As a company processing your personal data, we are regulated by the General Data Protection Regulation (GDPR). This page is intended to keep you informed about what we do with the personal data we process.
What information we collect
We collect your personal data that you provide to us when you:
- purchase goods or services from us
- request to receive information from us, for example subscribe to our newsletter(s)
- contact us directly by email or phone
- participate in events run by or with Public Digital
This could include:
- Identity Data may include your first name, last name, title, date of birth and gender.
- Contact Data may include your billing address, delivery address, email address and telephone numbers.
- Financial Data we keep only financial data that is a result of our contracts with you. Our financial records are held on Xero.
- Transaction Data may keep details about payments between us and details of purchases made by you as a record of transactions made which includes name and billing address.
- Technical Data may include IP addresses, browser type and version and some other technology on the devices you use to access this site.
- Usage Data may include information about how you use our website, products and services.
- Marketing and Communications Data we keep basic information so as to communicate with you, namely email address, first and last name.
We also automatically collect certain information about your use of this website and our newsletter (e.g., IP address, number of visits, time spent, etc.) and aggregate them to measure and enhance the functioning of the website. At the moment, we use analytics provided by WordPress.com and Mailchimp.
Why we use your information
We collect and process your personal data in order to:
- fulfil a contract we have with you
- manage this website
- send you marketing materials
- operate our customer-service and respond to your requests
- improve our products and services
We do not sell or share your personal data outside of the Public Digital.
How long we keep your information
We only keep your personal data for so long as necessary to achieve these purposes. This may be up to 10 years after the end of the contractual relationship with you (statute of limitation for legal claims in most EEA countries), unless a shorter or longer retention period applies under applicable data protection laws.
Parties with which we share your information
We share your personal data with:
- third party providers that help us operate this website and provide our products and services (these recipients act on our behalf and under our instructions only)
- these include Google G Suite, WordPress and MailChimp.
- third parties in case of judicial processes, request by courts or authorities, other legal obligation, to defend our rights, or in case of merger, acquisition, or assets transfer
- Some of these recipients are located outside the EEA, but we ensure that your personal data remain at all times adequately protected (if the country of destination is not one that the EU Commission considers offers an adequate level of protection, we cover the data transfer by appropriate safeguards).
You may, at any moment, exercise your rights under data protection law, including (when applicable) your right of access, rectification, restriction, erasure, opposition (including objecting, at any time and for free, to the processing of your personal data for direct marketing), right to portability and your right to withdraw consent. You also have the right to lodge a complaint with the competent supervisory authority.
Certain information is gathered by cookies and other tracking technologies. You can manage your cookie preferences through your browser.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
However, we cannot absolutely guarantee the security of your personal data.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
How to contact us
For any query or request relating to our use of your personal data, or to exercise your rights, you may contact us via firstname.lastname@example.org