At Cariad Web Design we take your privacy seriously and are committed to keeping you fully informed of your rights in relation to your personal data and how to contact us or supervisory authorities in the event you have a complaint. We aim to act transparently at all times and to provide you with accessible information on how we use your personal data.
This Policy sets out in detail the type of personal information we may collect about you when you use our website and services. It also explains how and when we will use, store and protect that information.
We will collect personal data on our website only if it is directly provided to us by you, the user, and therefore has been provided by you with your consent. We may collect the following information: your email address, name, job title, home or work address, and telephone number. Normally you will only provide such details if you submit the contact form or web form on our website or sign up for our free newsletter or other resources such as downloadable PDFs.
We also use analytical and statistical tools that monitor details of your visits to our website and the resources that you access including, but not limited to, traffic data, location data, weblogs and other communication data (but this data will not identify you personally).
We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK General Data Protection Regulation (UK GDPR). We are also subject to the EU General Data Protection Regulation (EU GDPR) in relation to goods and services we offer to individuals in the European Economic Area (EEA).
The information that we collect and store relating to you is primarily used to enable us to provide our services to you, and to meet our contractual commitments to you, including internal record keeping. In addition, we may use the information for the following purposes:
You have the right to opt out of us processing your personal data for marketing purposes by contacting us at email@example.com.
We may share your data with third parties, if necessary, when we use them to help deliver our products and/or services to you, e.g. payment service providers, warehouses and delivery companies. We may also share your data with other third parties we use to help us run our business, e.g. marketing agencies or website hosts, as well as third parties approved by you, e.g. social media sites you choose to link your account to.
We only allow third parties to handle your personal data if we are satisfied they take appropriate measures to protect your personal data.
We may disclose your information to regulatory bodies to enable us to comply with the law and to assist fraud protection and minimise credit risk.
Please note that we do not reveal information about identifiable individuals to our advertisers, but we may, from time to time, provide them with aggregate statistical information about our visitors.
Personal data may be held at our offices and on our systems, and those of our third party agencies and service providers as described above. Some of these third parties may be based outside the UK/EEA.
As part of the services offered to you, for example through our website, it is sometimes necessary for us to share your personal data outside the UK/EEA, as we use remote website server hosts to provide the website and some aspects of our service, which may be based outside of the UK/EEA, or use servers based outside of the UK/EEA – this is generally the nature of data stored in ‘the Cloud’. It may also be processed by staff operating outside the UK/EEA who work for one of our suppliers, e.g. our website server host, or work for us when temporarily outside of the UK/EEA.
Under data protection law, we can only transfer your personal data to a country or international organisation outside the UK/EEA where: (a) the UK government or, where the EU GDPR applies, the European Commission has decided the particular country or international organisation ensures an adequate level of protection of personal data (known as an ‘adequacy decision’); (b) there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for data subjects; or (c) a specific exception applies under data protection law.
We will keep your personal data while you have an account with us or we are providing products and/or services to you. We will not keep your personal data for longer than necessary.
Some emails that we send you have no tracking in at all, e.g. service emails with invoices attached. Other emails include tracking so that we can tell how much traffic those emails send to our site, but we do not know who has clicked so the data is anonymous, e.g. our monthly newsletter. For some emails we can track, at an individual level, whether the user has opened and clicked on links in the email. We use the latter information at a personal level, to understand open and click rates on our emails to try to improve them.
If you want to be sure that none of your email activity is tracked then you can opt out of these emails, which you can do by emailing ‘UNSUBSCRIBE’ to firstname.lastname@example.org.
The transmission of information via the internet or email is not completely secure. However, we have put security measures in place by installing a Secure Socket Layer (SSL) on our website, which encrypts all data submitted via the online contact forms and web forms and protects your personal data. We cannot guarantee the security of data while you are transmitting it to our site; any such transmission is at your own risk. Once we have received your personal data, we will use our strict procedures and security features to try to prevent unauthorised access.
You may find links to third party websites on our website. These websites should have their own privacy policies, which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.
On many of the pages of our website you will see ‘social buttons’. These enable users to share or bookmark the web pages. There are buttons for: Twitter, Facebook, LinkedIn, Instagram. In order to implement these buttons and connect them to the relevant social networks and external sites, there are scripts from domains outside of Cariad Web Design’s domain. You should be aware that these sites may collect information about what you are doing on the internet, including on our website. So, if you click on any of these buttons, these sites will be registering that action and may use that information. In some cases, these sites will be registering the fact that you are visiting our website, and the specific pages you are on, even if you don’t click on the button while you are logged into their sites. You should check the respective privacy policies of each of these sites to see exactly how they use your information and to find out how to opt out or delete such information if you wish.
You have the right to access information held about you by us free of charge. Please write to us or contact us by email if you wish to request confirmation of what personal information we hold relating to you. You can write to us at Cariad Web Design, Wilton House, 3 Cowbridge, Hertford, SG14 1PG or email email@example.com. We will provide this information within one month of you requesting the data.
You have the right to change the permissions that you have given us in relation to how we may use your data. You also have the right to request that we cease using your data or that we delete all personal data records that we hold relating to you. You can exercise these rights at any time again by writing to us at Cariad Web Design, Wilton House, 3 Cowbridge, Hertford, SG14 1PG or email firstname.lastname@example.org.
For further information on each of those rights, including the circumstances in which they apply, please contact us or see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights.
Please contact us if you have any query or concern about our use of your information. We hope we will be able to resolve any issues you may have.
You also have the right to lodge a complaint with the Information Commissioner or any relevant European data protection supervisory authority. The Information Commissioner may be contacted at https://ico.org.uk/make-a-complaint or telephone 0303 123 1113.