By visiting www.greenparlour.com (“our site”) you are accepting and consenting to the practices described within this policy.
For compliance to the General Data Protection Regulation (EU) 2016/679 the Data Controller is Paul Sampson, Director of Ltd of 34 Mansfield Road, Reading, RG1 6AJ.
What Information do we collect or process?
Information you give to us by filling in forms on our site or by contacting us by phone, email or otherwise. This includes information you provide to us when you register to our site, subscribe to the services we provide, participate in our discussion boards, blogs or twitter feed, enter into a survey or promotion and when you report a problem. This includes information such as your name, email address, company name, address and phone number.
Information we collect from you automatically when you sign up to our site. This includes:
- Technical information including the Internet Protocol (IP) address, browser type, domain names, internet service provider, operating system, clickstream data; and
- Information about your visit including, the pages viewed on our site, length of visit, referring website and geographic location.
- Marketing Information To understand the effectiveness of our advertising in order to better serve our users.
- Personal and contact details such as title, Full name and contact details used to send marketing information if opted in and for the purpose of contract fulfilment
- LinkedIn messages, we may link to relevant articles posted to groups that are relevant to our audience
- To provide you with information about other services we offer that are similar to those that you have already purchased or enquired about
- Information provided to us by Partners, such as requests for marketing information you have requested by attending an affiliated event
- Records of your contact with us
- Products and services – to help us fulfil our contractual obligations with you.
- Details of services provided by our suppliers, to help us fulfil our contractual obligations with you.
- Strictly necessary cookies that are required for the operation of our website. For example, cookies that enable you to log in to our secure areas.
- Analytical/performance cookies that allow us to recognise and count the number of visitors to our site and how visitors move around our site.
- Functionality cookies that are used to recognise you when you return to our site.
- Targeting cookies that record your visit to our site including the pages you have visited and links you have followed.
Examples of cookies we use
Our site may use Log Files that
- collect demographic information not linked to your personal data. This may include your postal code, age, gender, preferences, interests and favourites.
- collect information such as your IP address, browser type, domain names, internet service provider, files viewed on our site, operating system, clickstream data, access times and referring website addresses. This information may be linked to your personal data such as your name, email address, telephone number and address.
- Our site uses a software called clear gifs (also referred to as Web Beacons/Web Bugs). Clear gifs sit on web pages or emails and help us understand the effectiveness of our communications and web pages. Information gathered by the clear gifs used in our emails links to your personal information.
- Parts of our site may use Adobe Flash Cookies to remember your settings, preferences and usage of our site.
How Do We Use Your Information?
Our Main Uses
- To fulfil any contract we have with you in order to provide our services; these include:
- Negotiation, provision and management of a product or service
- To test the effectiveness of any product or service offered
- To obtain feedback relating to our products services and processes
- To share information with our business partners for the purpose of provision of services – such as couriers and payment providers
- For regulatory or legal purposes such as financial accounting
- To understand the effectiveness of our advertising in order to better serve our users.
Our Technical Uses
- For operational purposes when running our site, including for troubleshooting, data analysis, testing, research, statistical and survey purposes;
- To improve our site for your use;
- To allow you to get involved with our interactive features; and
- To keep our site safe and secure.
Who has access to your personal data?
We will retain access to all personal data that we collect from or about you.
By using our site, you agree that we can share your personal information within any business that is controlled or managed by Ltd, or with selected third parties including:
- Our business partners, such as payment providers
- Our website host provider;
- Advertisers and advertising networks that we use for our marketing; and
- Any analytic providers that assist us in the improvement and optimisation of our site.
We may disclose your personal information to third parties:
- If we are required to do so by law or in order to comply with any legal obligations;
- If our business is sold or merged, or if we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets; and
- If we offer or supply you a service that is provided on our behalf by a third party.
We will retain your personal data in the following ways
- Personal data will be retained for a maximum of 6 years
- Financial transactions will be retained in line with current HMRC regulations
Where do we store your personal data?
The data that we collect from you may be transferred to and stored at, a destination outside of the European Economic Area (“EEA”), by any of the above third parties, but not by Ltd. It may also be processed by staff operating outside the EEA who work for such third parties or for one of our suppliers and includes suppliers operating in the US.
Whilst destinations outside of the EEA may not have equivalent obligations for the protection of personal data, we are under a duty to ensure, so far as is reasonably necessary, that the storage and use of your data outside of the EEA is processed and stored securely and in accordance with this policy.
Unfortunately, the transmission of information via the internet is not completely secure. We do our best to protect your personal data, but we cannot guarantee the security of your data transmitted to our site. Any transmission of data is at your own risk.
When transferring your data outside of the EEA we will only use companies with have a valid EU-US Privacy Shield in place (https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_en)
What are the legal grounds for processing personal data?
We utilise the following basis:
- Consent – All marketing information is provided via an opt-in mechanism
- Contractual – all necessary requirements for provisioning services for you
- Legal Obligation – Statutory reporting for financial and crime management purposed
- Legitimate Interests – where we feel our products or services may support you in your project often referred to as a ‘Soft opt-in’
Under the General Data Protection Regulation (GDPR) you have the following rights with us:
- Your Right to be informed – this covers the data we hold on you and how it is processed
- The right of access – the GDPR Articles 1 15 and Recital 63 makes the provision to make a Subject Access Request (SAR) we will provide confirmation of data is being processed; access to their personal data; and other supplementary information. This will be provided free of charge within 1 month of proof of a valid request
- The right to rectification – request inaccurate personal data rectified, or completed if it is incomplete. This request can be made verbally or in writing. This will be actioned within one calendar month.
- This right is closely linked to the controller’s obligations under the accuracy principle of the GDPR (Article (5)(1)(d)).
- The right to erasure (right to be forgotten) – Individuals can make a request for erasure verbally or in writing. All requests will be actioned within one calendar month but the right is not absolute and only applies in certain circumstances.
- The right to restrict processing – This is not an absolute right and only applies in certain circumstances. We may still store the personal data, but not use it. The request can be made verbally or in writing and we will respond within one calendar month
- The right to object – this includes processing based on legitimate interests or the direct marketing (including profiling
If you have any questions, comments or requests in relation to our processing of your data please email firstname.lastname@example.org
You have the right to ask us not to process your personal data for marketing purposes at any time, and You can exercise your right to prevent such processing by ticking any relevant boxes on the forms we use to collect your data, or by emailing email@example.com
Our site may contain links to third-party websites. Please note that these third parties have their own privacy policies and we do not accept any liability or responsibility for these policies. Please check these policies before you submit your personal data to their websites.
Your Right to complain
If you have a complaint about how we are processing your personal data, you have the right to complain to the supervisory authority. In the UK this is the Information Commissioners Office https://ico.org.uk/concerns
Changes to this policy
Any changes we make to this policy in the future will be posted on this page and, where appropriate, notified to you. Please check back frequently to see any updates or changes.
If you need to contact us, please email firstname.lastname@example.org