- This Privacy Notice (the “Notice”) (together with any other of our terms and conditions, and any other documents referred to in them) sets out the basis on which any personal data we collect from you, or that you provide, will be processed by us. Please read this Notice carefully to understand our views and practices regarding your Personal Data and how we will treat it.
- The Editorial Hub (a company registered in the UK under company number 08976631) is a data controller registered as such with the UK Information Commissioner’s Office under registration number ZB005079. You may contact us at our registered office at Whiteleaf Business Centre, 11 Little Balmer, Buckingham, MK18 1TF or by email via [email protected].
- We will refer to The Editorial Hub Limited as “Company”, “us”, “we” or “our”, which operates http://www.theeditorialhub.com (the “Site”). The users of our Site and other business or personal contacts that we deal with as customers or suppliers are referred to as “you” or “your”. This Notice explains what happens to any personal data that you provide, or that is collected from you as part of our usual business, marketing and/or accessing our Site.
- Personal data (“Personal Data”) means any information relating to an identified or identifiable person. We will only use your Personal Data in the manner set out in this Notice and in a way that is fair to you. We will only collect Personal Data where it is necessary for us to do so and where it is relevant to our dealings with you. We will only keep your Personal Data for as long as it is relevant to the purpose for which it was collected or for as long as we are required to keep it by law.
INFORMATION WE COLLECT
- The majority of the data that we collect and store will be business data relating to the businesses that we are dealing with, our contractors, and contracts that are being undertaken. We may also hold Personal Data for prospective contacts and clients, such details being obtained from publicly available data or third-party suppliers.
- As part of our business and marketing processes we will process limited Personal Data to include:
- Your name, email address, job title, IP address, mobile phone number (where applicable).
- Your domain name and email address, which are recognised by our servers and the pages that you visit may be noted. We shall not divulge your email address to any third party without your consent.
HOW WE USE YOUR INFORMATION
- We use your Personal Data to provide you with information and quotes regarding our business and the services that we offer. We may from time to time keep in touch with our contact base with targeted information-based emails. We are aware that customers and contacts will also be accessing our website and that by accessing the Site, you agree to the collection and use of information in accordance with this Notice.
- We use your information in the following ways:
- To provide you with information and quotes regarding our services.
- To carry out our obligations arising from any contracts entered into between you and us.
- To provide you with billing information.
- To notify you of news about our business.
- To notify you about changes to our Company.
- In a collective way not referable to any particular individual, for the purpose of quality control and improvement of our Site.
WHERE WE STORE YOUR PERSONAL DATA
- All information you provide to us electronically is stored on our secure servers. We use industry standard security and firewalls on our servers and password protections.
- Hardcopy data is stored in a secure location on our site or held in a secure archive facility.
- We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of your information.
- Only authorised personnel and contractors have access to your information.
- We keep Personal Data secure by taking appropriate technical and organisational measures against its unauthorised or unlawful processing and against its accidental loss, destruction or damage.
- However, while we strive to protect your Personal Data, in light of the inevitable risks of data transmission over the internet, we cannot guarantee full protection against any error occurring during the course of Personal Data transmission which is beyond the Company’s reasonable control.
- Since all Personal Data is confidential, access is limited to employees, contractors and agents of the Company, who have a need to know such data in carrying out their tasks. All the people who have access to your Personal Data are bound by a duty of confidentiality and subject to disciplinary actions and/or other sanctions if they fail to meet these obligations.
LAWFUL BASIS OF PROCESSING
- We will generally process Personal Data regarding customers and people that we provide our services to as we are under contract. The processing of such Personal Data is necessary for the contract or we have been asked to take specific steps before entering into a contract.
- We may also process limited Personal Data of contacts for the purposes of the legitimate interests of the Company. We have a legitimate interest in keeping in touch with our customers and contacts which may include sending targeted emails regarding news about our business. We have balanced this legitimate interest of the Company against the rights of the individual and do not conclude this is unreasonable, as at all times the data subject has a right to be forgotten and their personal details to be deleted.
- Customers: we need to keep your Personal Data to allow us to ensure compliance with the contract. We keep a record of these orders for at least 6 years after the contract to ensure compliance with that contract. We may keep limited Personal Data of customers to include contact details and transactional history for longer than this 6-year period, as we have a legitimate business interest to keep such records, as many of our customers return to us several years later for our services and this assists our business to ensure that our customers are provided with the best possible service.
- Recruitment: If you apply for a job with us, we may use your information for the purposes of recruitment and selection, corresponding with you and equal opportunities monitoring. We will not store your Personal Data for more than 12 months after last contact if you are not successful.
- Google Analytics is also used to track website trends without identifying individual visitors. The cookies used by Google Analytics store information such as what time the current visit occurred, whether the visitor has been to the Site before and which website may have directed you to our Site.
RIGHTS OF ACCESS, CORRECTION, ERASURE, AND RESTRICTION
- It is important that the Personal Data we hold about you is accurate and current. Please keep us informed if your Personal Data changes during your working relationship with us.
- Under certain circumstances, by law you have the right to:
- Request access to your Personal Data (commonly known as a “data subject access request”). This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.
- Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have exercised your right to object to processing (see below).
- Object to processing of your Personal Data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your Personal Data for direct marketing purposes.
- Request the restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of Personal Data about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your Personal Data to another party.
- If you want to review, verify, correct or request erasure of your Personal Data, object to the processing of your Personal Data, or request that we transfer a copy of your Personal Data to another party, please contact the Board in writing. You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
- We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it.
RIGHT TO WITHDRAW CONSENT
- In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your Personal Data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact the Board. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
- We may have to share your data with third parties, including third-party service providers and other entities in the group. We require third parties to respect the security of your data and to treat it in accordance with the law.
- We may transfer your Personal Data outside the UK. If we do, you can expect a similar degree of protection in respect of your Personal Data.
- We will share your Personal Data with third parties where required by law, where it is necessary to administer the working relationship with you, or where we have another legitimate interest in doing so.
- We may also need to share your Personal Data with a regulator or to otherwise comply with the law. This may include making returns to HMRC, and disclosures to shareholders such as directors’ remuneration reporting requirements.
- We have put in place measures to protect the security of your information. Details of these measures are available upon request.
- Third parties will only process your Personal Data on our instructions and where they have agreed to treat the information confidentially and to keep it secure.
- We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality.
- We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
- The Site may, from time to time, contain links to and from the websites of our partner networks and affiliates. If you follow a link to any of those websites, please note that those websites have their own privacy policies and that we do not accept any responsibility or liability for those policies. Please check those policies before you submit any Personal Data to those websites.
RIGHT TO WITHDRAW CONSENT
- In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your Personal Data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time.
- By submitting limited Personal Data to us, you consent to our use of your Personal Data and of anyone you represent in the manner set out in this Notice (as amended from time to time, as described below) and you are responsible for ensuring that you have authority to consent on behalf of anyone about whom you submit data to us.
- You can withdraw any consent you have given us under this Notice at any time by contacting [email protected], referencing this Notice in the email subject line, using the body of the email to say what consent you are revoking. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
CHANGES TO THIS PRIVACY NOTICE
- We reserve the right to update this Privacy Notice at any time, and we will provide you with a new Privacy Notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your Personal Data.
- If you are concerned about the manner in which we are processing your Personal Data, or have interacted with you regarding our processing of your Personal Data, you should raise this with us in the first instance using the contact details given above. Ultimately, you are entitled to raise your concerns with the UK’s Information Commissioner’s Office (“the ICO”) who can be contacted by telephone (0303 123 1113) or online: https://ico.org.uk/global/contact-us/contact-us-result/. Alternatively, you may write to them at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.