Website Privacy Policy for Power Thoughts by Natalie Costa
At Power Thoughts by Natalie Costa, we are committed to protecting the personal data that we obtain. The privacy and confidentiality of our clients and visitors to our website matter to us. We will deal with your personal data in compliance with all current applicable data protection laws.
This privacy policy explains how we will process the data relating to you that you provide to us (or that we may collect) when you visit our website at www.powerthoughts.co.uk (Website),
Our Website may contain hyperlinks to third party websites. These third party websites operate independently from us, and we cannot accept any responsibility or liability for the privacy practices of such third parties nor the availability of these external sites or resources. The appearance of such links on our Website is not an endorsement. Should you use any of these websites, such use is at your own risk and we would advise that you review their respective privacy policies.
1. WHAT PERSONAL INFORMATION DO WE COLLECT ABOUT YOU?
When you visit our Website, we may collect and process the following information which may include your personal information.
Type of information
· We may collect and store any personal information you provide when using the Website, including when you contact us by submitting your details and message in the free-text box on our “Contact” webpage
· Personal data that we may obtain includes:
– Your name;
– Your email address;
– Your telephone number (s);
– IP address; and
– Any other personal information that you may provide in a message you submit to us.
Purpose of the processing and legal basis for the processing
· We may legally process the personal information that we collect on the basis that we have a legitimate interest and / or in the performance of a contract:
– To provide you with information about the products and services that we offer, about events we may put on.
– To perform our contract for sales of our products and services;
– To create and maintain your own account with us;
– To respond to your enquiries;
– To manage risk or prevent other illegal or prohibited activities;
– To resolve issues or fix problems on the website.
Who is this information shared with?
· We keep your information confidential. We will not sell your information. We may disclose your information to our personnel and to third party suppliers or subcontractors (including our independent consultants, data analytics providers and cloud based data processing and hosting providers).
· If we do share your information, we will only do insofar as it is reasonably necessary for the purposes set out in this privacy policy, and provided that the recipients do not make independent use of the information and have agreed to adhere to the rules set out in this privacy policy.
2. OUR SOCIAL MEDIA PAGES
Type of information
· This Website contains links to Power Thoughts by Natalie Costa’s social media pages on Facebook, , Instagram and Twitter.
· These third party websites have their own respective privacy policies (which we would advise you to read) for which those sites are solely responsible.
· Should you visit those social media pages and choose to follow us on Facebook, Twitter or Instagram, Power Thoughts by Natalie Costa may receive personal information from the social media providers, including:- Your name (first and last);
– Your email address;
– Your postal address;
– Your telephone number(s);
– IP address;
– Location data;
– Social Media account url;
– Your login details;
– Your date of birth/age;
– Your gender; and/or
– Your general interests.
Purpose of the processing and legal basis for the processing
· If we do receive any personal information about you from these third party social media sites, we will not process your information for the purposes of direct marketing unless you have provided your consent or it is otherwise lawful for us to do so.
· We may use this information to find out more about our digital community so that we can better understand and serve our customers and website visitors (for example, to create bespoke content by analysing general interests).
· If you have opted-in to receive such communications, please see our section below on “Our Approach to Marketing”.
Who is this information shared with?
· We may share your personal information with these social media sites to enable them to provide targeted marketing messages where you have indicated your agreement to receive these message from them or where it is otherwise lawful to do so.
· We will not otherwise share with any other third party the personal information that we obtain about you for the purposes of marketing, unless you have provided your consent or it is otherwise lawful for us to do so.
· If you would like us to delete the personal information that we have received about you from these sites, please email coaching@nataliecosta.co.uk
· If you do not want us to receive further information about you from these sites, you should also contact the sites directly to turn off the ‘follow’ settings.
· If you would like to have deleted the personal data that you’ve shared with the social media accounts that you have joined or that you follow, please contact the social media providers directly.
3. OUR WEBSITE PURCHASING PLATFORMS (TICKET SALES)
Type of information
· Via our Website, we offer you the opportunity to purchase tickets to online events
· If you chose to make a purchase, we may collect and store any personal information you provide when making this transaction, including the following billing details:
-Your name (first and last);
-Your company’s name (if applicable);
– Your email address;
– Your postal address (billing address);
– An alternative postal address (delivery address), if applicable;
– Your country location;
– Your telephone number(s);
– Your payment details (including credit card number, expiry date and CVC).
Purpose of the processing and legal basis for the processing
· We collect and process your contact and financial details to provide you with our products and services for which you have placed an order. We process this personal data in order to perform our sales contract with you and to meet our legal obligations or legitimate interests as a music production, record and promotion business.
· We may contact you about your purchase (for example with details on your tickets or your attendance at an event), and we may create and store a record of your purchase history.
· Financial transactions via our e-store are handled by our third party payment service provide which is Paypal or Stripe.
Who is this information shared with?
· When you opt to make a purchase via our third party payment services provider, we may share some personal information with them, and may receive some of the financial information that you provide to them.
4. OUR APPROACH TO MARKETING
Type of information
· Our Website does not contain third party advertising.
· We may collect information about you in order to send you our promotional or marketing communications, such as;
– Your name (first and last);
– Your email address;
– Any other personal information that you may provide in a message you submit to us.
· While we do not permit third party advertising (or targeted advertising) on our Website, if you do link to one of our Power Thoughts by Natalie Costa's social media platforms you may be subject to targeted marketing via that site.
Purpose of the processing and legal basis for the processing
· Where we provide you with information about our products, services, offers (such as via our e-newsletters) or if we contact you for market research purposes (such as surveys and feedback requests), we will only use your personal information in this way in accordance with laws relating to marketing directly to individuals, and in the pursuit of our legitimate interest of marketing our business.
· If you have asked to be added to our mailing list, we will provide your details to a third party company called Mai Chimp that helps us to produce and manage our newletters. We provide these communications on the basis that you have asked to receive these.
· If you change your mind, you may opt-out at any time via the unsubscribe feature that appears in our emails or by contacting us at coaching@nataliecosta.co.uk
Who is this information shared with?
· We will not share with any third party the personal information that we obtain about you for the purposes of marketing, except for as stated in this policy and only where those third parties have agreed to make no independent or further use of that data and to maintain its confidentiality.
5. OUR APPROACH TO OBJECTIONABLE CONTENT
Type of information
· If you send us objectionable content, or behave in a disruptive manner when using our Website, we may process any personal information that you have submitted to us, including in your personal messages, to respond to and stop such behaviour.
Purpose of the processing and legal basis for the processing
· We will only process personal information in this way for the following legitimate interests:
– Ensuring that the use of our Website is lawful;
– Ensuring that users do not disrupt or harass our staff, clients or other Website users; and
– Enforcing our legal rights and complying with our legal obligations.
Who is this information shared with?
· Where we reasonably believe that you are or may be in breach of the law (i.e the content you share on the Website amounts to harassment or is defamatory), we may use your personal information to inform relevant third parties about the content, such as:
– Your email or internet provider; or
– Law enforcement agencies.
· Where we process personal information in this way, we will hold that personal information on our systems for as long as is reasonably necessary to achieve these objectives.
6. DATA SHARING WITH OTHER PARTIES
In addition to the processing that we undertake ourselves, we also use third party processors to collect, export, store and otherwise process our data, include personal data, on our behalf. The processors that we engage include (without limitation):
· Paypal Services (PayPal (Europe) S.à r.l. et Cie, S.C.A.)(Payment Services)
Location: EU
https://www.paypal.com/uk/webapps/mpp/ua/privacy-full
· Google LLC (for Google Drive) (Cloud Storage)
Location: US (EU-US Privacy Shield certified)
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
· We Transfer (Cloud Storage)
Location: EU
https://wetransfer.com/legal/privacy
· Facebook, Inc. (Social Media Platform)
Location: US (EU-US Privacy Shield certified)
https://www.privacyshield.gov/participant_search
· Twitter (Social Media Platform)
Location: Ireland (for non-US customers)
https://twitter.com/en/privacy
· Instagram (subsidiary of Facebook, Inc.) (Social Media Platform)
Location: US (EU-US Privacy Shield certified)
See above for Facebook, Inc. EU-US Privacy Shield certification link
· Google LLC (for Google Analytics) (Web Management Tools)
Location: US (EU-US Privacy Shield certified)
See above for Google LLC EU-US Privacy Shield certification link
- PeopleKeys USA (Web Management Tools)
Location: US (EU-US Privacy Shield certified)
https://peoplekeys.com/policies/privacy-policy
7. COOKIES & ANALYTICS
Our Website does not use cookies.
Our Website uses website analytics, including Google Analytics, to evaluate and improve our Website, personalise your experience and to offer the best, most accessible service possible to all of our customers.
To find out more about Google Analytics and to learn how to opt out, please visit:
· How Google uses data when you use our partners’ sites or apps, or
· https://tools.google.com/dlpage/gaoptout/.
When you visit our Website, these analytics service providers may collect the following data, which will almost always be anonymised and aggregated before reporting back to us:
· number of visitors to our Website
· pages visited while at the Website and time spent per page
· page interaction information, such as scrolling, clicks and browsing methods
· websites where visitors have come from and where they go afterwards
· page response times and any download errors
· date and time of the visit
· other technical information relating to end user device, such as IP address, access status/HTTP status code, your operating system and interface or browser plug-in
We process this information to understand how visitors use our Website and to compile statistical reports regarding that activity (for example, your IP address is used to approximate the country from which you access our Website, and we aggregate this information together so we know that, for example, whether most of the visitors to our Website come from the EU or from elsewhere).
This processing is crucial to the running of our online business and we therefore undertake such monitoring in the pursuit of our legitimate interests in improving our Website to provide a better service and source of information to visitors.
This information is not used to develop a personal profile of you.
8. YOUR RIGHTS IN RELATION TO THE PERSONAL DATA THAT WE PROCESS
You have the following rights over the way we process personal data relating to you. We aim to comply without undue delay, and within one month at the latest:
· to ask for a copy of data we are processing about you and have inaccuracies corrected;
· to ask us to restrict, stop processing, or to delete your personal data;
· to request a machine readable copy of your personal data, which you can use with another service provider. Where it is technically feasible, you can ask us to send this information directly to another provider if you prefer; and
· to make a complaint to a data protection regulator. You may contact them at: https://ico.org.uk/concerns/
To make a request in relation to any of the aforementioned rights, please contact us at coaching@nataliecosta.co.uk
9. CHILDREN
We do not knowingly use the Website to solicit data from or market to children under the age of 13 or sell any of our products or services to children.
If a parent or guardian becomes aware that his or her child has provided us with information or may be receiving communications from us or has been otherwise interacting with us via our Website without consent of a parent or guardian, we ask that this be brought to our immediate attention. We will make it our priority to address this situation and delete information relating to a child as soon as practicable.
10. SECURITY
We will take commercially reasonable, appropriate technical and organisational measures to ensure a level of security appropriate to the risk that could be encountered via the use of our Website and services, taking into account the likelihood and severity those risks might pose to the rights and freedoms of our Website visitors.
In particular, we will take precautions to protect against the accidental or unlawful destruction, loss or alteration, and unauthorised disclosure of or access to the personal information transmitted, stored or otherwise processed by us. Please be aware that, while we make the security of our Website and your personal information a high priority and devote considerable time and resources to maintain robust IT security, no security system can prevent all security breaches. When you choose to share your personal information with us, you accept the aforesaid and provide your information at your own risk.
11. RETENTION
In accordance with data protection laws and good commercial practice, we do not retain data in a form that permits identification of the person(s) to whom it relates for any longer than is necessary. Once the purpose for which information has been collected has been fulfilled, we will either permanently delete your personal information or remove all identifiers within it so that it is no longer personal data. We may use such anonymised data for research and/or business analysis purposes.
Where you have provided us with personal information in order to set up an account with us, we will retain those details for as long as your account remains active.
Where you have signed up to our mailing list, we will retain your details for as long as you remain on that list. If you unsubscribe, we will remove your details from the list.
Where we obtain your personal data in relation to the use or purchase of our services or products, including VAT or invoicing information, we are obligated by law to keep this for a minimum of 6 years.
12. INTERNATIONAL DATA TRANSFERS
Our servers are hosted by Squarespace and the information that we collect directly from you will be stored in their servers. We may also transfer your personal data to our third party service providers, many of whom may be located outside of the EU, operate from multiple locations including non-EU based operations or engage sub-processors located outside the EU.
There are agreements in place to ensure that any international transfers of personal data to our affiliates or third party service providers have appropriate safeguards that meet the requirements of EU data protection laws.
Such appropriate safeguards may include standard data protection clauses adopted by a data protection regulator and approved by the European Commission, such as the European Commission’s standard contractual clauses. Alternatively, where personal data is transferred to the US, many of those US third party service providers are certified under the EU-US Privacy Shield framework approved by the European Commission.
To find out more about the standard contractual clauses, please visit:https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en
To find out more about the EU-US Privacy Shield certification, please visit:https://www.privacyshield.gov/Program-Overview
If you would like to find out more about these safeguards or about our international transfer of data, please let us know by contact us at Mill Lane, Box, Corsham, Wiltshire SN13 8PL.
13. CHANGES TO THIS POLICY
This privacy policy may be updated from time to time. We will notify you of any changes to our privacy policy by posting the new privacy policy on our Website. You are advised to consult this privacy policy webpage regularly for any changes.
14. CONTACT
Questions, comments and requests in relation to this privacy policy are welcome and should be addressed to coaching@nataliecosta.co.uk