Definitions and interpretation
(a) Data: collectively all the information you submit to me via this Website. This definition incorporates, where applicable, the definitions provided in the Data Protection Laws
(b) Cookie: a small text file placed on your computer by this Website when you visit certain parts of this Website and/or when you use certain features of this Website. I set out details of the Cookies used by my Website in the clause below (Cookies)
(c) Data Protection Laws: any applicable law relating to the processing of personal Data, including but not limited to the GDPR, and any national implementing and supplementary laws, regulations, and secondary legislation
(d) GDPR: the UK General Data Protection Regulation
(e) James Paxton Priestley, trading as J.P. Priestley, me, my, or I: James Paxton Priestley, trading as J.P. Priestley, of Aberystwyth, Ceredigion, Wales
(f) UK and EU Cookie Law: the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended by the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 and the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2018
(g) User or you: any third party that accesses this Website and is not either (i) employed by me and acting in the course of their employment, or (ii) engaged as a consultant or otherwise providing services to me and accessing this Website in connection with the provision of such services, and
(a) the singular includes the plural and vice versa
(c) a reference to a person includes firms, companies, government entities, trusts and partnerships
(d) ‘including’ is understood to mean ‘including without limitation’
(e) reference to any statutory provision includes any modification or amendment to it
4. For purposes of the applicable Data Protection Laws, I am the ‘Data Controller.’ This means I determine the purposes for which, and the way, your Data is processed.
5. I may collect some or all of the following Data, which includes personal Data, from you:
(a) personal pronouns
(b) first name
(c) last name
(d) email address, physical address, and telephone number
(e) personal website
(f) business website
(i) social media channels.
How I collect Data
6. I collect Data in the following ways:
(a) data is given to me by you
(b) I receive data from other sources; and
(c) data is collected automatically.
Data that is given to me by you
7. I will collect your Data in several ways, for example:
(a) when you contact me through this Website, by telephone, post, email, or through any other means
(b) when you register with this Website and set up an account to receive my services and products
(c) when you complete any survey that I use for research (although you are not obliged to respond to them)
(d) when you enter a competition or promotion on this Website or through a social media channel
(e) when you make payments to me, through this Website or otherwise
(f) when you elect to receive marketing communications from me
Data that is received from third-party sources
8. I may receive Data about you from the following third-party sources:
(a) any external third-party data source identified via the Analytics and Reports function of the back office of this Website
(b) Google Analytics data accessible through its connection to this Website.
Data that is collected automatically
9. To the extent you access this Website, I will collect your Data automatically, for example:
(a) I automatically collect some information about your visit to this Website. This information helps me make improvements to Website content and navigation, and includes your IP address, the date, times, and frequency with which you access this Website, and the way you use and interact with its content
(b) I will collect your Data automatically via Cookies, in line with the Cookie settings on your browser. For more information about Cookies and how I use them on this Website, see the section below, headed ‘Cookies’.
My use of Data
10. Any or all the above Data may be required by me from time to time to provide you with the best possible service and experience when using this Website. Specifically, I may use Data for:
(a) internal record keeping
(b) improvement of my services and products
(c) transmissions by email of marketing materials you may find of interest
(d) contact for market research purposes which I may undertake using email. I may use such information to customise or update this Website.
11. I may use your Data for the above purposes if I deem it necessary to do so for my legitimate interests. If you are not satisfied with this, you may object in certain circumstances (see the section below, headed ‘Your rights’).
12. For the delivery of direct marketing to you via email, I will need your consent, either through an opt-in or soft opt-in:
(a) a soft opt-in consent is a specific type of consent which applies when you have previously engaged with me (for example, you contact me to ask me for more details about a particular service or product, and I am marketing similar services or products). Under ‘soft opt-in’ consent, I will take your consent as given unless you opt out
(b) for other types of e-marketing, I am required to get your explicit consent, i.e., you need to take positive and affirmative action when consenting by, for example, checking a tick box that I provide
c) if you are not satisfied with my approach to marketing, you may withdraw your consent at any time. To find out how to withdraw your consent, see the section below, headed ‘Your rights’.
13. When you register with this Website and set up an account to receive my services and buy my products, the legal basis for this processing is the performance of a contract between you and me and/or taking steps, at your request, to enter such a contract.
Who I may share Data with
14. I may share your Data with the following groups of people for the following reasons:
(a) any of my group companies or affiliates. To ensure the proper administration of this Website and my business activities
(b) my employees, agents and/or professional advisors. To ensure this Website and my business activities run smoothly and safely, and to get advice from my employees, agents and/or professional advisors
(c) third-party service providers who provide services to me which require the processing of personal data. To assist third-party service providers in receipt of any shared data to perform functions on my behalf to help ensure this Website runs smoothly and safely
(d) third-party payment providers who process payments made via this Website. I may share Data to enable third-party payment providers used by this Website, currently PayPal, to process User payments and refunds
(e) relevant authorities. I may share Data to facilitate the detection of crime or in connection with the collection of taxes and duties.
Keeping Data secure
15. I will use technical and organisational measures to safeguard your Data, for example:
(a) if you set up an account on this Website, access to your account is controlled by a password (known only to you) and a Username that is unique to you
(b) I store your Data on secure servers operated by WIX, an industry-leading website building and hosting company
(c) By using HTTPS connections (Hypertext Transfer Protocol Over Secure Socket Layer), I ensure no one can steal your information when you use this Website. HTTPS allows computers to agree on a ‘code’ between them. They then scramble messages using that ‘code’ so no one in between can read them, keeping your information safe from hackers. The ‘code’ is used on a Secure Sockets Layer (SSL), sometimes known as Transport Layer Security (TLS) to send the information back and forth.
16. Technical and organisational measures include measures to deal with any suspected data breach. If you suspect any misuse or loss or unauthorised access to your Data, please let me know immediately by contacting me via this secure and encrypted email address: J.P.Priestley@pm.me.
More about my Website security: my Website is protected by built-in security measures that comply with the highest industry standards. These included:
(a) SSL Certificate: authenticates my Website's identity and enables an encrypted connection, so Users know they can trust my Website
(b) TLS 1.3 Encryption: encrypts the data on my Website using the latest industry-standard protocols to keep Users' information safe
(c) DDoS Protection: in a DDoS attack, websites are flooded with unwanted traffic and become unavailable. Such malicious traffic is routed away from my Website to keep it always accessible
(d) Level 1 PCI Compliance: my Website complies with the highest global standard for secure online payments, regardless of the payment provider used.
17. If you want detailed information about staying safe online, Get Safe Online provides guidance on how to protect your information, computer, and other devices against fraud, identity theft, viruses, and many other online problems. Visit them at www.getsafeonline.org. His Majesty’s Government and leading businesses support Get Safe Online.
19. Even if I delete your Data, it may persist on backup or archival media for legal, tax, or regulatory purposes.
20. You have the following rights in relation to your Data:
(a) Right to access. The right to request (i) copies of the information I hold about you at any time, or (ii) that I modify, update, or when I delete such information. If I provide you with access to the information I hold about you, I will not charge you for this unless your request is ‘manifestly unfounded or excessive.’ Where I am legally permitted to do so, I may refuse your request. If I refuse your request, I will tell you the reason(s) why.
(b) Right to correct. The right to have your Data rectified if it is inaccurate or incomplete.
(c) Right to erase. The right to request that I delete or remove your Data from my system(s).
(d) Right to restrict my use of your Data. The right to ‘block’ me from using your Data or limit how I can use it.
(e) Right to data portability. The right to request that I move, copy, or transfer your Data.
(f) Right to object. The right to object to my use of your Data including where I use it for my legitimate interests.
21. To make enquiries, or to exercise any of your rights set out above or withdraw your consent to the processing of your Data (where consent is my legal basis for processing your Data), please contact me via this secure and encrypted email address: J.P.Priestley@pm.me.
22. If you are unsatisfied with the way a complaint you make in relation to your Data is handled by me, you may refer your complaint to the relevant data protection authority. For the UK, this is the Information Commissioner’s Office (ICO). You can find the ICO’s contact details on their website at https://ico.org.uk/.
23. It is important that the Data I hold about you is accurate and current. Please keep me informed if your Data changes during the period for which I hold it.
Links to other websites
Changes of business ownership and control
26. I may also disclose Data to a prospective purchaser of my business or any part of it.
27. In the above instances, I will take steps to ensure your privacy is protected.
29. All Cookies used by this Website are used in accordance with current UK and EU Cookie Law.
30. Before this Website places Cookies on your computer, you will be presented with a message bar or box requesting your consent to set those Cookies. By giving your consent to the placing of Cookies, you are enabling me to provide a better experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however, certain features of this Website may not function fully or as intended if you deny consent to the placing of certain Cookies.
31. This Website may place the following Cookies:
(a) Strictly Necessary Cookies (also known as Essential Cookies): these Cookies are required for the operation of this Website. They include, for example, Cookies that enable Users to log into secure areas of this Website, use a shopping cart (if made available), or make use of e-billing services. Users cannot disable them
(b) Analytical/Performance Cookies: these Cookies allow me to recognise and count the number of Users (visitors) and to see how they move around my Website. This helps me to improve the way this Website works, for example by ensuring Users are finding what they are looking for with ease
(c) Functionality Cookies: these Cookies are used to recognise Users when they return to this Website. They collect data to remember choices made by Users, providing them with a more personalised experience
(d) Advertising/Targeting Cookies: these Cookies record visits to this Website by Users, the pages Users have visited, and the links they have followed. I use this information to make this Website and the advertising displayed on it more relevant to the interests of Users. I may also share this information with third parties for this purpose.
32. I give you control over the use of three of the Cookies shown in the table above, i.e., whether you allow their use by me. You cannot disable Strictly Necessary (or Essential) Cookies. You can adjust (and save) your Cookie preferences at any time by clicking on the ‘Cookie Settings’ tab at the bottom left of this Website and where it pops up on the mobile version of this Website.
33. You can choose to enable or disable Cookies in your internet browser. By default, most internet browsers accept Cookies, but this can be changed. For further details, please consult the help menu in your internet browser. You can choose to delete Cookies at any time; however, you may lose any information that enables you to access this Website more quickly and efficiently, including, but not limited to, personalisation settings.
34. I recommend you ensure your internet browser is up to date and that you consult the help and guidance provided by the developer of your internet browser if you are unsure about adjusting your privacy settings.
35. For more information on Cookies, including how to disable them, please refer to aboutcookies.org from Pinsent Masons LLP. You will also find details on how to delete Cookies from your computer.
38. Unless otherwise agreed, no delay, act, or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other right or remedy.
39. This Agreement will be governed by and interpreted according to the law of England and Wales. All disputes arising under the Agreement will be subject to the jurisdiction of the English and Welsh courts.
Signed this 1st day of September 2022.
(Version 1.1. - 3 September 2022)