READ THE

PRIVACY POLICY

A LITTLE INFORMATION

The Indie Design Co. is committed to maintaining the trust and confidence of clients, and visitors, to the website. In particular, I want you to know that The Indie Design Co. is not in the business of selling, renting or trading email lists with other companies and businesses for marketing purposes. I’m just not into that sort of thing. But just in case you don’t believe me, in this Privacy Policy, I’ve provided lots of detailed information on when and why I collect your personal information, how I use it, the limited conditions under which I may disclose it to others and how I keep it secure. Grab a cuppa and read on…

PRIVACY POLICY

OVERVIEW

The Indie Design Co. needs to gather and use certain information about individuals.

These can include clients, suppliers, business contacts, employees and any other people that The Indie Design Co. has a relationship with, or may need to contact. This policy describes how this personal data must be collected, handled, stored to meet the company’s data protection standards and to comply with the law.

WHY THIS POLICY EXISTS

This Data Protection Policy ensures that The Indie Design Co. :

  • Complies with data protection law and follows good practice
  • Protect the rights of staff, clients, and partners
  • Is open about how it stores and processes individuals data
  • Protects itself from the risks of data breach

DATA PROTECTION LAW

This Privacy Policy adheres to the EU/UK General Data Protection Regulation (GDPR). The Indie Design Co. is registered with The Information Commissioner’s Office. More information can be found on the ICO website. The regulations apply to all personal information stored whether electronically stored, or on paper. The rights and principles of GDPR are outlined below.

The Individuals Rights:

  • The right to be informed
  • The right of access
  • The right of rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • The right not to be subject to automated decision making, including profiling

The Organisations Principles:

Data is collected, used, and stored:

  • In a fair and transparent manner
  • Is collected for specific reasons, and only used for those specified reasons
  • Is adequate, relevant, and limited to what is necessary
  • Is accurate, and kept up-to-date
  • Kept in an identifiable form for no longer than necessary
  • Held securely to prevent inappropriate access, loss, or disclosure

POLICY SCOPE

This policy applies to The Indie Design Co., clients, contractors, suppliers, and other people The Indie Design Co. has a relationship with. It applies to all data that the company holds relating to identifiable individuals, even if that information technically falls outside of the GDPR. This can include:

  • Names of individuals
  • Postal addresses
  • Email addresses
  • Telephone numbers
  • Plus any other information relating to individuals

RESPONSIBILITIES

Cat Bentley of The Indie Design Co. is ultimately responsible for ensuring that The Indie Design Co. meets its legal obligations. Cat is responsible for:

  • Reviewing all data protection procedures and related policies, in line with the GDPR.
  • Handling data protection questions from clients and anyone else covered by this policy.
  • Dealing with requests from individuals to see the data that The Indie Design Co. holds about them.
  • Ensuring all systems services and equipment used for storing data meet acceptable security standards.
  • Performing regular checks or scans to ensure security hardware and software is functioning properly.
  • Evaluating any third-party services the company uses/plans to use to store data.

TYPES OF DATA I COLLECT

**WEBSITE COOKIES

What are cookies?

Like most websites, The Indie Design Co. use cookies to collect information.  Cookies are small data files which are placed on your computer or other devices (such as smart ‘phones or ‘tablets’) as you browse this website.  They are used to ‘remember’ when your computer or device accesses The Indie Design Co. website. They are also used to tailor the products and services offered and advertised to you, both on my website and elsewhere.

Information collected & what it is used for

Some cookies collect information about browsing and purchasing behaviour when you access this website via the same computer or device.  This includes information about pages viewed, products purchased and your journey around a website.  I do not use cookies to collect or record information on your name, address or other contact details.

I may collect information about your computer, including where available, your IP address, operating system and browser type, this is for system administration and to report aggregate information to my advertisers. This is statistical data about The Indie Design Co.’s users browsing actions and patterns and does not identify any individual. Cookies help us to improve the site and to deliver a better and more personalised service. They enable me:

  • To estimate my audience size and usage pattern.
  • To store information about your preferences, and so allow me to customise our site according to your individual interests.
  • To speed up your searches.
  • To recognise you when you return to my site.

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of my site. Unless you have adjusted your browser setting so that it will refuse cookies, my system will issue cookies when you log on to The Indie Design Co.’s website.

Watch this short animation by The Guardian to learn more about cookies:

**GOOGLE ANALYTICS

When someone visits The Indie Design Co. website, I use a third-party service, Google Analytics (GA), to collect standard internet log information and details of visitor behaviour patterns. I do this to find out things such as the number of visitors to the various parts of the site. Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to me. Google Analytics also records your computer’s IP address which could be used to personally identify you but Google does not share this information with me. I do not make any attempt to find out the identities of those visiting our website. You can read more about Google Analytics’ privacy policy and processes here.

**MAILING LISTS

As part of the registration process for my monthly e-newsletter, I collect personal information (Your first name and email address). I use that information for a couple of reasons: your first name is to deliver a more personal experience, and your email address is to deliver emails about stuff you’ve signed up to receive; I may also contact you if I need to obtain or provide additional information; to check my records are right and to check every now and then that you’re happy and satisfied. I do not rent or trade email lists with other organisations and businesses.

I use a third-party provider, MailChimp, to deliver my newsletter. I gather statistics around email opening and clicks using industry standard technologies to help me monitor and improve my e-newsletter. For more information, please see MailChimp’s Privacy Policy. You can unsubscribe to general mailings at any time of the day or night by clicking the unsubscribe link at the bottom of any of my emails or by emailing me: cat@theindiedesign.co

NOTE: If you are under 16 years of age you MUST obtain parental consent before joining my email newsletter.

**QUOTING, BILLING & INVOICING

If you are a past/current client of The Indie Design Co. and have been invoiced for any work undertaken by The Indie Design Co. then you will have a client profile on my accounting software. This will include your business name, a contact name (of the person to correspond with) and their email address, and may include your physical address and phone number. Absolutely none of this information is shared…EVER.

I use a third-party provider, Billy, as my accounting software. It is used to monitor payments (in and out), and to send quotes and invoices. For more information, please see Billy’s Privacy Policy.

**DIGITAL CONTRACTS

The Indie Design Co. uses a contract plugin within the website. The contracts are stored on the website which is behind a Secured Socket Layer (SSL).  This is accessible by The Indie Design Co. and client at any time. Absolutely none of this information is shared…EVER.

**REQUESTING CONTENT FOR A PROJECT

If you are a past/current client of The Indie Design Co. and have had any work undertaken by The Indie Design Co. then you may have a client profile on my content capture software. This will include your business name, a contact name (of the person to correspond with) and their email address, and may include your phone number. Absolutely none of this information is shared…EVER.

I use a third-party provider, Content Snare, as my content capture software. It is used to request content for your website; this may include sensitive data such as login details for various accounts relating to your project. For more information, please see Content Snare’s Privacy Policy.

**INSTANT CHAT

The Indie Design Co. uses an Instant Chat app on the website. This app asks for (but does not require) your email address so that I can contact you back if I have stepped away from my desk, and uses GEO Tracking functionality to gain insight as to where you are located. It does not collect any personal information (unless you have included your email address). The conversations can be stored within the app, however, as a matter of good practice, I delete these after 30 days. Absolutely none of this information is shared…EVER.

I use a third-party provider, Convert Fox, as my Instant Chat software. It is used to enhance your experience whilst visiting my website. For more information, please see Convert Fox’s Privacy Policy.

**BLOG

Commenting on any posts that I have published on my blog, will save the following information to the website’s database:

the name and email address you enter with your comment
your computer’s IP address and the time and date that you submitted the comment

This information is only used to identify you as a contributor to the comment section of the respective blog post and is not passed on to anyone. Only your name will be shown on the public-facing website, although, if the supplied email address is linked to a Gravatar account, your Gravatar photo will also be displayed. You can read Gravatar’s Privacy Policy here.

Your comment and it’s associated personal data will remain on this site until I see fit to either

1.) remove the comment
2.) remove the blog post

Should you wish to have the comment and it’s associated personal data deleted, please email me here using the email address that you used at the time of commenting.

If you are under 16 years of age you MUST obtain parental consent before posting a comment on my blog.

NOTE: You should avoid entering personally identifiable information to the actual comment field of any blog post comments that you submit on this website.

**CONTACT FORMS & EMAILS

The Indie Design Co. uses contact forms on the website. This feature asks for your name and email address so that I can respond to your message. The information you give within the contact form goes directly to my email account and is not stored on my website. Absolutely none of this information is shared…EVER.

I use a third-party provider, G Suite, as my email software. For more information, please see G Suite’s Privacy Policy.

**THIS WEBSITE’S SERVER

This website is hosted by Siteground within a UK data centre.

Some of the data centre’s more notable security features are as follows: All facilities are well protected by 24x7 human security, biometrics, access control man traps, bulletproof lobbies, and video surveillance.

All traffic (transferral of files) between this website and your browser is encrypted and delivered over HTTPS. You can read Siteground’s Privacy Policy here.

WHAT YOU CAN DO ABOUT THE INFORMATION I HOLD ABOUT YOU

**ACCESSING/AMENDING/DELETING INFORMATION HELD ABOUT YOU

You are entitled to view, amend, or delete the personal information that The Indie Design Co. holds about you. Email your request to cat@theindiedesign.co

Provision of such information will be subject to:

  • the payment of a fee (currently fixed at £10.00); and
  • the supply of appropriate evidence of your identity

I may withhold such personal information to the extent permitted by law. You may instruct me not to process your personal information for marketing purposes (this would usually take the form of a client brief in my portfolio and would at most include your first name and website link), by sending an email to me. In practice, you will usually either expressly agree in advance to my use of your personal information for marketing purposes, or I will provide you with an opportunity to opt-out of the use of your personal information for marketing purposes.

MY PRINCIPLES

**SECURITY OF YOUR PERSONAL INFORMATION

The Indie Design Co. will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. I will store all the personal information you provide on secure (password- and firewall- protected) servers. All electronic transactions you make to, or receive from me, will be encrypted using SSL technology.

Any data stored about you is currently stored in an identifiable fashion; a limitation of the content management system that this website is built on (WordPress). In the near future, I aim to change the storage of this data to a pseudonymous fashion meaning that the data would require additional processing using a separately stored ‘key’ before it could be used to identify an individual.

Pseudonymisation is a recent requirement of the GDPR which many web application developers are currently working to fully implement. I am committed to keeping it as a high priority and will implement it on this website as soon as I am able to.

Of course, data transmission over the internet is inherently insecure, and I cannot guarantee the security of data sent over the internet. You are responsible for keeping your password and user details confidential. I will not ask you for your passwords unless you request my help with specific tasks.

**DISCLOSURE

We may disclose information about you to any of our employees, officers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes as set out in this privacy policy.

In addition, we may disclose your personal information:

  • to the extent that we are required to do so by law
  • in connection with any legal proceedings or prospective legal proceedings
  • in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk)
  • to the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling
  • to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information

Except as provided in this privacy policy, we will not provide your information to third parties.

**DATA BREACHES

I will report any unlawful data breach of this website’s database or the database(s) of any of my third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.

**THIRD PARTY WEBSITES

The website contains links to other websites. We are not responsible for the privacy policies or practices of third party websites.

**INTERNATIONAL DATA TRANSFERS

Information that I collect may be stored and processed in, and transferred between, any of the countries in which I operate in order to enable me to use the information in accordance with this privacy policy. Information which you provide may be transferred to countries which do not have data protection laws equivalent to those in force in the European Economic Area.

In addition, personal information that you submit for publication on the website will be published on the internet and may be available, via the internet, around the world. I cannot prevent the use or misuse of such information by others. You expressly agree to such transfers of personal information.

**MY PROMISE TO YOU

The Indie Design Co. stands by the principles outlined in the GDPR, and as such, ensures that any information held by the organisation is collected, used, and stored securely, and for specific reasons. No information I hold about you is shared, sold, or rented and is accessible by you upon request. If you would like access to your information, please contact me here. For current clients: In order to keep your information accurate and up-to-date, I may send you an email requesting that you check and update any information that I hold.

**POLICY DOCUMENTATION UPDATE

This document was updated on 17 March 2018. If you discover any errors in this document, please contact cat@theindiedesign.co and I will rectify them immediately. Otherwise, this policy will be reviewed next on 17 March 2019 unless any circumstances/laws are changed. I will not explicitly inform my clients or website users of these changes. Instead, I recommend that you check this page occasionally for any policy changes to ensure you are satisfied with my processes.