Colour Consultancy Privacy Policy
Last Updated: 03-Jul-2023
Version 1.0
2. Introduction and scope of this policy
4. The information we collect indirectly from individuals
4.1 Cookies and similar technologies
5. The information we collect directly from individuals
5.1 ‘Email me’ form on our website
6. Information we automatically collect
7. Use of social media networks
9. Version control and date of next review
1. Contact details
If you have any queries about this policy, please contact:
Jules Standish
2. Introduction and scope of this policy
This policy describes how personal data is collected, used, and managed when you visit www.colourconsultancy.co.uk.
In addition, we have described how we process personal data relating to the products and services provided by Jules Standish Colour Consultant.
3. Rights of Individuals
When your personal data is processed, you are subsequently a data subject under the definition of UK GDPR and have the following rights:
Your right of access
You have the right to ask us for copies of your personal information.
Your right to rectification
You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure
You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing
You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing
You have the right to object to the processing of your personal information in certain circumstances.
Your right to data portability
You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. However, if you make a request (Subject Access Request), we have one month to respond to you.
The complete guide of the UK GDPR, including your rights (Part 3, Chapter 3), can be found here:
https://www.legislation.gov.uk/ukpga/2018/12/contents
4. The information we collect indirectly from individuals
4.1 Cookies and similar technologies
Purpose and the lawful basis for processing
Cookies are text files placed on your computer by websites you visit. They are widely used to make websites work, work more efficiently, and provide information to the owners of the site. For example, our website uses cookies when a user accesses our website.
Please click on the link below for general information about cookies:
https://www.aboutcookies.org/cookie-faq
https://www.allaboutcookies.org
When users first visit our website, they are presented with options to manage their cookie preferences.
The lawful basis we rely on to process your personal data is Article 6 (1) (a), based on consent received from the website visitor the first time they visit our website.
Where consent is not technically possible, the lawful basis we rely on to process your personal data is Article 6 (1) (f), which allows the necessary processing required for our website to perform.
We use third-party software on our website. Please refer to section under ‘Third-party software’, WordPress and Google, in this policy for further information.
Our cookies:
Rights of individuals
You can re-set your cookies preferences whenever you visit our website.
Please refer to the Rights of Individuals in this policy for further information about your rights concerning your personal data.
4.2 Plugins
Our site uses plugins for the following purposes:
- To facilitate our contact form
- To provide a cookie notice to inform users that our site uses cookies and to provide them with control options
- Protect and secure our website (Anti-virus, Firewall and Malware Scan)
- Super-fast caching
- SEO solution, including on-page content analysis, XML sitemaps
Where consent is not technically possible, the lawful basis we rely on to process your personal data is Article 6 (1) (f), which allows the necessary processing required for our website to perform.
We have not provided the plug-in authors within this policy, as we may change or review the website plugins that we use to manage our website. If you have any questions about the plugins we use, or would like further information, please contact jules@colourconsultancy.co.uk
5. The information we collect directly from individuals
5.1 ‘Email me’ form on our website
Purpose and the lawful basis for processing
The ‘email me’ form on the website allows individuals to email Jules Standish.
The lawful basis we rely on to process your personal data is Article 6 (1) (a), which allows us to process personal data based upon your consent.
The lawful basis we rely on to further process your data is Article 6 (10 (f), which allows us to process personal data based on a legitimate interest assessment. For example, to contact you with relevant information that we consider to be of interest to you.
The personal data collected
The name, contact details, plus optional message of the individual submitting the form is collected. This information is used to receive and reply to emails submitted via the website.
How personal data is stored and processed
Your contact information is received via our email system (Microsoft Outlook). The processing of your personal data outside the UK/EU/EEA may occur. In such a case, the appropriate safeguards to protect personal data the transfer and processing of personal data are required.
You can find out more information on Microsoft’s Privacy Policy here: https://privacy.microsoft.com/en-gb and in particular their pledge regarding storing and processing EU data in the EU.
Retention Periods
We retain your contact details for as long as required to respond to your enquiry. In addition, we will retain your personal contact details for as long as necessary to facilitate communication.
Rights of individuals
You have the right to withdraw consent at any time.
Please refer to the Rights of Individuals in this policy for further information about your rights concerning your personal data.
5.2 Consultancy Services
Purpose and the lawful basis for processing
To deliver and manage the consultancy services we offer, we generally process personal data for the following reasons:
- To set up a new client (Article 6 (1) (b), to fulfil a contract, including pre-contractual arrangements)
- To provide the agreed consultancy services (Article 6 (1) (b), to fulfil a contract, including pre-contractual arrangements)
- To collect and recover money (Article 6 (1) (f), legitimate interests)
- To facilitate communication – including changes to terms, privacy policy (Article 6 (1) (c), legal obligation or (Article 6 (1) (f), legitimate interests depending on type of communication)
- To request feedback (Article 6 (1) (f), legitimate interests)
The personal data collected
- Contact data – (first name, surname, address, email, delivery and billing address, phone number)
- Financial data – (bank account and other payment details)
How personal data is stored and processed
We use the Microsoft suite to manage our business processing. The processing of your personal data outside the UK/EU/EEA may occur. In such a case, the appropriate safeguards to protect personal data the transfer and processing of personal data are required.
For information on Microsoft’s Privacy Policy here: https://privacy.microsoft.com/en-gb and in particular their pledge regarding storing and processing EU data in the EU
Retention Periods
We retain records relating to our consultancy services, including invoicing information, for 7 years.
Rights of individuals
You have the right to withdraw consent at any time.
Please refer to the Rights of Individuals in this policy for further information about your rights concerning your personal data.
6. Information we automatically collect
When you visit our website, we automatically collect information from your web browser to retrieve the page from the server (unless disabled/masked by third party software). Information about your devise is required to display the correct format (e.g., mobile pages). The information we collect:
- Your IP address and location derived from the IP address
- Internet or other electronic network activity information, like the referring websites or services
- The time and date of each access
- Device settings, such as browser type, operating system, and language
- Cookie information (please refer to our ‘Cookies and similar technologies section’)
7. Use of social media networks
7.1 Instagram
Data Controller for Instagram: Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland
Purpose and the lawful basis for processing
The purpose of our corporate presence is for communication and information sharing with existing and potential customers regarding our products and services.
We generally have no influence or control of your personal data by Instagram; therefore, we cannot make any clauses or statements regarding the purpose and scope of the processing of your data.
The processing of your personal data outside the UK/EU/EEA may occur. In such a case, the appropriate safeguards to protect personal data the transfer and processing of personal data are required.
For information on Instagram’s Privacy Policy here:
https://help.instagram.com/519522125107875/?maybe_redirect_pol=0
Refer to the section: ‘how do we operate and transfer data as part of our global services’ for Instagram’s reference to International Transfers.
Every individual is free to use Instagram and engagement is based on consent.
The personal data collected
Generally, we only use Instagram to engage with people interested in our products, share content, and promote the products (e.g., books) and services we promote and sell.
We may provide information and communicate with individuals via Instagram, which may also display on our company website. If you carry out an action on our Instagram account (e.g., comments, liked, contributions, etc.), you may make personal data (e.g., name, photo, user profile, comments) public.
How personal data is stored and processed
We generally do not influence or control your personal data managed by the data controllers, Instagram.
Personal data stays within the platform unless we agree to pursue mutually agreeable communication outside the online environment. In this instance, we may transfer your contact details to our central contact database as a prospect with the possibility of maturing to a customer.
Retention Periods
We generally have no influence or control of your personal data stored by the data controller, Instagram.
If we continue communication beyond the Instagram platform, we will only retain your personal data to facilitate communication regarding our products and services.
Rights of individuals
For further information on how Instagram processes your personal data, including your rights using the Instagram platform, please click here:
https://help.instagram.com/519522125107875
7.2 Twitter
Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland
Purpose and the lawful basis for processing
The purpose of a Twitter presence on our website is for communication and information sharing, and as an engagement/networking tool.
For information on Twitter’s Privacy Policy here: Please refer to Twitter’s Privacy Policy, ‘Our global Operations and Data Transfers’.
The processing of your personal data outside the UK/EU/EEA may occur. In such a case, the appropriate safeguards to protect personal data the transfer and processing of personal data are required.
For information on Twitter’s Privacy Policy here:
https://twitter.com/en/privacy
Every individual is free to use Twitter, and engagement is based on consent.
The personal data collected
We may provide and share information and communicate with individuals via Twitter, which may also display on our company website. If you carry out an action on our Twitter account (e.g., comments, likes, contributions, etc.), you may make personal data (e.g., name, photo, user profile, comments) public.
How personal data is stored and processed
We generally have no influence or control of your personal data by the data controller, Twitter; therefore, we cannot make any clauses or statements regarding the purpose and scope of the processing of your data.
Retention Periods
We generally have no influence or control of your personal data stored by the data controller, Twitter.
Rights of individuals
For further information on how Twitter processes your personal data, please click here:
https://twitter.com/en/privacy
7.3 Facebook
Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland
Purpose and the lawful basis for processing
The purpose of a Facebook presence on our website is for communication and information sharing, and as an engagement/networking tool.
The personal data collected
We may provide and share information and communicate with individuals via Facebook, which may also display on our company website. If you carry out an action on our Facebook account (e.g., comments, likes, contributions, etc.), you may make personal data (e.g., name, photo, user profile, comments) public.
We generally have no influence or control of your personal data by Facebook; therefore, we cannot make any clauses or statements regarding the purpose and scope of the processing of your data.
The processing of your personal data outside the UK/EU/EEA may occur. In such a case, the appropriate safeguards to protect personal data the transfer and processing of personal data are required.
For further information on how Facebook processes your personal data, please click here: https://en-gb.facebook.com/policy.php
Please also see our policy regarding marketing which includes Facebook.
How personal data is stored and processed
We generally have no influence or control of your personal data by the data controller, Facebook; therefore, we cannot make any clauses or statements regarding the purpose and scope of the processing of your data.
Retention Periods
We generally have no influence or control regarding your personal data retention periods by the data controller, Facebook.
Rights of individuals
For further information on how Facebook processes your personal data, please click here: https://en-gb.facebook.com/policy.php
8. Third-party software
We use third-party software and providers to process personal data.
8.1 Amazon
We use Amazon to sell and promote our books. Amazon operates globally and we sell in global markets.
We do not process personal data when you purchase directly from Amazon. We may gather statistical information via the Amazon platform, but this relates to sales performance (not based on an individual’s personal data).
For information on how Amazon processes your personal data, please click here for UK visitors and US visitors.
8.2 Goodreads
On our website we may share the link to Goodreads to allow website visitors to find our products on the website, Goodreads. We do not store or share any personal data.
For information on Goodread’s Privacy Policy, please click here:
https://www.goodreads.com/about/privacy
8.3 Google
Google maintains servers around the world and your information may be processed on servers located outside the UK/EU/EEA. In such a case, the appropriate safeguards to protect personal transfer and processing of personal data is required. For information on Google’s Privacy Policy here: Please refer to Google’s Privacy Policy, and specifically Google’s Legal Frameworks for Data Transfers
To opt out of being tracked by Google Analytics across all websites, visit:
https://tools.google.com/dlpage/gaoptout
8.4 John Hunt Publishing
Book titles sold under the author’s name Jules Standish are published by John Hunt Publishing.
For information on John Hunt Publishing’s privacy policy, click here:
https://www.johnhuntpublishing.com/privacy-policy/
8.5 Microsoft 365
We use Microsoft Office 365 to process personal data, for example Outlook. The processing of your personal data outside the UK/EU/EEA may occur. In such a case, the appropriate safeguards to protect personal data the transfer and processing of personal data are required.
For information on Microsoft’s Privacy Policy, click here: https://privacy.microsoft.com/en-gb and in particular their pledge regarding storing and processing EU data in the EU
8.6 YouTube
We may share video content using YouTube on our website. The processing of your personal data outside the UK/EU/EEA may occur. In such a case, the appropriate safeguards to protect personal data the transfer and processing of personal data are required.
For information on Microsoft’s Privacy Policy, click here:
https://www.youtube.com/intl/ALL_uk/howyoutubeworks/our-commitments/protecting-user-data/
8.7 WordPress
Our website is built using WordPress, which uses cookies, or tiny pieces of information stored on your computer, to verify who you are. There are cookies for logged in users and for commenters.
Please see complete information on WordPress cookies here:
https://wordpress.org/support/Article/cookies/
9. Version control and date of next review
This policy was published May 2022
The current version number is 1.0
The date of our next formal review of this policy is: April 2022
From time to time, we may update the third-party links if they have changed, correct grammatical errors, or make minor improvements. We will adjust the version number and publish the new version in this instance.
When we review our policy in depth or introduce a change in processing, we will update the version number, publish the new version, and issue a communication (e.g., a blog update, note on website, email).
10. How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us by emailing: jules@colourconsultancy.co.uk
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org