2. The Data Protection Bill 2017
3. Purpose of data
The data we collect is the data required to provide professional services to customers, communicate with members and provide them with safe and effective support.
4. Disclosures – Sharing of data
We may disclose your personal information (including to trusted third parties) for the purposes for which is primarily held or for a related secondary purpose and in some cases we may disclose information without your consent. Your personal and sensitive information may be disclosed to sophietully.com employees, sophietully.com representatives, service providers we use to deliver aspects of our service such as payment management, clinic software or email facilities.
Data is shared upon request on behalf of a customer with external companies that provide complementary services and support.
Data is shared internally with administrators for the purpose of managing the business and customer needs as well as verifying payments and refunds.
5. Legacy data
Legally all clinic notes and documentation gathered, created and stored in relation to the support provided by sophietully.com is kept on record for at least 6 years following the ceasetion of active support. Customers can request to access their data at any point during this time.
6. Device specific data
The following information may be collected through your device and browser:
· Your devices IP address (collected and stored in an anonymized format)
· Your email address including first name and surname
· Device screen size
· Device type (unique identifiers) and browser information
· Geographic location (country only)
· Preferred language used to display the webpage
7. Digital Log data
Our servers automatically record information which is created using our software. Data includes:
· Referring domain
· Pages visited
· Geographic location (country only)
· Preferred language used to display information
· Date and time when pages were accessed or created
By choosing to work with sophietully.com, customers consent to receive information relating to the activities of sophietully.com in the form of newsletters, regulatory updates, upcoming webinars, events, special offers and information relevant to the services provided.
9. Opting out
Opt out mechanisms are in place on all sophietully.com mailings and communications. Users can choose to opt out at any time by clicking the opt-out button at the bottom of mailings or emailing sophietully.com directly with a request to opt out.
10. Use Made of Personal Information
Personal information provided to sophietully.com will be used for the purposes of providing services to our customers. Any personal information which is collected by the sophietully.com will be used by the sophietully.com only in accordance with current data protection legislation.
Processing personal data may entail sharing the information with employees, contractors, agents and professional advisors and regulators of the sophietully.com.
Written agreements exist between the sophietully.com and such parties that there must be no further disclosure of such personal data.
12. Verifying, updating and amending your personal information
If, at any time, a user wants to verify, update or amend their personal data they may write to:
Verification, updating or amendment of personal data takes place within 10 working days
13. Storage of personal data
Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
14. Processing of data
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
A “cookie” is a small text file that is placed on a user’s computer hard drive by a website. There are several types of cookie and the most common are often referred to as ‘session’ cookies. These are used to keep track of information needed by a user as they travel from page to page within a website. These cookies have a short lifetime and expire within a few minutes of the user leaving the site.
Other types of cookies can be used to track internet activity after the user has left a website. These are usually sponsored by organisations external to the website being visited and are generally known as ‘third party’ cookies. These usually have a long lifetime with several months being quite common. They are ‘harvested’ and ‘refreshed’ whenever the user visits a page where the same or a similar cookie is being used.
Internet browsers normally accept cookies by default; however, it is possible to set a browser to reject cookies. If this is done it is important not to exclude the benign and useful session cookies. Choose an option that rejects all third party and long lived cookies.
16. Links to Third Party Websites
The sophietully.com is not responsible for the privacy policies of third party websites. sophietully.com advises users to read the privacy policies of other websites before registering any personal data.
sophietully.com holds your personal data in accordance with the security provisions of the UK data protection legislation. If you have any questions about security please contact the sophietully.com on firstname.lastname@example.org
18. Notification of Changes
Users have the right to ask the sophietully.com, in writing, for a copy of all the personal data held about them upon payment of a fee (“subject access request”) and to request that the sophietully.com correct any inaccuracies in that information.
19. Your rights over your data
You have the right to rectify, amend, correct or erase your data except where there is a legal basis for refusal.