Understanding GDPR Compliance
Our approach: We have always treated your data and your privacy with respect and are committed to doing so ongoing. We hold that increased transparency and more mindful consideration of what data is collected and why will benefit the industry overall. We welcome updating our site in ways that encourage better transparency that site visitors what and seek to build long-term and trusted relationships.
Seeking to be compliant with the new GDPR requirements, we have updated this Privacy Policy and how we use personal data to meet the most recent guidance from the Information Commissioner’s Office (ICO).
The data types that we collect about you
* Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
* Identity Data includes: first name, last name, username or similar identifier, title, photos or other images.
* Contact Data includes: billing address, delivery address, email address and telephone numbers, and any social media accounts used to contact us.
* Financial Data: At this time we do not take online payments. Which means that your financial data such as bank account and payment card details are not recorded or stored.
* Transaction Data includes: details about payments to and from you and other details of products and services you have ordered or commissioned from us.
* Technical Data includes: internet protocol (IP) address, your login data, browser type and version, time zone setting and geolocation, browser plug-in types and versions, operating system and platform and other technology on the devices you chose to use to access this website.
* Profile Data includes: any username and password to access our systems, commissions, requests, or orders made by you, your interests, preferences, feedback, comments and survey responses.
* Usage Data includes: information about how you use our site, products, informational content, and services.
* Marketing and Communications Data includes: your chosen preferences in receiving marketing messages from us and any third parties disclosed to you and your communication preferences.
* We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose to serve you better. Aggregated Data may be derived from your personal data but is not classified as personal data in law as this data does not directly or indirectly disclose your identity.
Hill Web does not accrue any Special Categories of Personal Data about you or any information as to criminal convictions and offenses.
How we use your personal data
We make every effort to only use your personal data as pertains to the law. Most commonly, we will use your personal data in the following circumstances:
Where we need to perform the contract services that we are about to enter into or have already entered into with you or with a Customer.
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override the same interests.
Where we need to comply with a legal or regulatory obligation.
Generally, we don't depend on consent as a legal basis for processing your personal data other than when sending you marketing or third-party direct marketing communications via email or text message. You have the right to withdraw consent to marketing communications at any time by contacting Hill Web Creations or by stating your preference to ‘unsubscribe’ in any communication you receive from us.
Both benefits and risks in any auctioning process exist in paid search, notably, click fraud. We take commercially reasonable steps to monitor our paid ad placements so that don’t fall prey to the risks of click fraud and work to prevent it where we can possibly do so per client agreement.
We do not rely on user-generated content (UGC) for creating our articles and posts. However, we do allow people to post their own reviews and comments in their own words. We do not endorse any person or brand that may have commented or be shown in a published image on our site, an off-site article, or in social media. Many times a photographer is unknown; we respect image copyrights and seek clearances when possible and within our knowledge per posted source requests.
Some content or web applications, including advertisements, on the Website, are provided by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may by using cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you on our website. The information they collect may be related with your personal information or they may collect data, including personal information, about your online actions over time and across different websites and other online services. They may apply this information to afford you with interest-based (behavioral) advertising or other targeted content.
We do not control any third parties’ tracking technologies engaged to help you or how they may be used. If you have any questions or comments about such advertisements or other targeted content, you should contact the responsible provider directly.
If you choose not to provide personal information
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with our business services). In such a scenario, we may have to cancel an order or service you have with us but we will notify you if this comes up.
Overview of Your Rights under GDPR
Under the GDPR, you have:
* the right to request access to, deletion of or correction of, your personal data held by this site;
* the right to complain to a supervisory authority;
* be informed of what data processing is taking place;
* the right to restrict processing;
* the right to data portability;
* object to the processing of your personal data;
* rights with respect to automated decision-making and profiling.
Definitions to Assist Your Understanding of the GDPR
For the purposes of the Clauses:
(a) 'personal data', 'special categories of data', 'process/processing', 'controller', 'processor', 'data subject' and 'supervisory authority' shall have the same meaning as in Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data; [If these Clauses are governed by a law which extends the protection of data protection laws to corporate persons, the words “except that, if these Clauses govern a transfer of data relating to identified or identifiable corporate (as well as natural) persons, the definition of "personal data" is expanded to include those data” are added.]
(b) 'the data exporter' means the controller who transfers the personal data;
(c) 'the data importer' means the processor who agrees to receive from the data exporter personal data intended for processing on his behalf after the transfer in accordance with his instructions and the terms of the Clauses and who is not subject to a third country's system ensuring adequate protection within the meaning of Article 25(1) of Directive 95/46/EC; [If these Clauses are not governed by the law of a Member State, the words "and who is not subject to a third country's system ensuring adequate protection within the meaning of Article 25(1) of Directive 95/46/EC" are deleted.]
(d) 'the subprocessor' means any processor engaged by the data importer or by any other subprocessor of the data importer who agrees to receive from the data importer or from any other subprocessor of the data importer personal data exclusively intended for processing activities to be carried out on behalf of the data exporter after the transfer in accordance with his instructions, the terms of the Clauses and the terms of the written subcontract;
(e) 'the applicable data protection law' means the legislation protecting the fundamental rights and freedoms of individuals and, in particular, their right to privacy with respect to the processing of personal data applicable to a data controller in the Member State in which the data exporter is established;
(f) 'technical and organizational security measures' means those measures aimed at protecting personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.
To enforce any of your foregoing rights or if you have additional questions about Our Site or this Privacy Policy, please contact us using the details set out in below. Remember, you can use the controls we highlight in our updated policy to limit the information we collect about you or how we use it. You have the final word as to whether and how we process your personal data.
We know that people who read our site place their trust in us and we will continue working to earn it. Feel free to email us your feedback at jeannie@hillwebcreations.com.
Thank you for your trust and for partnering with Hill Web Creations!