WHAT PERSONAL INFORMATION DO WE COLLECT FROM THE PEOPLE THAT VISIT OUR BLOG, WEBSITE OR APP?
When ordering or registering on our site, as appropriate, you may be asked to enter your full name, company name, email address, phone number, Website URL or other details to help you with your experience and to provide you with relevant solutions and services which meet your requirements.
WHEN DO WE COLLECT INFORMATION?
We collect information from you when you subscribe to a newsletter, respond to a survey, fill out a form, use live chat, open a support ticket or enter information on our site. We also collect information about how you respond to our services which may include email tracking in the form of opens and clicks as well as anonymised visitor recordings.
HOW DO WE USE CLIENT INFORMATION?
We may use client and organisational information we collect in the following ways:
• To provide you with a service and issue contracts / agreements
• To improve our website and services in order to better serve you as a client
• To allow us to better service you in responding to your customer service requests
• To administer a contest, promotion, survey or other site features
• To ask for ratings and reviews of services or products you’ve purchased
• To follow up correspondence (i.e. live chat, email or phone enquiries)
• To configure a service or product externally i.e. Google Analytics
• To provide material and correspondence by post
HOW DO WE PROTECT YOUR INFORMATION?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. We use regular Malware Scanning. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology with our third-party payment provider (GoCardless). We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information. All transactions are processed through a gateway provider and are not stored or processed on our servers for added peace of mind.
HOW CAN I AMEND OR REMOVE MY PERSONAL INFORMATION?
Ensuring that your data is correct, up to date and accurate is important to us, therefore we have designed a system interface which allows you to update your own personal information as and when required. You can access this by visiting the Lowaire billing area and navigating to the “Profile” page of your account.
If you would like to remove your personal information from our systems “the right to be forgotten” you can direct your request to our Data Protection Officer (DPO) Adam Coley and we will ensure your request is fulfilled promptly. You can do this by emailing your request to firstname.lastname@example.org with the subject “Removal Required” and the requested information which you would like removed from our systems.
Alternatively, you can use our data request form in order to request data we hold about you, portability, removal of your data and much more.
WHO ARE OUR SUB-PROCESSORS?
Below we have outlined organisations who act as a sub-processor on behalf of Lowaire Digital. These are organisations who hold, store or process data on behalf of Lowaire Digital and have been audited for GDPR compliance.
• Site Ground (servers)
• Google, Inc
• Let’s Encrypt
• Cloudflare, Inc
• Freshworks, inc
• Any other wholly-owned Lowaire Digital or Big Web Creation Ltd. subsidiary organisations.
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when its release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
WE HAVE IMPLEMENTED THE FOLLOWING:
• Google Display Network Impression Reporting
• Google Analytics
• Demographics and Interests Reporting
• Clicky Analytics
We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
HOW DOES OUR SITE HANDLE DO NOT TRACK SIGNALS?
As an ethical organisation we have and always will honour Do Not Track signals and Do Not Track notifications. We will never plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
DOES OUR SITE ALLOW BEHAVIORAL TRACKING?
FAIR INFORMATION PRACTICES
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur we will:
• Contact our third-party processor(s) in order to put into place our data breach procedures and processes
• Inform affected individuals without undue delay about a breach when it is likely to result in a high risk to their rights and freedoms
• Inform the supervisory authority for our processing activities
• Notify the Information Commissioner’s Office (ICO) of a breach within 72 hours of becoming aware of it, even if we do not have all the details
• Put into place our process to assess the likely risk to individuals as a result of a breach
• We may also temporarily remove access to our service completely, in order to mitigate damage and protect sensitive data we hold
Opting out (‘the right to object’):
If you would like to opt-out of our cookie consent, please visit our cookie information page for instructions on how to do this. You can also opt-out of our marketing emails through our data subject form and we will ensure your request is fulfilled promptly.
Right to erasure (‘right to be forgotten’):
Ensuring that your data is correct, up to date and accurate is important to us, therefore if your details change you should let us know via email or phone at the earliest possibility. If you would like remove your personal information from our systems “the right to be forgotten” you can send your request through our data subject form and we will ensure your request is fulfilled promptly.
Right to data portability
The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services. It allows them to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without affecting its usability. You can send your request through our data request form and we will ensure that your request is fulfilled promptly. you can opt out by visiting the Network Advertising Initiative Opt-Out page or by using the Google Analytics Opt-Out Browser Add-on. If you would like to opt-out of our cookie consent, please visit our cookie information.
TO BE IN ACCORDANCE WITH CANSPAM
We agree to the following:
• Not use false or misleading subjects or email addresses.
• Identify the message as an advertisement in some reasonable way.
• Include the physical address of our business or site headquarters.
• Monitor third-party email marketing services for compliance, if one is used.
• Honor opt-out/unsubscribe requests quickly.
• Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can email us at email@example.com. You can also follow the instructions at the bottom of each email. and we will promptly remove you from ALL correspondence.
COPPA (CHILDREN ONLINE PRIVACY PROTECTION ACT)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. However, it’s important to note, that we do not market our services to children under the age of 13 years old.