Section 1 – Privacy Policy
1.1 Values
Thank you for trusting us with some information about you. We take that trust seriously and we want you to know how we use your information and why.
If you have queries about how we use your data, or comments or questions about this Policy, please do email us. The email address to use is set out in section 2 below.
Policy updates: We keep this Policy under regular review, and this page may be updated from time to time. Please come back here to check the latest version. This Policy was last updated on the date given in the final box in the table in section 2 below.
1.2 Who are we?
| Name | Christine Southam |
| Trading Name | CS Virtual Assistant |
| Email address for official notices | [email protected] |
| Data Retention Period(s) | We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means. By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes. |
| Card and payment processor (3rd party) names and their security policy links | PayPal and Stripe |
| Cookie policy | Please see www.csvirtualassistant.co.uk |
| Date this Policy last updated | 25th March 2021 |
1.3 Words with specific meanings
In this Policy, there are words and phrases that have a specific meaning or that we are using in a special way. They are:
“personal data” any information about an identifiable living human being.
“process” we “process” your personal data when we do anything with it, which might include: collecting, recording, organising, storing, adapting, altering, retrieving, using, combining, disclosing, or deleting it.
“special category data” personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sex life or sexual orientation, health, genetic or biometric data.
1.4 What this policy describes
This policy describes how we will collect and use personal data about you.
We process information about:
“Prospects” potential customers or referrers;
“Customers” who have bought goods or services from us;
“Suppliers”, “Associates” suppliers or potential suppliers of goods or services to us;
“Affiliates” who have signed up to our affiliate scheme (if we have one).
1.5 What information do we process, and why?
1.5.1 Prospect
Most of the information we process comes from you. We process it so we can reply to you, and when you contact us again we know what you asked before, what you were sent, and what you told us.
Typically, we are collecting name, contact details, how we came across you, and background information from you or published by you on social media or freely accessible on the internet, on why you might be interested in our products or services or a relevant contact for our business.
If you sign up to a newsletter list, you will be sent what you asked for. We normally operate ‘double opt-in’ lists and you will need to reconfirm your subscription before anything is sent. You can unsubscribe at any time by clicking the unsubscribe button on any email.
You are not automatically subscribed to any other lists, but may be invited to join an appropriate one.
If we email you individually using our own email system, or respond to an email sent to us at any of our business email addresses, a copy of that email will also be stored.
If you make an enquiry via our website, we will keep details of that enquiry and response for our data retention period (section 2, Table, above).
We do not routinely keep special category data. To the extent we hold this, it was supplied or made publicly available by you.
1.5.2 Customer
Once you buy something from us, we will collect information from you at the point of sale.
This will include the information we collect from Prospects (above). We collect your email address, phone number and postal address so we can provide what we have contracted to, invoice you and keep proper records of our business relationship.
We process your data to support the delivery of goods and services you have bought. We keep records of the goods/services provided to you, and information you give us, so we can support you when needed and advise you of any additional services you may need.
1.5.3 Financial and credit card details
We do not receive or store your credit card details. Credit card payments are handled by an external secure processor in accordance with their data security policies (see section 2, Table, above).
We receive limited information from our processor for us to tie up your payment with your invoice.
If you pay us by BACS or direct transfer, we know only what the bank tells us, which is usually the name of the person who paid us and how much and the reference number.
We do not routinely keep credit scores nor use credit reference agencies.
When we are processing data about you on behalf of a customer, we are operating under the banner of our customer’s data privacy policy. We will refer any enquiry from you to them, as they are the ‘data controller’ responsible for dealing with your query. But we will support that by providing relevant information to our customer for passing to you.
1.5.4 Supplier and Associates
We collect information on potential and actual suppliers and associates. This is mostly provided by you, but we do add to it the same kind of data we use for Prospects (see above).
If you become a supplier or associate we keep a copy of the contract between us and your bank details so we can pay you. We also keep a record of invoices/payments for accounting purposes.
We keep a record of the work you undertook for us/our clients along with any comments, reviews or suggestions about that work including complaints (if any) and their resolution.
This information is all needed to manage our customer relationships and our supply chain.
1.5.5 Affiliate
If we set up an affiliate scheme, affiliate data will be held in accordance with this policy. We will ask you for information when you apply and that will be kept to administer the affiliate scheme.
1.5.6 Newsletters and automated emails
We monitor who opens what in our newsletter lists, and pre-set sequences of information we send you. We do this, so we can see if content is popular and generate more of it, or if it is not read.
There may be sub-routines that trigger if you click on links or articles. These are designed to offer you more information about things you are interested in.
You can unsubscribe from these sequences at any time.
Existing customers may receive emails about specific offers relating to things you have already purchased. You can unsubscribe from these at any time.
From time to time, we contact individual email newsletter subscribers but it is extremely rare. This would normally be if something odd were going on and we wanted to check you could see and use the content or find out what was causing a problem.
1.6 Data sharing – 3rd parties
We do not sell or exchange your personal data with organisations who may want to sell you something or use your data for research or other purposes.
1.7 Platforms
We keep a list of the software platforms we use to run our business. If you would like a list of all the platforms we use, please email us (at the email address in section 2, Table, above).
1.8 People
We have an outsourced support team for our own business which may include Virtual Assistants, Web Designers, IT support, Sales and Marketing, Accounting and more. They have limited access to your data, where the service they provide to us means they need it.
For example, if our IT support wants to check the functionality of a laptop or back up, they may need temporary access to information that may include something about you.
For example, if we invoice you, our Accountant needs to process the information in the invoice.
Your information/advice is held in the strictest confidence. Our team are all contracted to strict confidentiality clauses.
1.9 Where is your data located?
Like most small businesses, we do not have any tailor-made software – we use mainstream packages for everything from our customer records, to email, to accounting.
This means that some of your data may be held in the EEA, and some may be held in services in the USA (with suitable data privacy shields) or elsewhere. We have picked mainstream suppliers with appropriate security standards.
1.10 Retention periods
Your information will be kept for the length of time set out in our retention period (see section 2, Table, above).
We need to keep customer information long enough to satisfy HMRC and our insurers. We keep information on prospective customers long enough to make our sales enquiry system effective.
If you subscribed to a newsletter or updates list, you will remain on the list(s) you joined until you unsubscribe from that list.
If you purchase a download, service or product through the website, we will retain your data for the purpose of fulfilling your order and processing any future orders you make with us. This may be indefinitely or until we feel it is no longer needed, or until such time as you request your data is removed.
1.11 Your rights
You have the right to know what information we are collecting on you, and to amend it if it is inaccurate.
If you feel for some reason we have information we should not be keeping, or it is out of date or otherwise wrong, please let us know and we will take appropriate action.
Most of the information we hold is not based on your individual consent but is based on our needing the information to run our business and provide our products and services.
If you want to know what information we have about you (if any) email us at the email address set out above and give us your name, email address(es) and we will happily do a search and let you know what information we hold on you and how we are using it/have used it.
You have a “right to be forgotten” – but that does have some legal limits to it. If you want us to remove information about you, let us know. If you have been a customer, we may not be able to remove all data as we will have to ensure that we can continue to comply with legal, accounting, taxation and our insurer’s requirements.
1.12 Complaints
If you have a complaint about the way we are handling your information or how we have responded to a request for information or removal, you can take this up in the first instance by emailing us at the email address set out above.
If we can’t sort it out, the relevant supervisory authority for us is the Information Commissioner for the UK. You can contact them here.
1.13 Cookies
For information about cookies and how we use them, please see our cookie policy, linked in section 2, Table, above and section 2 below.
Section 2 – Cookies on this website
2.1 Personal data collected
Navigation data, Cookie and IP: By Google
Personal Information: Email and Password, address, phone number and delivery address by this website and Mailerlite
2.2 Use of the data
Analytics: By Google
Registration: By this website
Shipping: By this website
Mailing: By this website and Mailerlite
2.3 Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
2.4 Registration on this website
If you request a password reset, your IP address will be included in the reset email.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
2.5 Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
2.6 Anti Spam
This site uses Recaptcha to reduce spam. Visitor comments may be checked through an automated spam detection service.
2.7 Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
2.8 Google Analytics
The website analytics service provided by Google also uses cookies to help the website analyse how the site is used. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and Internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.
Aggregate information. When you use our site, we may collect tracking information such as your browser type, the type of operating system you use, the domain name of your Internet service provider, and pages visited on the site. None of this information identifies you personally; we collect it for aggregate reporting on site activity.
2.9 Embedded content from other websites
We do share links from third-party websites. When you visit a page containing such content, you may be presented with cookies from these websites. Our website does not control the dissemination of these cookies and you should check the relevant third party’s website for more information
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
About Cookies.
Cookies are small text files that are placed on your computer or mobile phone when you browse websites.
These are ways in which cookies can be useful to you or the website owner:
- Speed up how quickly the site loads if you come back (caching)
- Analyse how popular pages and posts are (analytics)
- Track the user journey from arriving on site to leaving – so it can be seen what is popular and what content is working
- Identify if advertising and/or social media brought the visitor to the site
- See who goes to the shopping cart for the first time (and identify if there were problems at the checkout stage)
- Work out which sites are sending visitors to the website
- Track purchases from affiliates to give them their commission
- Remember returning visitors and customers
Your browser does not need to accept cookies in order for you to view websites. However, the functionality of websites can be improved if your browser is set to accept cookies. Cookies stored by websites do not contain any personally identifiable information.
Here are three clearly defined types of cookies:
- Session cookies – allow websites to link the actions of a user during a browser session. remembering what a user has put in their shopping basket as they browse around a site. These session cookies expire after a browser session so would not be stored longer term.
- Persistent cookies – are stored on a users’ device in between browser sessions which allows the preferences or actions of the user across a site (or in some cases across different websites) to be remembered.
- First and third-party cookies – Whether a cookie is ‘first’ or ‘third’ party refers to the website or domain placing the cookie. First party cookies in basic terms are cookies set by a website visited by the user – the website displayed in the URL window. Third party cookies are cookies that are set by a domain other than the one being visited by the user. If a user visits a website and a separate company.
Other definitions:
- Google Analytics is a web analytics service provided by Google, Inc. Google Analytics sets one or more cookies in order to evaluate use of websites and compile a report.
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit www.aboutcookies.org and www.allaboutcookies.org.The Information Commission has provided official guidance on cookies, which can be found here.
