Under the General Data Protection Regulation (GDPR) (EU) 2016/679 we have certain obligations, including to ensure you have given us your consent to collect your data and then use it. You also have rights to access, update and asked us to delete the data we hold.
You exercise your rights under the GDPR including any of the following by contacting us using the information in Section 13 below:
- Access: If you wish to have access a free copy of your data
- Deletion: If you would like us to delete your personal data. Please note that there may be circumstances where we are legally entitled to retain it, such as if we are still delivering a contractual obligation. Also note that periodically we will delete your data if you have not engaged with our emails for over 4 months.
- Rectification: If you wish to update or rectify your data.
- Revoke consent: If you wish to object to the processing of your data for direct marketing or online behavioural advertising purposes. For direct marketing you can click on the “unsubscribe” links in any marketing email or newsletter you receive from us.
- Objection to legitimate interests: If you wish to object to our processing of your data where we are pursuing our legitimate interests or those of a third party
If none of this makes sense to you please feel free to get in touch and we would be happy to talk through our interpretation of the GDPR legislation.
1.1 We are DIY DOCTOR LIMITED (referred to as “we”, “us” and “DIY Doctor”) and we are committed to protecting and respecting your privacy when you are visiting any website maintained by us including without limitation the website at www.diydoctor.org.uk and our Facebook, Google+ and Twitter pages and Youtube channel (together the “Website”) or communicating electronically with us.
1.2 This policy explains what types of personal and non-personal information we collect when you use the Website and the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. If you do not agree with this policy, you must cease use of the Website immediately.
1.3 DIY Doctor uses the personal information we collect from you to provide our service to you. We will not rent, sell or share your personal information with any other company for its own marketing purposes without your consent except where mentioned in this policy.
1.4 For the purpose of the Data Protection Act 1998 (the Act) and the General Data Protection Regulation (GDPR) (EU) 2016/679, the data controller is DIY DOCTOR LIMITED of Suite 2 Block 1 Lakeside Business Park, Mells Frome, Somerset BA11 3RH.
1.5 We are also the data processor. To assist in this role and to ensure that you data is processed securely we also use other organisations to act as the data processor. Please contact us for further details about these organisations.
Information We May Collect From You
In order to provide you with the best possible service, we may collect and process the following data about you:
- your name
- your address
- Company details (if relevant
- your email address
- your phone number
Information You Provide Us
2.2 If you register with us and/or through the Website, we may ask you to provide us with certain personal information.
2.3 There may also be opportunities within the Website to provide additional information. We may use the information you provide us along with your browsing details, to provide you with a better experience when using the Website. We will always provide you with the opportunity to opt out of receiving any communication via email.
2.4 We may also ask you for information from time to time including when you report a problem with our Website.
2.5 If you contact us, we may keep a record of that correspondence.
2.6 We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
Usage and Browsing Information
2.7 As part of the standard operation of the Website, we may collect certain non-personal information from you. We may combine this non-personal information with your personal information.
2.8 We may also record details of your visits to and use of the Website including, but not limited to, traffic data, location data, weblogs and other communication data and the resources that you access.
2.9 We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to check aggregate information provided to us by our suppliers. To the extent required we may provide this information to third parties. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
Information You Provide on Third Party Websites
2.10 You might find links to third party websites on the Website. These websites should have their own privacy policies which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.
3.1 We may obtain information about your general internet usage by using a cookie file which is stored on your browser or the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve the Website and to deliver a better and more personalised service. Some of the cookies we use are essential for the Website to operate.
3.5 We use Google Analytics tracking on our website in order to track and maintain our service and ensure that we are providing the best possible service that we can. As part of the Analytics tracking we also make use of the Display Advertising features included with the application. If you do not like/agree with having certain details tracked then you are free to opt out. If you would like to opt out please visit the Ad Settings page of your Google account.
3.6 In light of the above we can confirm that we will not merge any data collected prior to this notice by the DoubleClick cookie unless you have given your consent. If you would like more information on opting out of services provided by Google Analytics please see further information on the Google Analytics opt-out browser add-on.
3.7 In addition to the above we also make use of the Google Analytics Demographic and Interest reporting features. These features enable us to monitor the age, gender and interest information on our visitors. In turn, this information enables us to fine tune our website to provide the best information, help, advice and products to our users so that our users continue to get the best possible use and service from our website.
Where We Store Your Personal Data
4.2 All information you provide to us is stored on our secure servers.
4.3 Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted through our Website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Uses Made of the Information
5.1 We use information held about you in the following ways:
- to ensure that content from the Website is presented in the most effective manner for you and for your computer;
- to provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes;
- to carry out our obligations arising from any contracts entered into between you and us;
- to allow you to participate in interactive features of our service, when you choose to do so; and
- to notify you about changes to our service.
6.1 Our email mailing list is hosted and managed by Infusionsoft whose website can be found at www.infusionsoft.com.
6.2 In our email messages to you which may be distributed through this mailing list, we may provide information from third party providers of products and services which we think may be of interest to you. We will never allow 3rd Parties to access data about you unless specifically requested by you (see paragraph 8).
6.3 If you have subscribed to our email mailing list, but do not wish to receive it in future, please follow the “unsubscribe” instructions contained at the end of all emails.
Forum Area and Advertisements
7.1 When using the DIY Doctor forum data will be collected from you to provide the service.
7.2 In order to bring you offers and information that may be of interest to you, we may allow third parties to place advertisements on the website. If you choose to click on any advertisement, the advertiser may collect non personally identifiable information such as your domain type, your IP address and clickstream information.
Disclosure of Your Information
8.1 We may disclose your personal information to third parties:
- in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
- if DIY Doctor Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets; and
- if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply any agreements we have entered into with you or any third party; or to protect the rights, property, or safety of DIY Doctor Limited, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Credit Cards and Payments
9.1 Credit card details are not recorded, copied or saved by DIY Doctor. All details are destroyed after 7 days in our possession.
9.2 We do not share or sell customer details with any third party under any circumstances except with your explicit permission or instructions to do so.
10.1 The Act gives you the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at firstname.lastname@example.org.
10.2 The Website may, from time to time, contain links to and from the websites of third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Access to Information
11.1 You have the right to access information held about you. Your right of access can be exercised in accordance with the Act. Under GDPR you also have the right to Erasure, Rectification of your data, and to Restrict or Object to our processing of your data. For further information on any of these actions, please contact us using the details provided in section 13 below.
13.2 The Data Protection Officer and Chief Data Security Officer is: James Gardner (email@example.com) 01373 813 438