This Privacy Notice aims to inform you about how we look after your personal data when you use our services or interact with us through or browse our website (“Website”), and your rights in relation to that data. The term ‘personal data’, also commonly referred to as personal information, means any information about an individual from which on its own or when combined with other information that person can be identified.
Information about us
For the purposes of data protection regulations, SociallySophieB is the data controller, which means the entity responsible for your personal data, and is also referred to in this Privacy Notice as “we”, “us” and “our”.
Our full contact details are:
If you have any questions about anything in this Privacy Notice, or you wish to request access to the data we hold about you, you can contact us using the details above.
It is important that the personal data we hold about you is accurate and up to date. Please do let us know if any of that data changes during the time we hold it.
What data do we collect from you?
We may from time to time collect, use, store and transfer the following personal data about you:
- Your full name (first name and surname)
- Your address
- Your contact details, including email addresses and telephone numbers
- Financial information, including bank account holder details
- Your IP address and other technical data based on that IP address e.g. time zone; location, browser type and settings, operating system and platform and other technology on the device you use to contact us
- Usage data from our Website, including information about how you have arrived at our Website
- Your communications preferences with regards to receiving marketing and newsletters from us.
- We may also collect aggregated or anonymised data (or both) for the purposes of Website performance and engagement analysis. This data may be derived from your personal data but as it does not directly or indirectly identify you, it is not considered ‘personal data’ in legal terms.
If we need to collect any personal data for any legal reason, or under the terms of a contract we have with you, and you do not provide that data when requested, then we may not be able to carry out our obligations under that contract. In such circumstances we may have to cancel our contract with you, but we will notify you if this is the case.
Third party links and websites
Our Website may contain links to third-party websites, plug-ins or applications. By clicking on any of those links or enabling those connections, you may allow third parties to collect or share data about you. We do not control those third-party sites and we are not responsible for what they may do with data they collect about you. We recommend that you read the privacy notices of each third-party site in order to understand how they may collect and process your data.
How do we collect your data?
We collect data from and about you in various forms and circumstances, as set out below:
- When we interact with you directly – you may provide us with data such as names, addresses and email addresses when you correspond with us by phone, email or otherwise. This includes data you provide when you:engage us to provide our services to you
- enquire about our services
- subscribe to our newsletter
- contact us, request a quote or fill in any other form on our Website
- Via third parties – we collect data about you via Google Analytics, who provide the cookies referred to above.
How do we use your data?
We have set out below the purposes for which we use your data, and the legal basis (or bases, depending on the purposes for which we are using that data) that we rely upon in order to do so. If you need any more information about which legal basis applies to any particular use of data, then please contact us using the details above.
In general, the Personal Information you provide to us is used to help us communicate with you. For example, we use Personal Information to contact users in response to questions, solicit feedback from users, provide technical support, and inform users about promotional offers.
We may share Personal Information with outside parties if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to meet any applicable legal process or enforceable governmental request; to enforce applicable Terms of Service, including investigation of potential violations; address fraud, security or technical concerns; or to protect against harm to the rights, property, or safety of our users or the public as required or permitted by law.
If our information practices change at any time in the future, we will post the policy changes to the Site so that you may opt out of the new information practices. We suggest that you check the Site periodically if you are concerned about how your information is used.
We will only use your personal data for the purposes for which we collected it, unless we believe that we need to use it for another purpose and that purpose is compatible with the original purpose for which the data was provided to us. You can contact us at any time to obtain more information about this processing. If we need to use your personal data for any other purpose, we will notify you and will explain the legal basis that allows us to do so.
Please note that we may process your personal data without your knowledge or consent if the law requires or permits us to do so.
We only send out marketing information and newsletters if you have opted in to receive that information. We do not share or pass on data to any third parties for marketing purposes.
You can ask us to stop sending you marketing/newsletters at any time by contacting us at email@example.com or by choosing ‘unsubscribe’ at the bottom of any such communication (but, if you do so we will retain personal data provided to us and which we need to process in order to continue providing our services to you).
Disclosure of your personal data and international transfers
We have put in place appropriate security measures for the nature and scale of our business, in order to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those of our employees, contractors and other third parties who have a business need to know, and only on our instructions and subject to a duty of confidentiality.
We have procedures in place to deal with any suspected personal data breach and we will notify you and any applicable regulator of a breach where we are legally required to do so.
How long will we use your data for?
We will only retain your personal data for as long as is necessary to fulfil the purposes we collected it for, including for the purposes of satisfying legal, accounting and reporting requirements.
To determine how long we need to retain data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process that data and whether we can achieve those purposes without keeping the data.
If you are a client, by law we have to keep certain basic information about you for six years after ceasing to work with you, for tax purposes.
We aim to carry out data reviews on an annual basis and will endeavour at such time, where possible, to delete any data held by us and which we no longer require.
Your legal rights
You have the right to request the information we hold on you, to ask us to correct that data and, in certain circumstances, to erase that data. If you would like to do so, or to opt out of marketing and newsletter communications, or you wish to update your details and preferences with us, please email firstname.lastname@example.org
You also have certain rights to object to us processing your data, to restrict that processing or to transfer your personal data. If you would like any more information about, or would like to exercise, any of these rights please contact us. You will not be charged any fee to do so, unless your request is clearly unfounded, excessive or malicious, in which case we may either refuse to comply or we will charge a reasonable fee.
We will make every effort to respond to legitimate requests within one month. Occasionally it may take us longer to do so, if your request is complicated or you have made more than one request. In this case, we will notify you and keep you updated.
You are entitled to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection, if you feel that our processing of your personal data is not compliant with our legal and regulatory obligations. We would, however, appreciate the chance to address your concerns before you contact the ICO, so we would be grateful if you would contact us in the first instance.
This Privacy Notice was last updated in May 2021.