My business is designed to serve and support your business, so your privacy is very important to me. I want you to have complete confidence in my professionalism, and the way I handle your information.
What information do I collect at IJLA | Writing, Editing & Proofreading Support for Business and Academia?
I collect only the information required for effective communication with you in order to work on your projects, and to contact you about current or future work; I am the data controller for this information, which is referred to here as ‘contact details’, and includes the names and email addresses of those who are involved in the project, a contact address for invoicing, and any phone numbers or Skype / Zoom IDs you choose to share with me.
This data is collected:
- Via email or over the phone when you contact me to discuss a project
- Via the website if you complete a contact details form
- You may also give contact details via a Mailchimp list, if you choose to follow the blog on the website
How do I use this information?
I use the contact details provided in order to effectively work on your projects, including:
- Maintaining contact with you via phone, text and email during the course of the project
- Account administration (estimates, quotations, invoicing and receipts)
- Contacting you periodically to provide updates on my services and stay in touch
- Testimonials shown on my website
What legal basis do I have for processing your personal data?
I hold your contact details on the basis of legitimate interest: this data is used in a way you would reasonably expect (i.e. used simply to conduct business initiated by you), and which has a minimal privacy impact.
If you specifically consent to me contacting you periodically to provide updates on my services and stay in touch, then I hold your contact details on the basis of this consent.
All information about you connected with testimonials you have provided for me (such as your name, business, and your endorsement) are given by specific written consent.
When you specifically consent to my using your personal information you may withdraw your consent via email or a phone call at any time.
When do I share personal data?
I treat personal data confidentially, and I will never share your data with anyone unless compelled to do so under legal obligation.
Where do I store and process personal data?
Your data is stored on a private computer based in the EU, using password protection.
Your emails are processed through a Gmail account, which data is hosted on servers outside the EU. You must therefore consent to my use of Gmail as a reasonable and appropriate method of communication with you. This consent may be withdrawn at any time.
How do I secure personal data?
My approach to data security is as follows:
- The private computer is password protected, and files are not stored on remote servers
- Files are routinely backed up on another EU-based hard drive, to prevent accidental loss, business continuity and disaster recovery
For how long do I keep your personal data?
According to UK tax law, I maintain accounting records including personal information for six years. After this time such data will be destroyed.
Personal information relating to ongoing projects will be retained for as long as it is required for reasonable work use, or for up to six years after work has been completed, as per UK tax law requirements.
Personal information used to provide updates on my services and to stay in touch are held for as long as I have your consent to do so.
Your rights in relation to personal data
Under GDPR, you have the right to access and control your personal data, including the right to:
- access your personal information
- correct and delete it where you wish
- withdraw your consent
- lodge a complaint with the Information Commissioner’s Office
If you wish to exercise any or all of these rights, you can contact me on email@example.com, by phone on 07988858873, or by post at 312 Allesley Old Road, Coventry CV5 8GH. I will respond to all such data requests within 28 days.
Where data subject rights may be limited, e.g. if fulfilling the data subject request may expose personal data about another person, or if I’m asked to delete data which I’m required to keep by law, I will be obliged to take advice on how to proceed, and I will inform you should this arise.