Privacy Policy
We protect your personal data in line with the requirements of the General Data Protection Regulation (GDPR). The GDPR requires data controllers such as ourselves to document our lawful basis for processing personal data. It also gives you rights over how your data is processed. This privacy policy documents the data we collect, why and how we process it, and how to exercise your rights.
Data controller
The data controller responsible for this website is Jesse Highfield, who can be contacted at 19 Abbots Business Park, Primrose Hill, Kings Langley, Herts, WD4 8FR.
This website contains links to third-party websites, which have their own data controllers and privacy policies. This privacy policy applies only to this website.
Lawful basis for processing
For each method by which we collect personal data, this privacy policy documents our lawful basis for processing the data. Where we rely on your consent to process your data, we explain how you can withdraw your consent and delete your data.
Individual rights
The GDPR gives you rights over how your personal data is processed. You can exercise your rights by contacting us. In some cases you can also exercise your rights through automated systems, as described at the relevant points in this privacy policy.
Security
The GDPR requires us to implement appropriate technical measures to protect data. We verify the identity of any individual who requests access to data before granting access. We use Transport Layer Security (TLS, also known as SSL) to encrypt any data you supply to us through our website. Additional technical measures are described at the relevant points in this privacy policy.
Disclosures
In addition to any sharing of data described elsewhere in this privacy policy, we may disclose data for legal reasons. If we suspect criminal activity we may disclose data relating to those involved or affected to the appropriate authorities. We may also be obliged to disclose data if we receive a request from an appropriate authority.
Changes to this privacy policy
We may occasionally make changes to this privacy policy. Following any changes, the date at the top of this privacy policy will be updated. If any change allows for wider access to data, such changes will only apply to data collected after the date of the updated privacy policy.
Cookies
Cookies are small pieces of text that are stored by your browser. Each cookie has a name and is associated with a particular site. When your browser sends a request to a site (for example, to download a page, image, or video), the computer that responds (known as a server) may tell your browser to set one or more cookies. When your browser makes further requests to the same site it sends the cookies back to the server. This allows the server to remember you as you browse the site, and provide features such as shopping baskets or password-protected areas. For more information on the cookies we use, see our cookie policy.
Data collected by third parties on our behalf
Fifteen Three Digital
Our site is hosted by Fifteen Three Digital Limited (registered company number 09033201 in England and Wales). Fifteen Three Digital logs all requests in order to determine the causes of reported faults and to detect and block suspicious traffic. The log records the time of the request, your IP address, the requested resource, the referring site (if specified by your browser), and your browser’s user agent string (which will usually include the name and version of your browser and operating system). Log files are deleted after ninety days.
Lawful basis for processing: Compliance with a legal obligation
Why? To comply with the GDPR obligation to implement appropriate technical measures to protect data
Google Analytics
We use Google Analytics to track visitor interaction with our site in order to produce statistical reports. Google collects details of the pages you view and the time you viewed them, the features of your browser, and your IP address. For more information on how Google handles the data it collects, see Google’s privacy policy.
Lawful basis for processing: Pursuance of our legitimate interests
Why? To allow us to analyse how visitors interaction with our site in order to improve our site and our services
Other data collected by third parties
iThemes Security
The IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 7 days.
This site is scanned for potential malware and vulnerabilities by the iThemes Site Scanner. We do not send personal information to the scanner; however, the scanner could find personal information posted publicly (such as in comments) during the scan.
Security logs are retained for 7 days.
This site is part of a network of sites that protect against distributed brute force attacks. To enable this protection, the IP address of visitors attempting to log into the site is shared with a service provided by ithemes.com. For privacy policy details, please see the iThemes Privacy Policy.