In order to operate effectively Joanna Craig Website Design Limited (trading as Jo&Co) needs to collect, maintain and use certain personal data about current, past and prospective customers, suppliers and other individuals that contact the company. That will normally be if you are a current, past or prospective customer, a partner, supplier or sub-contractor, or an individual that’s contacted us and needs a response.
Just so you know, the legal basis that we have to process your data falls into three categories:
- Firstly, if you have a contract with us – for example if you are an existing customer or supplier.
- Secondly, if you’ve provided consent – for example if you’ve consented to receive an email newsletter from us.
- Finally, if we have a legitimate reason – for example, you have asked us for a quote and your details have been entered into our CRM system to manage the sales process. Or if we feel we have information relevant to the support, security or ongoing servicing of your website or hosting.
Any personal information you may provide to us on this website via, for example, a contact form will never be sold, rented or made public without your consent.
We take your privacy seriously and will only use your information to answer an enquiry, administer your account or provide the products and/or services you have requested from us. We may be required to pass on some of your personal information to provide services from a third party (see below). These will not be used for marketing purposes but only to provide the requested product or service.
Information That is Collected
Joanna Craig Website Design Limited collects and uses personal information for the following reasons:
1. Site visits tracking
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.
For further information visit www.aboutcookies.org or www.allaboutcookies.org.
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However some of our website features may not function as a result.
We use Google Analytics to track the user interaction which is a commonplace feature on many websites.
2. Contact by form, email link and telephone
Should you choose to use a contact or quick enquiry form to contact me, or send an email directly, the data you supply will be collated into an email and sent to me. The contact form data is stored on the website for 90 days and then automatically removed. If you contact me by telephone, I will store your information in order to allow me to process the enquiry and respond at a later date.
The information you supply will be held for the purposes of communication after an enquiry and should you enter into a contract with me to provide a service.
We would like to send you information about products and services of ours which may be of interest to you. We use an external system called Mailchimp to provide this service.
While your email address remains within the MailChimp database, you may receive periodic (approximately twice a year) newsletter-style emails from us. If you have consented to receive marketing, you may opt out at a later date. There will be an unsubscribe link in each newsletter or you can contact me.
If you are under 16 years of age you MUST obtain parental consent before joining our email newsletter.
No comments or details are collected via the blog. Commenting is deactivated.
Uses made of your information
We use information held about you in the following ways:
- To ensure that content from our site is presented in the most effective manner for you and for your computer.
- To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
- To carry out our obligations arising from any contracts entered into between you and us.
- To notify you about changes to our services or products.
- To inform business partners, suppliers and sub-contractors for the performance of any contract we enter into with you.
- If you are a new customer, we may need to ask the third party processors to get in touch with you directly relating to products or services you have ordered. They will not use your details for any purpose other than the intended product or service.
Access to your information and correction
You have the right to request a copy of the information that is held about you. If you would like a copy of some or all of your personal information, please email or write to me at the following address. There may be a small charge for this service which will be based on my current hourly rate. We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.
This website is hosted on a server owned by Nimbus Hosting. The server is kept up to date and has round the clock monitoring.
All traffic (transferral of files) between this website and your web browser is encrypted and delivered over HTTPS.
Who we share your data with
We may share your information with:
- Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
- Analytics and search engine providers that assist us in the improvement and optimisation of the website;
- Third party support services, such as, but not limited to project management tools, accounting systems and hosting data centre.
Where we store your personal data
All information that you provide to us is stored on our, or our selected business partners’, secure servers, and we will take reasonable steps to protect your information in accordance with this policy, including (without limitation):
- Installing a firewall;
- Using anti-virus protection software;
- Encrypting data; and
- Carrying out regular back-ups.
All data sent via website forms is passed through a third party relay service and deleted after 2 years.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of any data transmitted to the Site; and any such transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We have conducted a Privacy Impact Assessment.
Social Media platforms
We operate social media platforms. These platforms are, in most cases, operated outside of the EU and do not comply with current Data Privacy Act and subsequent GDPR provision although they may well conform to the U.S Privacy Shield protocol.
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.