features, and functionality;
- Process and complete transactions, and send you related information, including purchase confirmations and invoices;
- Communicate with you, including responding to your comments, questions, and requests; providing customer service and support;
- Providing you with information about services, transmitting technical notices, updates, security alerts, administrative messages, or advertising or marketing messages;
- Providing other news or information about us;
- Monitor and analyse trends, usage, and activities in connection with our Services;
- Investigate and prevent fraudulent transactions, unauthorised access to our Services and other illegal activities;
- We may also use the information we collect for other purposes about which we notify you in subsequent versions of this document.
How might we share information?
We are not in the business of selling your personal information. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may share your personal information with third parties, as set forth below:
With your express consent: We will not share your personal information with companies, organisations, or individuals who are not associated with us unless we have your affirmative consent to do so.
Payment Processing: We use third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use billing information except for the sole purpose of credit card processing.
Agents, Consultants and Related Third Parties: We sometimes hire other companies to perform certain business-related functions on our behalf. Examples of such functions include mailing information, maintaining databases, maintaining Websites, analytics, marketing, and processing payments. When we employ another company to perform a function of this nature, we only provide it with the information that it needs to perform its specific function. Some of these partners such as analytics providers may collect information about your online activities over time and across different online services when you use our Services.
Compliance with Laws and Law Enforcement Requests; Protection of Our Rights: We may disclose your information (including your personal information) to a third party if:
- We believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request
- To protect the security or integrity of our products and services
- To protect our property, rights, and safety and that of our customers or the public from harm or illegal activities
- To respond to an emergency which we believe in the good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person; or
- To investigate and defend ourselves against any third-party claims or allegations.
We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. We will notify you of such a change in ownership or transfer of assets by posting a notice on our website.
Aggregate or Non-identifying Data:
We may share aggregate or other non-personal information that does not directly identify you with third parties in order to improve the overall experience of our Services.
What are your rights and choices with respect to your information?
Our policy is to always provide you with an informed choice where providing your personal information is concerned. In all of our operations regarding your privacy, we strive for full compliance with the European Union’s General Data Protection Regulation (also known as Regulation (EU)2016/679 or “GDPR”). The GDPR offers a number of Rights of Data Subjects which we respect as your rights. A partial list includes:
- The right to have information presented to you in a concise, transparent, intelligible, and easily accessible form, using clear and plain language.
- The right to have access to your data and the ability to correct inaccuracies and omissions.
- The right to be informed about your data including what data is processed, and the purpose for which it is processed.
- The right to object – If you ask, we will stop processing your data.
- The right of erasure, or right to be forgotten – If you ask, we will erase the personal data that we hold.
You may decline to share certain personal information with us, in which case we may not be able to provide some of the features and functionality of our Services. You may make changes to your personal information at any time by logging onto the appropriate service web page and navigating to the account settings page. You may optionally choose to never receive normal email communications from us.
How can you access and update your information?
Manual requests made to us to access, change or delete personal information will be addressed within 15 days. We will only retain your personal information for as long as your account is active or as needed to provide you products or services. We will retain and use your personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
What steps do we take to protect your information?
The security of your personal information is very important to us. When you enter personal, sensitive information on our registration pages or dashboards, we follow generally accepted security standards to protect the personal information submitted to us, both during transmission and once it is received. If you have any questions about the security of your personal information, please contact us at the address at the top of this policy.
How long we keep your personal data
We are required under UK tax law to keep your basic personal data (name, address, contact details) for a minimum of 6 years after which time it will be destroyed. Your information we use for marketing purposes will be kept with us until you notify us that you no longer wish to receive this information.
How do we address the privacy of children?
Children could potentially try to use some of our Services. We do not knowingly collect personal information from children under the age of consent in your location. Instead, our Services will guide a child to ask a responsible adult to create an account, prove their identity, and give their parental consent for us to collect that child’s personal information. If we become aware that a child under the age of consent has provided us with personal information without a parent or guardian’s consent, we will take steps to delete such information. If you become aware that a child has provided us with personal information without parental consent, please contact us at the address at the top of this policy.
What if I have questions about this policy?
If you have any questions or comments about our privacy policies, about your personal information, about our use and disclosure practices, or about your consent choices, please email us at the address at the top of this policy and we will respond promptly.
Data Processor Information
The following third-party service providers are used by us and only process data in accordance with the instructions from the data controller:–
|PayPal (Europe) S.à r.l. et Cie, S.C.A.|
|The Rocket Science Group LLC (Mailchimp)|
Although this website only looks to include quality, safe and relevant external links, users are advised adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text / banner / image links to other websites).
The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should therefore note they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Adverts and Sponsored Links
This website may contain sponsored links and adverts. These will typically be served through our advertising partners, whom may have detailed privacy policies relating directly to the adverts they serve.
Social Media Platforms
Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. Neither this website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
Shortened Links in Social Media
This website and its owners through their social media platform accounts may share web links to relevant web pages. By default some social media platforms shorten lengthy urls [web addresses] (this is an example: http://bit.ly/zyVUBo).
Users are advised to take caution and good judgement before clicking any shortened urls published on social media platforms by this website and its owners. Despite the best efforts to ensure only genuine urls are published many social media platforms are prone to spam and hacking and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.
Resources & Further Information
•Data Protection Act 1998
•Privacy and Electronic Communications Regulations 2003
•Privacy and Electronic Communications Regulations 2003 – The Guide
The wording used on this website (“site”) is strictly for information purposes only to highlight the importance of giving due consideration to personal data protection and the legal obligations.
This site uses summarised information from the Data Protection and Privacy legislation and should not be used as a definitive legal document in any event.
Should you require more detailed information please contact us so that we can discuss your specific requirements.
Use of this site and the services provided by the data controller (see privacy) are subject to the following terms and conditions.
- Your use constitutes acceptance of these terms and conditions as of the date of your first use of the site.
- We reserve the right to change these terms and conditions at any time by posting changes on the website. Your continued use of this site after changes are posted constitutes your acceptance of this agreement as modified.
- You agree to use this site only for lawful purposes, and in a manner which does not infringe the rights, or restrict, or inhibit the use and enjoyment of the site by any third party.
- This site and the information, names, images, pictures, logos regarding or relating to us are provided “as is” without any representation or endorsement made and without warranty of any kind whether express or implied.
- We do not warrant that the functions contained in the material contained in this site will be uninterrupted or error free, that defects will be corrected, or that this site or the server that makes it available are free of viruses or bugs or represents the full functionality, accuracy and reliability of the materials.
- Copyright restrictions:
Commercial use or publication of all or any item displayed is strictly prohibited without prior authorisation from us. Nothing contained herein shall be construed as conferring any licence by us to use any item displayed.
- We take no responsibility for the content of external websites. Any other internet sites that we link to are owned and operated by third parties and we have no control over them. If we include links to other websites this does not mean that we approve of or endorse any other third party website or the content of that website. We accept no liability for any statements, information, products or services that are published on or are accessible through any websites owned or operated by third parties.
- These terms and conditions shall be governed and construed in accordance with the laws of England and Wales. Any disputes shall be subject to the exclusive jurisdiction of the courts of England and Wales.
- If these Terms and Conditions are not accepted in full, the use of this site and our services must be terminated immediately.
– Initial consultation or evaluation duration is 30 minutes.
– This service is free, subject to us being contracted to undertake any subsequent work within 15 days.
– If no contract is entered into as above then the pro rata hourly rate and/or travel and disbursements may be charged.
– You may be asked to complete an order booking prior to the consultation commencing
The quoted prices to not include travel and disbursements. These will be charged at cost, by prior agreement. Any cancellations within 7 days of the date of the event may be charged at full cost if the booking cannot is not refilled, or re-appointed.
Prepayment may be required for individuals booking training sessions or advice, or a deposit followed by balance payment. If for what ever reason we cancel the training session a full refund will be issued.
Payment terms are strictly 30 days net for larger organisations and invoicing only available with a valid purchase order number.