Privacy & Data Protection Policy
We have created this Privacy and Data Protection Policy in order to demonstrate our firm and continuing commitment to the privacy of personal information provided by those visiting and interacting with this website. We hold the privacy of your personal information in the highest regard. The following discloses our information gathering and dissemination practices for this website.
The SEO Works Ltd (The Organization) and we recognise the importance of protecting your privacy and data and our policy is designed to assist you in understanding how we collect, use and safeguard the personal information you provide to us and to assist you in making informed decisions when using our site. This policy will be continuously assessed against new laws, new technologies, business practices and our customers’ needs.
Data Controller and Contact: Crystal Katonic
Address: 12655 Jefferson Blvd, Level 4 – Los Angeles CA 90066 USA
Email: customer.services (at) helmsmandigital.com
Our policy is simple
With your consent this website collects and stores the follow personal data in order to serve you:
- First name
- Last name
- Email address
- Phone number
- Name of your organisation
- Form submission messages and requests
This form submission data is removed annually. You can ask us to remove any information we hold about you at any time.
The cookies used on this site are:
Data Analysis – Anonymized Google analytics to help us understand how the site is used.
Communication – We send email newsletters via MailChimp to those who have subscribed. Each newsletter sent contains an easy opt-out link.
Further Details and Opt Outs
Google Analytics (Google Inc.)
This integration of Google Analytics anonymizes your IP address. It works by shortening Users’ IP addresses within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the complete IP address be sent to a Google server and shortened within the US.
MailChimp (The Rocket Science Group LLC)
This service is used for our newsletter emails.
What Information Do We Collect?
When you visit this website you may provide us with two types of information: personal information you knowingly choose to disclose that is collected on an individual basis and Website use information collected on an aggregate basis as you and others browse our Website.
1. Personal Information You Choose to Provide
When you register for any of our services or newsletters you will provide us information about yourself.
If you choose to correspond with us through email, we may retain the content of your email messages together with your email address and our responses. We provide the same protections for these electronic communications that we employ in the maintenance of information received by mail and telephone.
Communication with you
Registration or correspondence with us via email constitutes a commercial relationship and implies consent for us to communicate with you regarding our services. We promise to only send you information deemed relevant to our commercial relationship and any email communication you may receive from us highlighting our services, special offers or promotions will include an opt out or unsubscribe feature.
2. Website Use Information
Similar to other commercial Websites, our Website utilises a standard technology called “cookies” (see explanation below, “What Are Cookies?”) and web server log files to collect information about how our Website is used. Information gathered through cookies and Web server logs may include the date and time of visits, the pages viewed, time spent at our Website, and the Websites visited just before and just after our Website.
How Do We Use the Information That You Provide to Us?
Broadly speaking, we use personal information for purposes of administering our business activities, providing the services you requested, to monitor the use of the service, our marketing and promotional efforts and improve our content and service offerings, and customise our site’s content, layout, services and for other lawful purposes. These uses improve our site and better tailor it to meet your needs.
Furthermore, such information may be shared with others on an aggregate basis. Personally identifiable information or business information will not be shared with parties except as required by law.
Occasionally, we may also use the information we collect to notify you about important changes to our Website, new services, and special offers we think you will find valuable. You may notify us at any time if you do not wish to receive these offers.
What Are Cookies?
How Do We Use Information We Collect from Cookies?
IP addresses are used by your computer every time you are connected to the Internet. Your IP address is a number that is used by computers on the network to identify your computer. IP addresses are automatically collected by our web server as part of demographic and profile data known as traffic data so that data (such as the Web pages you request) can be sent to you.
Sharing and Selling Information
We do not share, sell, lend or lease any of the information that uniquely identify a subscriber (such as email addresses or personal details) with anyone except to the extent it is necessary to process transactions or provide services that you have requested.
How Can You Access and Correct Your Information?
You may request access to all your personally identifiable information that we collect online and maintain in our database by emailing us at the usual address.
What About Legally Compelled Disclosure of Information?
We may disclose information when legally compelled to do so, in other words, when we, in good faith, believe that the law requires it or for the protection of our legal rights. We may also disclose account information when we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be violating our Terms of Service or to protect the safety of our users and the Public.
What About Other Websites Linked to our Website?
We are not responsible for the practices employed by Websites linked to or from our Web site or the information or content contained therein. Often links to other Websites are provided solely as pointers to information on topics that may be useful to the users of our Website.
This site allows visitors to unsubscribe so that they will not receive future messages. After unsubscribing we will discontinue sending the particular messages as soon as technically feasible.
A Special Note About Children
Children are not eligible to use our services unsupervised and we ask that children (under the age of 14) do not submit any personal information to us. If you are a minor, you can use this service only in conjunction with permission and guidance from your parents or guardians.
Acquisition or Changes in Ownership
In the event that the website (or a substantial portion of its assets) is acquired, your information would be considered part of those assets, and may be part of those assets that are transferred.
If for any reason you are unhappy with the performance of your Job Ad we will provide you with a 100% refund. Simply email community (at) vetpetjobs.com within the 30 day lifespan of your Job Ad advising of your concerns and we will make arrangements to refund your investment in entirety.
Data Protection Policy
The Organization needs to gather and use certain information about individuals. These can include customers, suppliers, business contacts, employees and other people the organisation has a relationship with or may need to contact. This policy describes how this personal data must be collected, handled and stored to meet The Organization data protection standards — and to comply with the law.
Why this policy exists
This data protection policy ensures The Organization:
- Complies with data protection law and follow good practice.
- Protects the rights of staff, customers and partners.
- Is open about how it stores and processes individuals’ data.
- Protects itself from the risks of a data breach.
Data protection law
Data Protection laws around the world generally describe how organisations — including The Organization — must collect, handle and store personal information. These rules apply regardless of whether data is stored electronically, on paper or on other materials. To comply with the law, personal information must be collected and used fairly, stored safely and not disclosed unlawfully. Data Protection is underpinned by eight important principles:
- Be processed fairly and lawfully
- Be obtained only for specific, lawful purposes
- Be adequate, relevant and not excessive
- Be accurate and kept up to date
- Not be held for any longer than necessary
- Processed in accordance with the rights of data subjects
- Be protected in appropriate ways
- Not be transferred outside the primary country, unless that additional country or territory also ensures an adequate level of protection
This policy applies to:
- The head office of The Organization
- All branches of The Organization
- All staff and volunteers of The Organization
- All contractors, suppliers and other people working on behalf of The Organization
It applies to all data that the company holds relating to identifiable individuals, even if that information technically falls outside of Data Protection law. This can include:
- Names of individuals
- Postal addresses
- Email addresses
- Telephone numbers
- Any other information relating to individuals
Data Protection Risks
This policy helps to protect The Organization from some very real data security risks, including:
- Breaches of confidentiality. For instance, information being given out inappropriately
- Failing to offer choice. For instance, all individuals should be free to choose how the company uses data relating to them
- Reputational damage. For instance, the company could suffer if hackers successfully gained access to sensitive data
Everyone who works for or with The Organization has some responsibility for ensuring data is collected, stored and handled appropriately. Each team that handles personal data must ensure that it is handled and processed in line with this policy and data protection principles.
However, these people have key areas of responsibility:
- The board of directors is ultimately responsible for ensuring that The Organization meets its legal obligations and for:
- Keeping up-to-date about data protection responsibilities, risks and issues.
- Reviewing all data protection procedures and related policies, in line with an agreed schedule.
- Arranging data protection training and advice for the people covered by this policy.
- Handling data protection questions from staff and anyone else covered by this policy.
- Dealing with requests from individuals to see the data The Organization holds about them (also called ‘subject access requests’).
- Checking and approving any contracts or agreements with third parties that may handle the company’s sensitive data.
- Data Protection Policy
- The company’s IT service provider, is responsible for:
- Ensuring all systems, services and equipment used for storing data meet acceptable security standards.
- Performing regular checks and scans to ensure security hardware and software is functioning properly.
- Evaluating any third-party services the company is considering using to store or process data. For instance, cloud computing services.
- The Marketing Manager, is responsible for:
- Approving any data protection statements attached to communications such as emails and letters.
- Addressing any data protection queries from journalists or media outlets like newspapers.
- Where necessary, working with other staff to ensure marketing initiatives abide by data protection principles.
General staff guidelines
- The only people able to access data covered by this policy should be those who need it for their work.
- Data should not be shared informally. When access to confidential information is required, employees can request it from their line managers.
- The Organization will provide training to all employees to help them understand their responsibilities when handling data.
- Employees should keep all data secure, by taking sensible precautions and following the guidelines below.
- In particular, strong passwords must be used and they should never be shared.
- Personal data should not be disclosed to unauthorised people, either within the company or externally.
- Data should be regularly reviewed and updated if it is found to be out of date. If no longer required, it should be deleted and disposed of.
- Employees should request help from their line manager or the data protection officer if they are unsure about any aspect of data protection.
These rules describe how and where data should be safely stored. Questions about storing data safely can be directed to the IT service provider or board of directors. When data is stored on paper, it should be kept in a secure place where unauthorised people cannot see it. These guidelines also apply to data that is usually stored electronically but has been printed out for some reason:
- When not required, the paper or files should be kept in a locked drawer or filing cabinet.
- Employees should make sure paper and printouts are not left where unauthorised people could see them, like on a printer.
- Data printouts should be shredded and disposed of securely when no longer required.
Data Protection Policy
When data is stored electronically, it must be protected from unauthorised access, accidental deletion and malicious hacking attempts:
- Data should be protected by strong passwords that are changed regularly and never shared between employees.
- If data is stored on removable media (like a CD or DVD), these should be kept locked away securely when not being used.
- Data should only be stored on designated drives and servers, and should only be uploaded to an approved cloud computing services.
- Servers containing personal data should be sited in a secure location, away from general office space.
- Data should be backed up frequently. Those backups should be tested regularly, in line with the company’s standard backup procedures.
- Data should never be saved directly to laptops or other mobile devices like tablets or smart phones.
- All servers and computers containing data should be protected by approved security software and a firewall.
Personal data is of no value to The Organization unless the business can make use of it. However, it is when personal data is accessed and used that it can be at the greatest risk of loss, corruption or theft:
- When working with personal data, employees should ensure the screens of their computers are always locked when left unattended.
- Personal data should not be shared informally. In particular, it should never be sent by email, as this form of communication is not secure.
- Data must be encrypted before being transferred electronically. The IT service provider can explain how to send data to authorised external contacts.
- Personal data should never be transferred outside of the European Economic Area.
- Employees should not save copies of personal data to their own computers. Always access and update the central copy of any data.
The law requires The Organization to take reasonable steps to ensure data is kept accurate and up to date. The more important it is that the personal data is accurate, the greater the effort The Organization should put into ensuring its accuracy. It is the responsibility of all employees who work with data to take reasonable steps to ensure it is kept as accurate and up to date as possible.
- Data will be held in as few places as necessary. Staff should not create any unnecessary additional data sets.
- Staff should take every opportunity to ensure data is updated. For instance, by confirming a customer’s details when they call.
- The Organization will make it easy for data subjects to update the information The Organization holds about them. For instance, via the company website.
- Data should be updated as inaccuracies are discovered. For instance, if a customer can no longer be reached on their stored telephone number, it should be removed from the database.
- It is the marketing manager’s responsibility to ensure marketing databases are checked against industry suppression files every six months.
Subject Access Requests
All individuals who are the subject of personal data held by The Organization are entitled to:
- Ask what information the company holds about them and why.
- Ask how to gain access to it.
- Be informed how to keep it up to date.
- Be informed how the company is meeting its data protection obligations.
If an individual contacts the company requesting this information, this is called a subject access request. Subject access requests from individuals should be made by email to the Data Controller listed above. The Organization can supply a standard request form, although individuals do not have to use this. Individuals will be charged a fee per subject access request. The Organization will aim to provide the relevant data within 14 days. The Organization will always verify the identity of anyone making a subject access request before handing over any information.
Disclosing Data For Other Reasons
In certain circumstances, the Data Protection Act allows personal data to be disclosed to law enforcement agencies without the consent of the data subject. Under these circumstances, The Organization will disclose requested data. However, the company will ensure the request is legitimate, seeking assistance from the company’s legal advisers where necessary.
The Organization aims to ensure that individuals are aware that their data is being processed, and that they understand:
- How the data is being used.
- How to exercise their rights.
We may change these Policies from time to time. If/when changes are made to these Policies, we will email users who have given us permission to do so. We will post any changes here, so be sure to check back periodically. However, please be assured that if the Policies change in the future, we will not use the personal information you have submitted to us under these Policies in a manner that is materially inconsistent with the original Policies, without your prior consent.