Privacy policy

Terms

Policy key definitions:

  • “I”, “our”, “us”, or “we” refer to the business, [EachMoment].
  • “you”, “the user” refer to the person(s) using this website.
  • GDPR means General Data Protection Act.
  • ICO means Information Commissioner’s Office.
  • Cookies mean small files stored on a user’s computer or device.

This privacy policy notice is served by EachMoment (“We” or “us”) and governs the privacy of those who use it. This policy explains how we control, process, handle and protect your personal information under current laws and regulations in UK. When you provide information, we are legally bound to use your information in line with all laws relating to the protection of personal data. These include:

  • Data Protection Act 1998 (DPA)
  • The General Data Protection Regulation 2016 (GDPR)
  • Subsequent laws “Data Protection Laws “

Processing of Your Personal Data

Under the GDPR (General Data Protection Regulation) we control and / or process any personal information about you electronically using the following lawful bases.

Lawful basis: Consent
Data retention period: We will continue to process your information under this basis until you withdraw consent, or it is determined your consent no longer exists.

 

Processing of Your Submitted Media

We must retain the digital data, that is processed as a result of the service provided, throughout the course of the service being provided. Once your original media and processed digital data is returned to you on your selected storage mediums, we guarantee retention of your digital data on site for up to 30 days. We reserve the right to hold the data on-site following completion of the service provided, to provide additional storage types and backups to you if necessary, for up to 6 months. If you would like to opt-out or if you would like to extend the 30 day period, you can contact us via the Data Controller contact detail as described below.

 

Your Individual Rights

Under the GDPR law your rights are as follows:

  • The right to be informed;
  • The right of access;
  • The right to rectification;
  • The right to erasure;
  • The right to restrict processing;
  • The right to data portability;
  • The right to object; and
  • The right not to be subject to automated decision-making including profiling.

You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way we are handling your data. We handle subject access requests in accordance with the GDPR.

 

The data We Collect About You

Personal data we process include name, address, telephone or mobile number and email address. Our collection methods are:

  1. Engagement of services
  2. Communications
  3. Networking
  4. Engagement of service providers

How Your Data Will be Used

We use information held about you to:

  1. Provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes or by Legitimate Interests;
  2. Carry out our obligations arising from any contracts entered between you and us;
  3. Carry out necessary maintenance to our infrastructure;
  4. Notify you about changes to our services;
  5. Process any comments made public by you through the use of social media.

We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.

 

Legitimate Interest & Marketing

  1. Where we use Legitimate Interests we will record our decision and our method on making this decision. This can be requested by you at any time.
  2. If you are an existing contact or customer we will only contact you by electronic means (e-mail) with information about services or goods which you have previously purchased from us.
  3. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this. You can choose to not receive these types of communication by contacting us.

Third parties

  1. We will keep your information within the ‘organisation’ except where disclosure is required or permitted by law or when we use third party service providers (data processors) to support our services to you. Contracts are in place with our data processors. This means that they cannot do anything with your personal data unless we have instructed them to do so. They will not share your personal data with any organisation apart from us. They will hold it securely and retain it for the period we instruct.
  2. Please see below the list of services where we use third party data processors which sets out the categories of recipients of personal data.
        1. Cloud/FTP Service – IT Support
        2. Email Provider
        3. Specialist document scanning provider
        4. Payroll provider
        5. Accountants
        6. Couriers

Data Correction and Deletion

We will correct or update your data without delay provided you make the request in writing to the contact details provided in this policy, clearly specifying which data is incorrect or out of date.

Under GDPR you have the right to erasure under specific circumstances. A request for your personal data to be deleted will be decided on a case by case basis and must be submitted in writing to the contact details provided in this policy.

If, as determined by us, the lawful basis upon which we process your personal information changes, we will notify you about the change and any new lawful basis to be used if required. We shall stop processing your personal information if the lawful basis used is no longer relevant.

 

How to Contact Us

For the Data Protection Laws, the data controller is EachMoment.

Email: jude@eachmoment.co.uk

Telephone: 01603 291 552

 

Data Inspection

  1. We strive to be as open as we can be in terms of giving people access to their personal data. Individuals can find out if we hold any of their personal data by making a formal request under the Data Protection Laws. Such requests must be in writing to the contact details provided in this policy. If we do hold your personal data we will respond in writing within one calendar month of your request (where that request was submitted in accordance with this policy).
  2. The information we supply will:
  • Confirm that your data is being processed;
  • Verify the lawfulness and the purpose of the processing;
  • Confirm the categories of personal data being processed;
  • Confirm the type of recipient to whom the personal data have been or will be disclosed;
  • Let you have a copy of the data in an intelligible form.
      • Please note that you may need to provide identification in order to prove who you are to access your data.
      • If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.
      • In the instance that we do not hold information about you we will also confirm this in writing at the earliest opportunity.