We (Caroline Roberts) are committed to protecting and respecting your privacy.
Our Privacy Notice tells you what we do with your personal data, why we use it, who we share
it with and how long we keep it. As it’s your data you have the right to know what happens
with it. The types of data that we hold about you and how long we keep it, will depend on
your relationship with us and the reasons why we have it.
This policy sets out the basis on which any personal data we collect from you, or that you
provide to us, will be processed by us. Please read the following carefully to understand our
views and practices regarding your personal data and how we will treat it.
For the purpose of the General Data Protection Regulations and Data Protection Act 2018 (the
Act), the data controller is Caroline Roberts of email@example.com.
Our nominated representative for the purpose of the Act is Caroline Roberts who is
contactable on firstname.lastname@example.org.
HOW DO WE GET INFORMATION?
Most of the personal information we process is provided to us directly by you for one of the
- You have made an information request to us.
- You booked an appointment or booked to attend / have attended an event.
- You subscribe to our digital newsletter.
- You visited our website and made an account with us, used an online form or commented
on a blog post.
- You engaged with us on social media.
- You commented or reviewed on one of our products or services.
- You ordered a product or service from Caroline Roberts and financial information was
taken to fulfil the order.
- You have applied for a job / secondment / internship / apprenticeship with us.
- You are representing your organisation to make an enquiry.
- You have completed a survey or competition that we are delivering or supporting.
- You have supplied personal information for the purposes of an article I was writing.
We also receive information indirectly
- Details of your visits to our site [including, but not limited to, traffic data, location data,
device model and version, operating system, weblogs and other communication data,
whether this is required for our own billing purposes or otherwise] and the resources that
- From time to time, we may receive personal information about you from third party
sources – for example, partners with whom we offer co-branded services or events, or
engage in joint marketing activities, publicly available sources such as social media
websites, or publications for which we are working.
Our website is not intended for or targeted at children under 16, and we do not knowingly or
intentionally collect information about children under 16. If you believe that we have
collected information about a child under 16, please contact us at
email@example.com, so that we may delete the information.
IP ADDRESSES / LOG FILES
When you use our services our view content provided by us, we automatically collect
information about your computer hardware and software. This information can include your
IP address, browser type, domain names, internet service provider (ISP), the files viewed on
our site (e.g., HTML pages, graphics, etc.), operating system, clickstream data, access times
and referring website addresses. This information is used by Caroline Roberts to provide
general statistics regarding use of the Caroline Roberts website. This is statistical data about
our users’ browsing actions and patterns and is not used to identify any individual.
WHERE WE STORE YOUR PERSONAL DATA
The data that we collect from you may be transferred to, and stored at, a destination outside
the European Economic Area (EEA). It may also be processed by staff operating outside the
EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other
things, the fulfilment of your order, the processing of your payment details and the provision
of support services. By submitting your personal data, you agree to this transfer, storing or
processing. Caroline Roberts will take all steps reasonably necessary to ensure that your data
[All information you provide to us is stored on our secure servers. Any payment transactions
will be encrypted [using SSL technology].] Where we have given you (or where you have
chosen) a password which enables you to access certain parts of our site, you are responsible
for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure.
Although we will do our best to protect your personal data, we cannot guarantee the security
of your data transmitted to our site; any transmission is at your own risk. Once we have
received your information, we will use strict procedures and security features to prevent
USES MADE OF THE INFORMATION
We use information held about you in the following ways:
- To ensure that content from our site is presented in the most effective manner for you
and for your device.
- To provide you with information, products or services that you request from us or which
we feel may interest you, where you have consented to be contacted for such purposes.
- To carry out our obligations arising from any contracts entered in to, between you and us.
- To allow you to participate in interactive features of our service, when you choose to do
- To notify you about changes to our service.
SHARING YOUR INFORMATION
We never sell Personal Information to any third party
We use data processors who are third parties who provide elements of services for us. We
have contracts in place with our data processors. This means that they cannot do anything
with your personal information unless we have instructed them to do it. They will not share
your personal information with any organisation apart from us. They will hold it securely and
retain it for the period we instruct. For example, we use a third-party service, Google
Analytics, to collect standard internet log information and details of visitor behaviour
We may send information or Caroline Roberts content to you which we think may be of
interest to you by post, email, or other means and send you marketing communications
relating to our business.
We may promote use of our services to you and share promotional and information content
with you in accordance with your communication preferences.
We may provide other companies with statistical information about our users — but this
information will not be used to identify any individual user;
We may send information to you regarding changes to our Privacy Notice, other legal
agreements OR to meet legal requirements. The data privacy law allows this as part of our
legitimate interest in understanding our customers and providing the highest levels of service.
Of course, if you wish to change how we use your data, you’ll find details in the ‘Your Rights’
We may, from time to time, contact you on behalf of external business partners about a
particular offering that may be of interest to you. In those cases, we do not transfer your
Personal Information to the third party.
[We do not disclose information about identifiable individuals to our advertisers, but we may
provide them with aggregate information about our users (for example, we may inform them
that 500 men aged under 30 have clicked on their advertisement on any given day). We may
also use such aggregate information to help advertisers reach the kind of audience they want
to target (for example, women in SW1). We may make use of the personal data we have
collected from you to enable us to comply with our advertisers’ wishes by displaying their
advertisement to that target audience.]
LEGAL BASIS FOR PROCESSING PERSONAL INFORMATION (EEA VISITORS)
Our legal basis for collecting and using the personal information described above will depend
on the personal information concerned and the specific context in which we collect it.
However, we will normally collect personal information from you only where we have your
consent to do so, where we need the personal information to perform a contract with you,
or where the processing is in our legitimate interests and not overridden by your data
protection interests or fundamental rights and freedoms. In some cases, we may also have a
legal obligation to collect personal information from you.
If we ask you to provide personal information to comply with a legal requirement or to
perform a contract with you, we will make this clear at the relevant time and advise you
whether the provision of your personal information is mandatory or not (as well as of the
possible consequences if you do not provide your personal information). Similarly, if we
collect and use your personal information in reliance on our legitimate interests (or those of
any third party), we will make clear to you at the relevant time what those legitimate interests
We may disclose your personal information to third parties:
- If we (or our assets) are acquired by another company, whether by merger,
acquisition, bankruptcy or otherwise, that company would receive all information
gathered by Caroline Roberts on the websites and through service provision. In this
event, you will be notified via email and/or a prominent notice on our website, of any
change in ownership, uses of your Personal Information, and choices you may have
regarding your Personal Information.
- We reserve the right to use or disclose your Personal Information if required by law or
if we reasonably believe that use or disclosure is necessary to protect our rights,
protect your safety or the safety of others, investigate fraud, or comply with a law,
court order, or legal process.
As we are processing your personal data for our legitimate interests as stated above, you have
the right to object to our processing of your personal data. There are legitimate reasons why
we may refuse your objection, which depend on why we are processing it.
You have the right to ask us not to process your personal information. You can exercise your
right to prevent marketing use of your Personal Information by checking tick boxes on the
forms we use to collect your data. You can also exercise the right at any time by contacting
us at firstname.lastname@example.org.
Our site may, from time to time, contain links to and from the websites of our partner
networks, advertisers and affiliates. If you follow a link to any of these websites, please note
that these websites have their own privacy policies and that we do not accept any
responsibility or liability for these policies. Please check these policies before you submit any
personal data to these websites.
HOW WE PROTECT YOUR PERSONAL INFORMATION
We know how much data security matters to all our customers. With this in mind we will treat
your data with the utmost care and take all appropriate steps to protect it.
We secure access to all transactional areas of our websites using ‘https’ technology.
Access to your personal data is password-protected, and sensitive data such as payment card
information) is secured to ensure it is protected.
We regularly monitor our system for possible vulnerabilities and attacks.
RETENTION OF PERSONAL INFORMATION
How long we keep information we collect about you depends on the type of information. as
described in further detail below. After such time, we will either delete or anonymize your
information or, if this is not possible, then we will securely store your information and isolate
it from any further use until deletion is possible.
We retain Personal Information that you provide to us where we have an ongoing legitimate
business need to do so (for example, as long as is required in order to contact you about a
service you have signed up to, or as needed to comply with our legal obligations, resolve
disputes and enforce our agreements).
When we have no ongoing legitimate business need to process your Personal Information,
we securely delete the information or anonymise it or, if this is not possible, then we will
securely store your Personal Information and isolate it from any further processing until
deletion is possible. We will delete this information from the servers at an earlier date if you
so request, as described in “To Unsubscribe from Our Communications” below.
HOW TO ACCESS & CONTROL YOUR PERSONAL DATA
Reviewing, Correcting and Removing Your Personal Information
You have the following data protection rights:
- You can request access, correction, updates or deletion of your personal information.
- You can object to processing of your personal information, ask us to restrict processing
of your personal information or request portability of your personal information.
- If we have collected and processed your personal information with your consent, then
you can withdraw your consent at any time. Withdrawing your consent will not affect
the lawfulness of any processing we conducted prior to your withdrawal, nor will it
affect processing of your personal information conducted in reliance on lawful
processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and
use of your personal information. Contact details for data protection authorities in the
UK are available here.
To exercise any of these rights, please contact us at email@example.com, using the
subject title: GDPR Privacy. We will respond to your request to change, correct, or delete your
information within a reasonable timeframe and notify you of the action we have taken.
TO UNSUBSCRIBE FROM OUR COMMUNICATIONS
You may unsubscribe from our marketing communications by clicking on the “unsubscribe”
link located on the bottom of our e-mails, updating your communication preferences, or by
sending us an email at firstname.lastname@example.org with the subject title ‘GDPR Privacy’.
where appropriate, notified to you by e-mail. We regularly review and, where necessary,
update our privacy information.
If we plan to use personal data for a new purpose, we update our privacy information and
communicate the changes to individuals before starting any new processing.
Questions, comments and requests regarding this privacy notice are welcomed and should be
addressed to email@example.com.