This policy (together with our terms of website use rachelyvonne.com/terms and any other documents referred to on it) sets out the basis on which we Rachel-Yvonne McIntosh of Dream Pathway Inc will process any personal data we collect from you, or which you provide to us, in the course of using our site rachelyvonne.com . For the purpose of the Data Protection Act 1998 we are the data controller.
When you use our site, there are a number of ways in which you provide information and other data to us.
- Communication Data that includes any communication that you send to us whether that be through the contact form on our website, through email, text, social media messaging, social media posting or any other communication that you send us. We process this data for the purposes of communicating with you, for record keeping and for the establishment, pursuance or defence of legal claims. Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.
- Customer Data that includes data relating to any purchases of goods and/or services such as your name, title, billing address, delivery address email address, phone number, contact details, purchase details and your card details. We process this data to supply the goods and/or services you have purchased and to keep records of such transactions. Our lawful ground for this processing is the performance of a contract between you and us and/or taking steps at your request to enter into such a contract.
- User Data that includes data about how you use our website and any online services together with any data that you post for publication on our website or through other online services. We process this data to operate our website and ensure relevant content is provided to you, to ensure the security of our website, to maintain back-ups of our website and/or databases and to enable publication and administration of our website, other online services and business. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business.
- Technical Data that includes data about your use of our website and online services such as your IP address, your login data, details about your browser, length of visit to pages on our website, page views and navigation paths, details about the number of times you use our website, time zone settings and other technology on the devices you use to access our website. The source of this data is from our analytics tracking system. We process this data to analyse your use of our website and other online services, to administer and protect our business and website, to deliver relevant website content and advertisements to you and to understand the effectiveness of our advertising. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business and to grow our business and to decide our marketing strategy.
- Marketing Data that includes data about your preferences in receiving marketing from us and our third parties and your communication preferences. We process this data to enable you to partake in our promotions such as competitions, prize draws and free giveaways, to deliver relevant website content and advertisements to you and measure or understand the effectiveness of this advertising. Our lawful ground for this processing is our legitimate interests which in this case are to study how customers use our products/services, to develop them, to grow our business and to decide our marketing strategy.
- We may use Customer Data, User Data, Technical Data and Marketing Data to deliver relevant website content and advertisements to you (including Facebook adverts or other display advertisements) and to measure or understand the effectiveness of the advertising we serve you. Our lawful ground for this processing is legitimate interests which is to grow our business. We may also use such data to send other marketing communications to you. Our lawful ground for this processing is either consent or legitimate interests (namely to grow our business).
By using the site, you consent to us processing and collecting this data, on the terms and for the reasons which are explained below:
HOW YOUR INFORMATION IS USED
We may use your information to:
- send you our newsletters from time to time.
- ensure that content from our site is presented in the most effective manner for you and for your computer.
- provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
- carry out our obligations arising from any contracts entered into between you and us.
- allow you to participate in interactive features of our service, when you choose to do so.
- notify you about changes to our service.
- where it is necessary for our legitimate interests (or those of a third party), and your interests or your fundamental rights and freedoms do not override our interests
If you do not want us to use your information for marketing purposes, please tick the relevant box on the form on which you submit your data. You can also contact us directly by emailing email@example.com
If you do want to receive information from our carefully selected third parties about goods or services that may be of interest to you, please tick the relevant box on the form on which you submit your data.
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology.
We take your privacy very seriously, and will take all reasonable steps to protect your personal data, but please be aware that any data which you send to our site is sent at your own risk.
DISCLOSURE OF YOUR INFORMATION
We may disclose your personal information to any of our group companies (which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 736 of the UK Companies Act 1985) and also to third parties in the following circumstances: –
- to any prospective seller or buyer of all (or part of) our business or assets;
- If we are required to do so by law, any applicable regulation or to protect the rights, property, or safety of ourselves or others. This may include disclosing to other companies and organisations in connection with fraud protection and credit risk reduction.
- Service providers who provide IT and system administration services.
- Professional advisers including lawyers, bankers, auditors and insurers
We share your personal data within our group of companies which involves transferring your data outside the European Economic Area (EEA).
Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria.
Many of our third parties service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is in place:
- We will only transfer your personal data to countries that the European Commission have approved as providing an adequate level of protection for personal data by; or
- Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe; or
- If we use US-based providers that are part of EU-US Privacy Shield, we may transfer data to them, as they have equivalent safeguards in place.
If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
We have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorisation. We also allow access to your personal data only to those employees and partners who have a business need to know such data. They will only process your personal data on our instructions and they must keep it confidential.
We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach if we are legally required to.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
When deciding what the correct time is to keep the data for we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements.
For tax purposes, the law requires us to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they stop being customers.
In some circumstances, we may anonymise your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
We may gather information about your general internet use by using the cookie. Where used, these cookies are downloaded to your computer and stored on the computer’s hard drive. Such information will not identify you personally; it is statistical data which does not identify any personal details whatsoever.
You can adjust the settings on your computer to decline any cookies if you wish. This can be done within the “settings” section of your computer. For more information please read the advice at AboutCookies.org.
ACCESS TO INFORMATION
You have the right under the Data Protection Act/ GDPR to access the information which we hold about you. If you wish to exercise this right, please send your request to firstname.lastname@example.org .
You can see more about these rights at:
Changes to this privacy notice
Rachel-Yvonne reserves the right to update or amend this privacy notice at any time, including where Rachel-Yvonne intends to further process your personal information for a purpose other than that for which the personal information was collected or where we intend to process new types of personal information. We will issue you with a new privacy notice when we make significant updates or amendments. We may also notify you about the processing of your personal information in other ways.