Who we are
This policy aims to help you understand how this blog obtains and use any personal data you provide to us when you use this website or any of our linked online systems, such as our email systems or analytics provider. If you have any questions, please get in touch with us at firstname.lastname@example.org.
Our website address is: https://actualar.co.uk.
What personal data we collect and why we collect it
Information we collect:
Actual Ar may collect the following information through your visit to our website:
- Your name
- Your contact information, such as an email address and/or contact telephone number
- Information about your computer and internet connection such as browser type and IP address. This information is for statistical and security purposes only – i.e. to identify where customers/readers are visiting from.
- Cookies if you browse the website (see below).
We may use the information you provide such as your name or email address to contact you in repsonse to an email enquiry you send us.
What we do with the information we gather
We use the information which you provide during your visit to identify who is visiting the site and whether they are a genuine visitor or a hacker. We also use generalised statistical information to analyse which types of content are performing well and to help us learn about the type of posts our audience enjoys reading. Any data processed via email exchanges or comments posted on the site (such as your name and email address) is used solely to respond to you about any enquiries you may have.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
- Cookies cannot read any information saved on your hard drive and cannot spread viruses.
- Our cookies only pass on the information that you have already disclosed to our website.
- This website may from time to time be supported by advertising revenue, which means we sometimes receive commissions for ads you see and links you click on, at no cost to you. To help us keep track of referrals we’ve made and ads we’ve shown, we (and our service providers) we use small text files called cookies and similar technology on your device. These cookies do not reveal your identity, web use or any other behaviour.
- This site has no ability to read and write or access third party cookies that may be set by advertising partners or third party websites such as Twitter or Facebook sharing.
- All computers have the ability to decline cookies. This can be done by activating the setting on your browser which enables you to decline the cookies.
- Please note that should you choose to decline cookies, you may be unable to access particular parts of our website and it may affect your experience on this site and others.
You can read more about cookies here: http://www.allaboutcookies.org/
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
We use Google Analytics and online security software to monitor traffic to our website. In order to keep our website secure, your IP address is logged by our security provider when you visit our site.
Who we share your data with
Website data is shared with the following: Our Web Host (TSO), advertising partners we may use from time to time (cookie data), Google Analytics and our online security software.
How long we retain your data
We retain data that is collected or processed by our website until we delete it or it is automatically deleted by our security provider. We delete email communications periodically as a matter of course.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Your right to be informed
You can contact us at any time for information on how we are processing your personal information. Email us at email@example.com.
Your right of access
You have the right to access the personal information we hold about you, including any information you have provided to us. You can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. Email us at firstname.lastname@example.org.
Your right to rectification
You have the right to request a rectification of any inaccuracies in the information we hold on you, or have it completed if it is incomplete. You can do this verbally or in writing. We will respond to your request within one calendar month.
Your right to erasure
You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Your right to restrict processing
You have the right request that we limit the ways in which we use the information you provide to us. You can do this verbally or in writing. When processing is restricted, we are permitted to store your personal data, but not use it. We will respond to your request within one calendar month.
Your right to data portability
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us.
Your right to object
If you feel that your personal data is not being handled in an appropriate way by us or if you think there is a problem in the way we are processing your data then you have the right to complain to the ICO.
Your right not to be subject to automated decision-making including profiling
We occasionally look at user profiles of our website visitors that are created by Google Analytics, to help us learn more about who is visiting our website. You have the right to opt out of Google Analytics tracking so that your use of our website does not process any of your data. You can download an opt-out browser add-on from Google tools if you wish to do this or you can also enable a ‘Do Not Track’ request in your browser’s advanced settings. This may or may not work with our security provider, but is an option you have at your disposal.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Your contact information
For any privacy-specific concerns or requests, please contact us via email at email@example.com.
We process personal data under the following basis: legitimate interest
We process visitors’ IP addresses as a matter of course in the operation of our online security software. In protecting our website from hacking attempts and malicious access attempts, the IP addresses of all visitors is logged, in order to identify any attackers. We process this data purely for security purposes. We consider this to be a legitimate interest to protect both ourselves and our visitors from security hackers. We believe that the use of our visitors data in this way will have minimal privacy impact upon them and is in our mutual interest in order to enjoy our website safely.
How we protect your data
We have carried out a Legitimate Interest Assessment for the data we collect from our website. The website is secured by SSL, to encrypt transmissions between the server and the user’s computer. The number of website administrators with access to this data is kept to a minimum.
What data breach procedures we have in place
A ‘personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed. We have the following procedures in place to deal with potential or real data breaches:
Detection and monitoring: we regularly monitor our website to see who is accessing it and we use online firewall technology to block any hacking or unauthorized access attempts. We receive an email from our security provider if there are any security issues occurring in our website. We are also in very close contact with our web host who is also on hand to identify any issues and alert us to them.
Response and reporting: If we detect a breach, we firstly investigate to establish the likelihood and severity of the resulting risk or damage to people’s rights and freedoms. We document the breach, and also the determination made regarding the risks to people’s rights and freedoms as a result. If we determine that this risk is significant, we will report the data breach to the ICO within 72 hours. If we determine that a risk to people’s rights and freedoms is unlikely, we will not report this, but we will still document the breach and explain why the risk was deemed unlikely.
If the data breach poses a high or severe risk to the rights and freedoms of people involved then we will inform those individuals of the data breach immediately and advise them of the steps we’re taking in response.
This policy was updated May 18th 2018. Please come back and check it for updates periodically.