This website is owned and operated by Nick Nolan trading as Nicky Trix.
We’re committed to protecting and respecting your privacy in line with new EU-wide Data Protection Regulations (GDPR).
This policy explains (hopefully in plain English) how and why we use information you have given us and how we keep it secure. GDPR also gives you new rights and much more control over your personal data. We’ll tell you about all this below as well.
2. How we collect information from you
Obviously we collect information about you when you contact us about products and services. We also collect limited information when you visit our website via cookies. These help us improve and personalise our site. We’ve explained more about both in sections 3 and 4 below.
3. What are cookies and how do we use them
Google Analytics (_ga, _gid, _gat) . Analytics cookies help give anonymous visitor statistics about how our site is used. We can see information like the number of views we get for a particular page on our website so we know what’s popular and what’s not. Your computer’s IP address is used to determine a rough geographical location. However, all third parties like Google have obligations to conform to GDPR and they don’t store or show us any personally identifiable information. You Tube (PREF, YSY). These cookies enable visitors to watch clips of our shows direct from our site.
WordPress (devicePixelRatio). This cookie is used to make sure our site displays properly on your device. It adjusts the pixels depending on your screen size to make sure our website always looks good.
Overall, cookies help us to give you a better website experience. However, if you prefer, you can easily turn cookies off in your browser settings. Here are some links to popular browser’s’ instructions as to ‘how to disable cookies’.
a. Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
b. Chrome: https://support.google.com/chrome/answer/95647?hl=en
c. Opera: http://www.opera.com/help/tutorials/security/cookies/
d. Microsoft Edge: https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy
e. Microsoft Internet Explorer: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
4. How we handle information collected when you contact us about products or services
GDPR requires all businesses to have a lawful basis to process personal data about a customer/prospective customer. The law sets out six different lawful bases to choose from. Business owners have to explain to you how and when we process your data and the legal basis for each occurance. Currently our processing fits into three of the six available bases. ‘Contractual’ basis – this is when processing you data is obvious and necessary, for example you submit an enquiry and ask us to get back to you or you contact us to book a show. Please be assured, we will only use this data for the purposes of offering relevant services to you.
‘ Legitimate Interests’ basis – we may contact you again after we have provided our services. For example we might email you in the future to remind you about our services. The law says businesses cannot send marketing emails or texts to individuals
without specific consent. However, there is a limited exception if you are a previous customer as long as we only contact you about the same or similar products. GDPR’s terminology for this is ‘soft opt-in’. Of course we will always give the opportunity to request we never contact you again.
‘ Legal Obligation’ basis – some processing is necessary because we have to comply with the law. For example, when you hire our services. HMRC require us to keep records for at least 5 years.
5. Security of your data
When you give us personal information, we take steps to ensure that it’s treated securely. We will absolutely not share your information with third parties for marketing purposes.
a) When you call, email or contact us via our website or social media, any personal information you give is initially recorded electronically and stored safely.
b) When you book with us we also generate a paper copy for preparation of our annual accounts and tax return. GDPR doesn’t prohibit keeping personally identifiable information on paper but we must take all reasonable steps to make sure it’s stored securely. We confirm that we always adhere fully to the safe storage of your personal data be that electronic or paper.
c) We use Hotmail as our our email provider. Microsoft cloud services like Hotmail are fully compliant with GDPR and emails sent across their servers are end-to-end encrypted by default to prevent other people reading them. See more here – https://www.microsoft.com/en-us/TrustCenter/Privacy/gdpr/default.aspx
d) When you use our website https://www.nicky-trix.co.uk any information you send via our webform will be secure and communications between your browser and the website are encrypted (SSL).
e) Our website is hosted on Commerce Magic servers which are located in the UK.
f) We use a third party CRM (Customer Relationship Management) provider, Giggio. Giggio are fully GDPR compliant. When we enter information into Giggio it is fully Encrypted (SSL). More details are here http://getgiggio.com/DataProcessingTerms.html.
g) If you choose to pay a deposit or any part of our fee by card we use a third party payment processor called Stripe. Stripe’s services in Europe are provided by Stripe Payments Europe located in Ireland. Stripe use banking standard security to process payments and you can read more here
6. Access to your personal information
General Data Protection Regulation (GDPR) provides increased rights for individuals. This is the full list of individual’s rights. They don’t apply in all circumstances. However, if you wish to exercise any of these rights please contact us using the details below and we’ll be happy to help.
● The right to be informed about the processing of your personal information.
● The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed.
● The right to object to processing of your personal information.
● The right to restrict processing of your personal information.
● The right to have your personal information erased (the “right to be forgotten”).
● The right to request access to your personal information and to obtain information about how we process it.
● The right to move, copy or transfer your personal information (“data portability”).
● Rights in relation to automated decision making which has a legal effect or otherwise significantly affects you.
After receiving any request, we will tell you when we expect to provide you with the information, and whether we require any fee for providing it to you. Whilst we’re expected to provide you with a copy of the information free of charge, we can charge a ‘reasonable fee’ if your request is unwarranted.
7. Data retention period
GDPR says we shouldn’t retain your data for longer than is necessary.
We’ll only hold your personal information:-
a) For as long as we have reasonable business needs – like carrying out bookings.
b) To comply with our legal obligations to HMRC – 5 years
8. How you can complain
a. If you are not happy with how we handle your data or you have any complaint then you should tell us by email. Our address is email@example.com.
b. If you are in any way dissatisfied about how we process your personal information, you have a right to lodge a complaint with the Information Commissioner’s Office. This can be done at https://ico.org.uk/concerns/
9. Contact details
You can contact us:
a. by post, to 42 Harding Road, Grays, Essex, RM16 4XD
b. using our website contact form
c. by telephone, on 07970 169923
d. by email, using firstname.lastname@example.org
© nickytrix.co.uk 2018