socials for my business is committed to protecting the privacy of personal data under the new General Data Protection Regulation (GDPR) (May 2018)
This is any personal data you share with us, and could include: your name, your postal address, your email address and your telephone number. This may be used for the following purposes:
to respond to your queries;
to provide services where requested;
to keep you informed about our work, news and offers;
You have the right to request to see, amend or remove any personal information we hold about you. See section 2: Your Rights below.
Confidentiality and data protection
We do not sell or swap your details with any third parties. If further services are required your explicit consent will be required before being actioned. We may, with your consent, pass on contact details to another trader if we are unable to satisfy your order.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect. This includes a designated Data Controller and Data Protection Officer who are responsible for the safeguarding of your personal data.
Legal basis (or bases)
The legal bases on which we process your data are as follows:
Consent. We require your consent to store and utilise your data. Each form you complete, whether on the website or on paper, will have a consent agreement statement. We may use this data to inform you of other services which may be of interest to you.
Contract. By entering into an agreement with socials for my business you understand that we will store and process such data as you provide on application.
What we collect
Name and job description
Contact information including email address
Demographic information such as postcode, preferences and interests
Other information relevant to customer enquiries
Other information pertaining to surveys and/or offers and your orders
Collecting this information helps us to understand what you are looking from the company enabling us to provide you with a better service and in particular for the following reasons:
For our own internal records.
We may occasionally send you promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided.
Special category data
socials for my business will not store or process special category data. Some special category data, such as ethnicity, may become known to us during any photo shoot, but we will not store or process this information.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
A personal data breach may mean that someone other than the data controller gains unauthorised access to personal data. However, a personal data breach can also occur if there is unauthorised access within an organisation, or if a data controller’s own employee accidentally alters or deletes personal data.
All breaches of the GDPR are to be reported without undue delay to the Information Commissioners Office (ICO) within 72 hours, unless the breach is unlikely to result in any risk to the rights and freedoms of data subjects, and to the data subjects without undue delay unless a specified exemption applies.
Notifications to the data subjects will provide name and contact details of the data controller where more information can be obtained, the likely consequences of the personal data breach and the measures taken or proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.
Data Subject Rights and Subject Access Requests
socials for my business is fully committed to respecting individuals’ rights to access personal information held about them in accordance with Article 17 of the GDPR.
Subject access rights
Any individual who makes a valid subject access request is entitled to be:
told whether their personal data is being processed;
given a description of the personal data, reason for processing and whether it has been shared with any other organisations or persons;
given details of the source of the data (where this is available);
given the right to rectify, object to, or restrict processing of personal data;
given the ‘right to be forgotten’ as set out in Article 17 of the GDPR; and,
given details of how long their information will be retained for.
Individuals are only entitled to their own personal data, and not to information relating to other people, unless they are acting on behalf of that person. In these circumstances, written consent will be required.
socials for my business may not be able to release some information. Information which is exempt from a subject access request includes:
personal data where disclosure could prejudice the prevention or detection of crime; and,
personal data identifying another person (a third party) whose details cannot be disclosed without their permission.
How to make a request
In order to make a valid subject access request the following must be provided:
a clear written request by letter or email.
Proof of identification may be requested to ensure that the personal information requested is provided to the right person.
socials for my business will comply with requests for access to personal information within one month, as required by the Act.
All subject access requests should be addressed to:
The Data Controller,
socials for my business,
Unit 1 63-67 Athenaeum Place
Muswell Hill, N10 3HL, London, United Kingdom
Changes to this policy
socials for my business reserves the right to make any changes to this Privacy and Data Protection Policy, and other aspects of this site at any time. Please check this page regularly for any changes.
Policy updated: 01/05/2021