This Privacy Statement explains what personal data and other information we collect (Alan Hesse; “we”, “our”, “us”), as part of our activities, and how we use or process that information.
We are committed to complying with data protection laws such as the Data Protection Act 2018 (DPA), the EU and the UK General Data Protection Regulations (GDPR) and other applicable laws worldwide. These are referred to in this Privacy Statement as the “data protection legislation”.
Data protection legislation give you various rights regarding the way in which we store and use your information. We tell you more about this below.
Alan Hesse produces books, cartoons, and other resources designed to engage both adults and children in learning about nature and the environment. We are responsible for deciding what we do with your information and how we process it; this makes us the Data Controller.
Get in touch
If you want to know more about what we do with your personal information, or if you want to ask a question, then just drop us a line. If you are under 13 your parent or carer will need to do this. If you are 13 or over, then you can write to email@example.com. However, if you are under 18 years old, we think it would be best if you discussed this with your parent or carer first, and that you copied them into any emails you send.
This Statement may change at any time so please review it from time to time.
Alan Hesse, April 2021
To make it easier for you to review those parts of the Privacy Statement which apply to you, we have divided up the document into sections.
- General – for everyone
- For our customers
- For users of our website (including our younger users)
- Legal bases for using personal data
- General – for everyone
Laws apply to using personal information and everyone has rights regarding how their personal information is handled. We have published this Statement to tell you:
- Your rights as an individual
- What information we collect about you
- How we store your personal information
- What we use your personal information for
- Who (if anyone) we may pass it on to and how they use it
Words and Abbreviations
In this Privacy Statement, when we use the following words or abbreviations, this is what they mean:
|Word or abbreviation||Meaning|
|Customer||An individual who buys goods or services from the company or someone who signs up for services such as a newsletter|
|EEA||European Economic Area – countries in Europe plus Iceland, Lichtenstein, and Norway)|
|Personal data or personal information||Information from which you can be identified. Examples of Personal Data include (but are not limited to) first and last name, physical address, email address, phone number, work history and other contact information.|
|Visitor||An individual visiting our website or our premises|
Your rights under data protection legislation
We will ensure that you can exercise your rights under data protection legislation. Depending in which country you reside, you may have the following rights:
- Right to information – under this right we must provide information to you and demonstrate that we collect and process your personal data fairly. We do this through this Privacy Statement.
- Right to access –the right to confirmation that your data is being processed; access to your personal data; and other additional information.
- Right to rectification – the right to have information about you corrected and / or to challenge us if you think the information we hold is incorrect
- Right to erasure (also known as the right to be forgotten) – the right to have personal data erased from our systems in specific circumstances
- Right to restrict processing – the right, under certain circumstances, to stop us from conducting specific processing of your data
- Right to data portability – you can request a copy of the information you have provided to us in a useful electronic format that another organisation could use
- Right to object – the right to object to us processing your data if we cannot demonstrate legitimate grounds for that processing
- Right to appropriate decision making – should we use automated processing to make decisions about you, you have the right to have a human consider the decision. (We do not use automated decision making at the moment).
- Right to notification – where required, we will notify any third parties that process our data if you exercise your rights to rectify, restrict or erase your data
Should you wish to exercise any of your rights, please contact us on firstname.lastname@example.org. If you are under 13 your parent or carer will need to do this. If you are 13 or over, then you can write to us. However, if you are under 18 years old, we think it would be best if you discussed this with your parent or carer first, and that you copied them into any emails you send.
We try to ensure that the data we collect about you is accurate, complete, and up to date.
How long we keep your information
We only keep your information for as long as we need it or as long as we have to keep it for legal reasons. If you have a specific query regarding how long we retain your information please contact us using the details above.
Where we have requested consent for processing your information (for marketing for example), you have the right to withdraw that consent at any time by contacting us using the details above. You may unsubscribe from marketing emails you receive by following the instructions given at the bottom of the email. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to this, nor will it affect the processing of your information where we rely on lawful processing grounds other than consent.
If you are dissatisfied with the way we have handled your personal data you should contact us using the details below so that we can investigate. Following our response to you, individuals in the UK, the EEA and Switzerland also have the right to complain to a data protection authority. For more information, please contact your local data protection authority (DPA); the contact details for European DPAs can be found here, the Swiss DPA can be found here, and the UK DPA can be found here.
- For our customers
Information we collect from you
- Your name and contact details to deliver our products
- Your name and contact details for marketing with your permission
- When you buy our products, you are directed to external websites such as amazon.com. We do not hold information such as payment card details, these are processed by these external sites.
Additionally, we may collect
- Your name and contact details for customer satisfaction surveys and service information
- Your name, photo, video or story for marketing materials, advertising or press releases or use by the media (with your consent)
- Any information about complaints about our service or other individuals, or incidents
- Your comments about services from us or our suppliers
Where we store your personal information
We are committed to holding your personal information securely. This means only those of our colleagues and contractors that need to see it have access. We do not sell or otherwise provide your details to third parties for their marketing purposes.
If we can store your personal information digitally, we will, however there may be cases where we have paper copies instead, or as well. Where paper copies are used, they are stored securely when out of use, e.g. in locked cupboards or drawers.
Our information is generally processed in the European Economic Area or in the United Kingdom. Occasionally our processors or sub-processors may process information in other countries. Where this happens, we will ensure that the processor is compliant with the data protection legislation including any transfer agreements that incorporate appropriate additional protections such as approved model clauses where necessary.
How we use your personal information
- As above, and generally for providing our services for you
- Keeping in touch with our customers, understanding your needs and preferences, and inviting you to events. If you have consented to receive marketing, you may opt out later. You have a right at any time to stop us from contacting you for marketing purposes.
- Telling you about changes to our services
- Prevention, detection and prosecution of crime
- Quality management
- Informing our staff, contractors or others (as appropriate) about incidents (for example, anti-social behaviour), for their protection
- Other purposes. We may anonymise your information so that it cannot be linked to you. In that case we may use the data for any purpose
Who else we may pass on your information to
Normally, only we will be able to access your personal information. However there may be times when we disclose your details to others, as follows:
- Our suppliers who enable us to provide our services to you, or who provide services on our behalf:
- IT providers who own or manage the computers, phones or systems we use
- Companies that assist us in printing and mailing out our letters, leaflets and newsletters
- Our professional advisors and providers of financial services
- Others who may request information from us for their own purposes:
- For crime prevention or detection, risk assessment, resolution of complaints or other issues
We will not share your personal information with anyone who claims to represent you unless we are satisfied that you have appointed them, or they act in some recognised official capacity.
We may get your information from social media, whether on our own accounts or elsewhere. Where you use our website or social media you grant us an irrevocable, royalty-free, non-exclusive licence, and give us your consent, to copy, use and reproduce any of your contributions for any purpose.
Where a contribution to any social media (whether on our own accounts or elsewhere) constitutes a breach of our terms and conditions, agreements, or laws that apply, we may take the following actions:
- Start legal proceedings against you for reimbursement of all costs on an indemnity basis (including, but not limited to, reasonable administrative and legal costs) resulting from the breach.
- Report you and disclose such information to law enforcement authorities in any jurisdiction as we reasonably feel is necessary.
The responses described in this Privacy Statement are not limited, and we may take any other action we reasonably deem appropriate and we are not obliged to take any action.
- For users of our website (including our younger users)
If you are under 13 years old
If you want to give us your information, for example to receive copies of our newsletter, then your parent or carer will have to do this for you. They can also contact us on your behalf to ask questions about your information.
You can stop receiving the newsletter, or anything else you sign up for, at any time by clicking the link at the bottom of the email you receive. Alternatively, you can ask your parent or carer to contact us and make the request.
Other information we collect from you
We collect information about you from the website when you register with us or place an order for products or services. We also collect information when you voluntarily complete customer surveys, provide feedback and participate in competitions.
- Legal basis for processing personal information (if you’re from the UK or EEA)
If you are from the UK or the European Economic Area, our legal bases for collecting and using the information described above are as follows:
Legitimate Interests: We will collect and process personal information where the processing is in our legitimate interests and not overridden by your data-protection interests or fundamental rights and freedoms. Legitimate interests include direct marketing activities.
Performance of a Contract: We will collect and process personal information to perform a contract with you, such as when you purchase a product from us.
Consent: Where we have asked for, and received, your consent to processing. You may withdraw your consent at any time.