LIZ MURRAY MARKETING & DESIGN
t/a Ideas on Food
Liz Murray t/a Ideas on Food [the company] values your privacy and always aims to demonstrate transparency and fairness in the collection and use of client/personal data. This policy is in compliance with the GDPR which is effective from 25th May 2018.
- WHAT IS GDPR?
The GDPR was adopted by the EU Parliament to:
Create consistency within all the member states of the EU as to the rules regarding data protection, implementation of the law, and how the rules are enforced.
Modernise the principles laid out in the 1995 Data Protection Directive (Directive 95/46/EC), which was written before the advent of social media, ‘smart’ mobile devices that now can access things like cameras and geo-location information, and the ubiquity of online services and communications.
Reinforce the rights of individuals to control and protect their personal data.
Strengthen the EU internal market, ensuring stronger enforcement of the rules, streamlining international transfers of personal data and setting global data protection standards.
- WHO DOES THE GDPR APPLY TO?
The GDPR applies to:
- Organisations located within the EU;
- Organisations located outside of the EU if they offer goods or services to (even for free), or monitor the behaviour of, EU residents; and
- Organisations processing and holding personal data of EU residents, regardless of the Organisation’s location.
- WHAT IS PERSONAL DATA UNDER THE GDPR?
The GDPR applies to ‘personal data’ meaning any information relating to an identifiable person (‘data subject’) who can be directly or indirectly identified in particular by reference to an identifier. This definition provides for a wide range of personal identifiers to constitute personal data, including name, identification number, location data or online identifier, reflecting changes in technology and the way organisations collect information about people. The GDPR applies to both automated personal data and to manual filing systems where personal data is accessible according to specific criteria.
- DATA CONTROLLER/PROCESSOR
A data controller is an organisation that determines the purposes, conditions, and means of the processing of personal data. A data processor is an organisation that processes personal data on behalf of a controller. The company in this case is a data processor, working on behalf of clients who are data controllers.
The company works with, and has security login access in many instances, clients’ third party processors and business systems including, but not limited to, providers of: IT systems and website/email hosting, CRM and accounting systems, file sharing/storage systems, contracted business services, transport/courier services, marketing/advertising services, mailing list and e-comms platforms, social media and analytics platforms.
- HOW WE USE PERSONAL DATA
The company uses your data for the following legitimate purposes:
- To enable our business to respond to client enquiries and contacts about the quotation/provision marketing services as advertised in print or online at www.ideasonfood.co.uk and associated social media accounts. Enquiries and contacts include those received through phone calls, emails (including website contact form), post and social media platforms.
- As part of our website’s functionality we use tracking cookies. You can opt out of these via settings on your own browser but this may affect your user experience online.
- To enable provision of contracted marketing services according to clients’ instructions, or the instruction of nominated client contacts.
- To keep in touch with you during the planning and delivery stages of the services you have contracted us to provide.
- To instruct third parties, where appropriate, who may be assisting us in the provision of the marketing services you have contracted.
- We may contact you by phone/email/letter to follow up about the service(s) you have received or to inform you of our other services that may be relevant to you.
- HOW LONG DO WE KEEP PERSONAL DATA?
We will keep your personal data on our secure systems for a minimum of three years from the last time you have contracted marketing services from us, unless you request removal according to your rights under the GDPR.
- SECURITY OF DATA
All client files and contacts including access logins, credit card details and commercially-sensitive documents, whether securely stored in physical files, in the company office/clients’ offices or off site, or held on desktop/hand-held devices, are accessible only by Liz Murray.
All systems, folders and files are password-protected. Passwords are securely stored via Truekey software (which in itself is password-protected and accessible only by Liz Murray). Non-essential client documents and records are routinely shredded and recycled (and if these are digital records/emails they are permanently deleted).
8. YOUR RIGHTS UNDER THE GDPR
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:
- The right to request a copy of your personal data which the company holds.
- The right to request that the company corrects any personal data if it is found to be inaccurate or out of date.
- The right to request your personal data is erased where it is no longer necessary for the company to retain such data.
- The right to withdraw your consent to the processing of personal data at any time.
- The right to request that the data controller provides the data subject with his/her personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability).
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing.
- The right to object to the processing of personal data.
- The right to lodge a complaint with the Information Commissioner’s Office.
To exercise all relevant rights, queries or complaints please in the first instance contact Liz Murray at firstname.lastname@example.org
Or write to: Liz Murray Marketing | No 7 The Old Glove Factory | Sherborne, Dorset DT9 4HP
Contact the ICO on t:0303 123 1113/email: https://ico.org.uk/global/contact-us/email/ or write to: The Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Last updated 11 May 2018