What Personal Data Is Collected And Why?
Personal data refers to any data that is capable of identifying you. Our website doesn’t really request very much personal data at all – here’s the low down:
Enquiry Data. You will generally only hand over information to us if you would like to make an enquiry about working with b:web on your next web project or one of our other services. The legal grounds for us processing this data is legitimate interests. The web enquiry forms on our website collect your name, email address, phone number (optional) and your enquiry message. This data is transmitted securely by email to our sales team and also stored on our website in a bespoke client portal which includes a secure database (we love writing bespoke client portals – do get in touch if you’d like one for your own business!).
Personal Information Data. When we say personal, it’s not going to be that personal – but we will need some information about your business and details of how to invoice you. The legal grounds for our processing this data is legitimate interest in the fulfillment of our contractual obligation with you or the creation of a future contract with you. The only time we will request any personal data from you will be during the consultation period if you choose to initiate an enquiry and later if you decide to work with us.
Note – Not strictly related to GDPR but many of our clients ask us to sign a NDA which confirms that any confidential business type information remains private – we are always very happy to do this and can also provide an NDA if you wish.
Other. Under GDPR your IP address now constitutes personal data because it could be used to identify you in whole or in part. We love a good IP address so we may record these! The legal grounds for us processing your IP is legitimate interest since this helps to keep our website safe. We process your IP address for security reasons to protect our website for malicious attacks and hacks. We may cross reference your IP with the IPs of blacklisted users and if a match is found we may add your IP to the blacklist and prevent further access to you.
What Non-Personal Data is Collected and Why?
Non personal data data refers to anonymised data.
Statistical Data. Statistical data is collected so that we may provide a fully functioning website that helps our business to communicate core messages to relevant persons. Our legal grounds for us processing this data is legitimate interest. The statistical data that we collect is aggregated and compiled by third-party products like Google Analytics, Google Webmaster and Hotjar. It’s all the data that shows us trends and averages of how our visitors use our website.
The truth is, however, that generally our marketing team is so busy crunching the numbers and statistics of our clients websites (in order to help them be totally awesome) that we don’t often check our own data. Cobblers shoes and all that…
Marketing and Advertising
Email marketing. We may send you marketing communications from us:
1.If you have previously purchased from us.
2. If you requested to receive marketing communications (opted in). At the time of writing this we don’t even offer a sign-up to our own newsletter/marketing on our website!
You will always receive a marketing message with an option to opt out of future marketing messages. If you are a limited company, we may send you marketing emails without your consent. However you can still opt out of receiving marketing emails from us at any time.
Our lawful ground of processing your personal data to send you marketing communications is either your consent or our legitimate interest (namely to grow our business).
We don’t use freelancers or temporary staff to work on any of our projects (we have an awesome in-house team of professionals) and therefore would never provide a person with access to your data without an employment or service contract. We may have to share your personal data with some organisations and these include: our hosting companies, our accountants, insurance companies and we would also have to comply with any Government or legal body that had a right to see our data.
Keeping Your Data
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. The law requires us to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they stop being customers. We would like to make sure that the data we hold about you is accurate and up to date. Please let us know if at any time your personal information changes.
Your Legal Rights
Under data protection laws you have rights in relation to your personal data that include the right to request access, correction, erasure, restriction, transfer, to object to processing, to portability of data and (where the lawful ground of processing is consent) to withdraw consent.
You can see more about these rights at: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
b:web Limited | firstname.lastname@example.org
b:web, 67 Hyde Park Road, Plymouth, Devon, PL3 4JN