1) Privacy and data protection
Data is a liability, it should only be collected and processed when absolutely necessary.
We hate spam as much as you do!
We will never sell, rent or otherwise distribute or make public your personal information.
2) Relevant legislation
In addition to our operational and internal IT systems, this website has been designed to comply with the following national and international legislation regarding data protection and user privacy:
EU Data Protection Directive 1995 (DPD)
EU General Data Protection Regulation 2018 (GDPR)
UK Data Protection Act 1988 (DPA)
3) Personal information this website collects and why we collect it
This website collects and uses personal information for the following reasons:
3.1) Website traffic tracking
Like most websites, this one uses Google Analytics (GA) & Hotjar to track user activity. We use this data to determine the number of people using our website, to better understand how they find and use our pages, and to see their journey through the site.
Although GA and Hotjar record data such as your geographic location, your device, your web browser, and your operating system, none of this information personally identifies you to us. GA & Hotjar also record your computer’s IP address, which could be used to identify you, but Google & Hotjar do not provide us with access to this. We consider Google as well as Hotjar to be third party data processors. Accordingly, Hotjar also uses cookies and more details can be found on the company’s support website.
GA uses cookies, details of which can be found in Google’s developer guides. For your information, our website uses GA’s analytics.js application.
Disabling cookies in your browser will prevent GA & Hotjar from tracking any part of your visit to pages within this website.
3.2) Contact forms and email links
In case you choose to contact us using the “Contact Us” contact form or an email link, none of the data you provide will be stored by this website or transferred to or processed by any third party data processor as defined in section 6.0. Instead, this data will be sent to us in an email message via the SMTP (Simple Mail Transfer Protocol) protocol. Our SMTP servers are protected by the TLS security protocol (sometimes known as SSL), which means that the email content is encrypted using SHA-2 encryption, 256-bit encryption before it is sent over the internet. Email content is decrypted on our local computers and devices. Additionally, our email platform is hosted by Microsoft using Office 365, which is fully GDPR compliant.
3.3) Electronic newsletter
If you choose to participate in our email newsletter, the email address you submit to us will be forwarded to MailChimp who provides us with our email marketing services. We consider MailChimp to be a third party data processor (see section 6.0). The email address you submit will not be stored in the database within the website or on any of our computer systems.
Your email address will remain in MailChimp’s database for as long as we continue to use MailChimp’s services for our email marketing or until you explicitly request removal from the list. You can do this by using the unsubscribe link contained in all email newsletters we send you.
If you are under 16, you MUST have your parents’ consent before subscribing to our email newsletter.
As long as your email address remains in MailChimp’s database, you will receive periodic (approximately once a month) newsletter emails from us.
4) How we store your personal information
As detailed in section 3 above, some personal information will be stored in this website’s database. This data is stored in a pseudonymous manner, that is, the data requires additional processing using a separately stored “key” before it can be used to identify an individual.
Pseudonymization is a requirement of the GDPR and which we have implemented on this website.
5) About this website's server
All web traffic (file transfers) between this website and your browser is encrypted and transmitted over the HTTPS protocol.
6) Our third-party data processors
We use a number of third parties to process personal data on our behalf. These three parties have been carefully selected and all of them comply with the legislation set out in section 2. All three (3) of these parties are based in the USA and comply with the international agreement known as the EU-U.S Privacy Shield.
Mailchimp
Hotjar
7) Data breaches
We will report any illegal breach of this website’s database or the database of any third party data processor to any and all directly interested parties as well as to the authorities within 72 hours of the breach, provided that it is obvious that personal data stored in identifiable form has been stolen.
8) Changes to our privacy policy
This privacy policy may change from time to time in accordance with legislation or industry developments. We will not expressly notify our customers or users of our website of such changes. Instead, we encourage you to occasionally check this page for any policy changes.