What is this Policy for?
The policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the users, the website, and website owners.
Furthermore, the way this website processes, stores and protects user data and information will also be detailed within this policy.
This website and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies with all EU and UK national laws and requirements for user privacy.
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (“GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
Under the GDPR, you have the following rights, which we will always work to uphold:
- The right to access the personal data we hold about you;
- The right to be forgotten;
- The right to prevent the processing of your personal data;
- The right to object to us using your personal data for a particular purpose or purposes.
- The right to data portability;
- Rights relating to automated decision-making and profiling. (We do not use any of your personal data in this way).
Data we collect
Depending on your case, enquiry, or application, we may collect some or all of the following data from you, if applicable:
- Date of Birth;
- Email address;
- Mobile number;
- Telephone number;
- Business name;
- Job title;
- Payment information;
- Other personal information as required for performance of our services.
Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive, they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors.
Other cookies may be stored to visitors’ computer’s hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.
Contact & Communication
Users contacting this website, and/or its owners do so at their own discretion and provide any such personal details requested at their own risk. Their personal information is kept private and stored securely until a time it is no longer required or has no use, as detailed in the Data Protection Act 2018. Every effort has been made to ensure a safe and secure form to email submission process but advise users using such form to email processes that they do so at their own risk.
This website and its owners use any information submitted to provide users with further information about the products / services offered or to assist them in answering any questions or queries they may have submitted. This includes using users’ details to subscribe them to any email, newsletter, program the website operates but only if this was made clear to users and their express permission was granted when submitting any form to email process or whereby the user has previously purchased from or enquired about purchasing from the company a product or service that the email newsletter relates to.
This is by no means an entire list of users’ rights in regard to receiving email marketing material. Their details are not passed on to any third parties.
This website operates an email newsletter program, used to inform subscribers about products and services supplied by this website. Users can subscribe through an online automated process should they wish to do so but do so at their own discretion. Some subscriptions may be manually processed through prior written agreement with the user.
Subscriptions are taken in compliance with UK Spam Laws detailed in the Privacy and Electronic Communications Regulations 2003. All personal details relating to subscriptions are held securely and in accordance with the Data Protection Act 2018. Personal details are only passed on to GDPR compliant third parties for the management of this website and the distribution of the newsletter. Under the Data Protection Act 2018, subscriber may request a copy of personal information held about them by this website’s email newsletter program. A small fee will be payable. If they would like a copy of the information held on them, they will have to write to the Data Protection Officer at the bottom of this policy.
Email marketing campaigns published by this website or its owners may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database for future analysis and evaluation. Such tracked activity may include; the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity [this is by no far a comprehensive list].
This information is used to refine future email campaigns and supply the subscriber with more relevant content based around their activity.
In compliance with UK Spam Laws and the Privacy and Electronic Communications Regulations 2003, subscribers are given the opportunity to unsubscribe at any time through an automated system. This process is detailed at the footer of each email campaign. If an automated un-subscription system is unavailable clear instructions on how to unsubscribe will by detailed instead.
Although this website only looks to include quality, safe and relevant external links, users should always adopt a policy of caution before clicking any external web links mentioned throughout this website.
The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should therefore note that they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Adverts and Sponsored Links
This website may contain sponsored links and adverts. These will typically be served through our advertising partners, to whom may have detailed privacy policies relating directly to the adverts they serve.
Social Media Platforms
Communication, engagement and actions taken through external social media platforms that this website and its owners participate on custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. This website nor its owners will ever ask for personal or sensitive information through social media platforms but instead encourage users wishing to discuss sensitive details to contact them through primary communication channels such as telephone or email.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save their request to share a web page respectively through their social media platform account.
Shortened Links in Social Media
This website and its owners, through their social media platform accounts, may share web links to relevant web pages. By default, some social media platforms shorten lengthy url’s.
Users are advised to take caution and good judgement before clicking any shortened url’s published on social media platforms by this website and its owners. Despite the best efforts to ensure only genuine url’s are published, many social media platforms are prone to spam and hacking and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.
During the course of an engagement, clients may disclose their personal data to Barar & Associates in order for us to provide our services to them, discharge the services agreed in our engagement letter, comply with related legal and regulatory obligations and for other related purposes.
The processing of personal data is regulated in the United Kingdom by the General Data Protection Regulation EU 2016/679 as supplemented by the Data Protection Act 2018 together with other laws which relate to privacy and electronic communications. In this clause, we refer to these laws as “Data Protection Law“.
In providing our services, we act as an independent controller and are, therefore, responsible for complying with Data Protection Law in respect of any personal data we process in providing our services to our clients. We confirm when processing data on our clients’ behalf that we will comply with the provisions of all relevant data protection legislation and regulation.
Clients are also independent controllers responsible for complying with Data Protection Law in respect of the personal data they process and, accordingly, where they disclose personal data to Barar & Associates, they confirm that such disclosure is fair and lawful and otherwise does not contravene Data Protection Law. Nothing within our engagement letter relieves our clients as a data controller of their own direct responsibilities and liabilities under data protection legislation and regulation.
How long will we keep your personal data?
We will not keep your personal data longer than is necessary in light of the reason(s) for which it was first collected.
How and where do we store your personal data?
We will store or transfer your personal data in the UK. This means that it will be fully protected under the GDPR and other data protection laws.
On occasions it might be required to transfer your personal data within the European Economic Area (the “EEA”). The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein. This means that your personal data will be fully protected under the GDPR or to equivalent standards by law.
We might also be required to transfer some or all of your personal data in countries that a re not part of the European Economic Area (the “EEA” consists of all EU members states, plus Norway, Iceland, and Liechtenstein). These are known as “third countries” and may not have data protection laws that are as strong as those in the UK and/or the EEA. This means that we will take additional steps in order to ensure that your personal data is treated just as safely and securely as it would be within the UK and under the GDPR and other data protection laws.
Can you withhold your information?
You may access this site without providing any personal data at all. However, to use all features and functions available on this website, you may be required to submit or allow for the collection of certain data.
How can you access your personal data?
If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.
All subject access requests should be made in writing and sent by email to firstname.lastname@example.org or by post to Barar & Associates Ltd, 11-12 Tokenhouse Yard, London, EC2R 7AS.
There is not normally any charge for a subject access request. If you request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will respond to your subject access request within 30 days. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be fully informed of the progress.
By providing your personal data, we may during and after the course of our engagement send them marketing emails such as newsletters from time to time until. In doing so, we confirm that we will comply with the provision of all relevant data protection legislation and regulation in respect of any personal data we process when sending you marketing communications.
You can withdraw your consent for us to use your personal data in marketing communications by emailing our Data Protection Officer, Pam Barar, at email@example.com or by unsubscribing from the link on the marketing communication at any time.
Data Protection Officer
Resources & Further Information
Data Protection Act 2018
Privacy and Electronic Communications Regulations 2003
Privacy and Electronic Communications Regulations 2003 – The Guide
Edited & customised by Webworks.