1) Our Core Beliefs Regarding Data Protection

• User privacy and data protection are human rights
• We have a duty of care to the people within our data
• Data is a liability, it should only be collected and processed when absolutely necessary
• We loathe spam as much as you do!
• We will never sell, rent or otherwise distribute or make public your personal information unless required to do so by law

2) Relevant Legislation

Along with our business and internal computer systems, our websites are designed to comply with the following national and international legislation with regards to data protection and user privacy:

• UK Data Protection Act 1988 (DPA)
• EU Data Protection Directive 1995 (DPD)
• EU General Data Protection Regulation 2018 (GDPR)

Our sites compliance with the above legislation, all of which are stringent in nature, means that this site is likely compliant with the data protection and user privacy legislation set out by many other countries and territories as well. If you are unsure about whether this site is compliant with your own country of residences' specific data protection and user privacy legislation you should contact our data protection officer for clarification.

3) Personal Information this Website Collects and why we Collect it

This website collects and uses personal information for the following reasons:

3.1 Site visitation tracking

Like most websites, our websites use Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.

Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer's IP address which could be used to personally identify you, but Google do not grant us access to this. We consider Google to be a third-party data processor.

GA makes use of cookies, details of which can be found on Google's developer guides.

Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within our websites.

3.2 Contact forms and email links

Should you choose to contact us using a form on any of our contact pages or an email link on one of our websites, none of the data that you supply will be stored by the website or passed to / be processed by any of our third-party data processors. Instead the data will be collated into an email and sent to us by Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the internet. The email content is then decrypted by our local computers and devices.

Emails are stored within a Microsoft Exchange server and protected by a secure password whilst is changed often.

3.3 Email newsletter

If you choose to join our email newsletter, the email address that you submit to us will be forwarded to Campaign Monitor who provide us with email marketing services. We consider Campaign Monitor to be a third-party data processor. The email address that you submit will not be stored within our website's own database.

Your email address will remain within a Campaign Monitor database for as long as we continue to use Campaign Monitors services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by requesting removal via email. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.

If you are under 16 years of age you MUST obtain parental consent before joining our email newsletter.

While your email address remains within the Campaign Monitor database, you may receive periodic newsletter-style emails from us.

4) How We Store Your Personal Information

We store your basic contact details within a Microsoft Exchange server and access this using Microsoft Outlook. All computers and devices that have access to this information are password protected.

For each website domain name, we also store a variety of personal details within a secure password protected database stored on our internal servers.

This data includes usernames and passwords to website hosting, website administration and email accounts. We take great care to ensure the safety, validity and security of this information.

4.1 Data Backups

All data is backed up regularly to a variety of internal servers. We also copy data to external hard disk drives and Blu-Ray DVDs, all of which are stored in a locked and key coded fire safe.

5) About our Website's Server

All websites for Clarke Website Design Ltd are hosted within a variety of UK data centres.

Some of the data centre's more notable security features are as follows:

• 3m rota-spike security fence and perimeter anti ram barriers
• Blast proof anti-intruder shielded external windows and doors
• Proximity access locks on all external and internal doors
• Interlocked man-trap doors with biometric iris scanners to gain access into data floors
• Server cabinets have locked doors (no open racks)
• Perimeter and internal IP CCTV system monitored 24x7
• 24x7 on-site security guards with static and mobile patrols
• All on-site personnel are security vetted to BS7858 standard
• Only authorised security cleared staff are allowed into the facility

6) Our Third-Party Data Processors

We use several third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out above.

• ICUK
• Fasthosts
• Campaign Monitor
• Google
• Giacom
• Xero

7) Data Breaches

We will report any unlawful data breach of our own data or of our third-party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.

8) Email Communication

8.1 Why did you receive an email from us?

If you have received an email from Clarke Website Design, we believe that you fall into one or more of the following categories:

1. Your email address is listed with us as someone who has expressly shared this address for the purpose of receiving email-based information from Clarke Website Design Ltd ("opt-in")
2. You have registered, purchased or otherwise have an existing relationship with Clarke Website Design Ltd; i.e. you are a customer.
3. You have made an enquiry to Clarke Website Design Ltd and are asking for further information about our services.
4. You are a supplier to Clarke Website Design Ltd

8.2 How do we protect your privacy?

We use appropriate security measures to protect against the loss, misuse and alteration of data used by our system. We monitor our email traffic and will always respect your time and attention by controlling the frequency of our mailings.

8.3 Sharing and Usage

We will never share, sell, or rent individual personal information with anyone without your advance permission or unless ordered by a court of law. Information submitted to us is only available to employees managing this information for purposes of contacting you or sending you emails based on your request for information and to contracted service providers for purposes of providing services relating to our communications with you.

8.4 How can you stop receiving email from us?

Each email sent contains an easy, automated way for you to cease receiving email from us, or to change your expressed interests. If you wish to do this, simply follow the instructions at the end of all our emails.

If you have received unwanted or unsolicited email from Clarke Design or purporting to be sent from Clarke Website Design Ltd, please forward a copy of that email with your comments to web@clarkedesign.co.uk for our review and prompt attention.

9) Data Controller

The data controller of this website is: Clarke Website Design Ltd, a UK Private Limited Company with company number: 07324906 whose registered office is: 9 Ossmere Close, Sandbach, Cheshire CW11 1FB

10) Data Protection Officer

The Data Protection Officer is Mr Sean Clarke, Clarke Website Design Ltd

• Tel: 01270 761331
• Email: web@clarkedesign.co.uk

11) Changes to Our Privacy Policy

This privacy policy may change from time to time in line with legislation or industry developments. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes. Specific policy changes and updates are mentioned in the change log below.

11.1 Change log

• 25 May 2018 - GDPR Privacy Policy implemented
• 01 Mar 2018 - Privacy policy instigated