1. Introduction
With this privacy policy we inform you about the scope of the processing of your personal data (hereinafter "data"). This privacy policy only applies to the website of All Typed Up. This privacy policy does not apply to linked websites that are not owned and controlled by All Typed Up.
In principle, we will only use your personal data in accordance with the applicable data protection laws, in particular the UK`s Data Protection Act 2018 (“DPA”), the General Data Protection Regulation (“GDPR”), and only as described in this privacy policy.
Personal data is any information relating to personal or material circumstances that relates to an identified or identifiable individual. This includes, for example, your name, date of birth, e-mail address, postal address, or telephone number as well as online identifiers such as your IP address. In contrast, information of a general nature that cannot be used to determine your identity is not personal data. This includes, for example, the number of users of a website. However, we reserve the right to put this data to additional uses to the extent permitted or required by law or necessary to support legal or criminal investigations. In this case, we will inform you again about this further data processing to the extent required by law and obtain your consent.
2. Responsible for data processing
Responsible for data processing in accordance with the provisions of the GDPR and DPA is:
All Typed Up,
Victoria Siddoway (Sole Trader)
84 Oakwell Court,
Hamsterley Colliery,
Newcastle upon Tyne
Web: www.alltypedup.co.uk
E-mail: contact@alltypedup.co.uk
Facebook: https://www.facebook.com/alltypedupuk/
Twitter: https://twitter.com/alltypedup
Instagram: https://www.instagram.com/alltypedupuk/
LinkedIn: https://www.linkedin.com/company/all-typed-up/
3. General information on data processing
In the course of our business and website operations, we process data. This also includes disclosure by transmission to third parties and, where applicable, to so-called third countries outside the UK and the EEA. Where we transfer data outside the UK or EEA, we have highlighted this accordingly below.
4. Data processing
The individual data concerned, processing purposes, legal bases, recipients and, where applicable, transfers to third countries are listed below:
4.1. Log file during website visit
We log your website visit. In doing so, we process:
The legal basis for data processing is our legitimate interest in the ongoing provision and security of our web site in accordance with Art. 6 (1) f GDPR.
The log file is deleted after seven days, unless it is needed to prove or clarify specific legal violations that have become known within the retention period.
4.2. Contacting us
If you contact us per e-mail or our contact form, we process the following data from you for the purpose of processing and handling your enquiry: Name, contact details -if provided by you- and your message.
The legal basis of the data processing is our obligation to fulfil the contract and/or to fulfil our pre-contractual obligations in accordance with Art. 6 (1) b) GDPR and/or our legitimate interest in processing your enquiry in accordance with Art. 6 (1) f) GDPR.
4.3. Registration
If you register on our website, we will request personal and, where applicable, non- personal data in accordance with our registration form this may include your Name, email address, and the document your are uploading. The entry of your data is encrypted so that third parties cannot read your data when it is entered.
The basis for this storage is our legitimate interest in communicating with interested users according to Art. 6 para. 1 lit. f GDPR and, in the case of contracts, also the storage of contract data according to Art. 6 para. 1 lit. b GDPR.
Your data will remain stored for as long as the registration lasts, in particular the storage is still necessary for the fulfilment/execution of the contract, for legal prosecution by us or for our other legitimate interests or we are required by law to retain your data (e.g., within the framework of tax retention periods).
4.4. Google reCAPTCHA
We use "Google reCAPTCHA" from Google Inc to check whether the data input in our contact or registration form is made by a human being or by an automated program. For this purpose, reCAPTCHA analyses the behavior of the website visitor on the basis of various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g., IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run entirely in the background. Website visitors are not informed that an analysis is taking place. We have a legitimate interest in protecting our offers from abusive automated spying and our users from SPAM.
4.5. ScribeManager
We use “ScribeManager” from Tyger Valley Systems to manage files you uploaded and/or e-mailed us, as well as for our workflow handling. ScribeManager offers cloud-based document management and workflow automation software. The data collected during the uploading and/or e-mailing process is forwarded to and processed by Tyger Valley Systems. We have entered into a so-called data processing agreement with Tyger Valley Systems. The legal basis for this processing is Art. 6 para. 1 letter f) GDPR, our legitimate interest.
4.6. Contract fulfilment and data management in the context of service provision
We process various data within the framework of the provision of our services and for the initiation and processing of the existing contractual relationship between you and us.
If you have commissioned us to provide a service, we process your data (if provided: Name, contact details (email address and telephone number), address, bank details) and all information that is necessary in the context of fulfilling the services, exclusively for the purpose of processing and handling the contractual relationship.
This includes in particular our appropriate advice and support, correspondence with you, invoicing, fulfilment of our accounting and tax obligations.
Accordingly, the data is processed on the basis of Art. 6 (1) b) GDPR as well as to fulfil our legal obligations pursuant to Art. 6 (1) c) GDPR. For further details on processing of Personal Data in terms of the provision of our services, please refer to our Data Protection Policy.
4.7. Use of cookies
We use so-called cookies on our website. Cookies are small text files that are stored on your respective device (PC, smartphone, tablet, etc.) and saved by your browser. For further information please refer to our Cookie Policy. The legal basis for the use of cookies is your consent in accordance with Art. 6 para. 1 a) GDPR as well as our legitimate interest in accordance with Art. 6 para. 1 f) GDPR.
5. Analysis / Marketing
5.1. Google Analytics
We use Google Analytics, a service provided by Google Inc. This means that the data collected can in principle be transmitted to a Google server in the USA, whereby the IP addresses are anonymised by means of IP anonymisation so that an allocation is not possible. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can object to the collection and processing of this data by Google Analytics by setting an opt-out cookie that prevents the future collection of your data when you visit this website: http://tools.google.com/dlpage/gaoptout?hl=en. The legal basis for this processing is Art. 6 para. 1 letter f) GDPR, our legitimate interest.
5.2. AddThis
Our website uses so-called social plugins ("plugins") of the bookmarking service AddThis, which is operated by AddThis LLC. You can find an overview of the AddThis plugins and their appearance here: https://www.addthis.com/get/sharing. When you call up a page of our website that contains such a plugin, your browser establishes a direct connection to the AddThis servers. The content of the plugin is transmitted directly to your browser by AddThis and integrated into the page. Through the integration, AddThis receives the information that your browser has called up the corresponding page of our website and stores a cookie on your end device to identify your browser. This information (including your IP address) is transmitted by your browser directly to an AddThis server in the USA and stored there. AddThis uses the data to create anonymised user profiles, which serve as a basis for personalised and interest-based advertising targeting of visitors to websites with AddThis plugins. For the purpose and scope of the data collection and the further processing and use of the data by AddThis, please refer to the privacy policy of AddThis: http://www.addthis.com/privacy/privacy-policy. If you wish to object to the collection of data by AddThis for the future, you can set a so-called opt-out cookie, which you can download from the following link: http://www.addthis.com/privacy/opt-out. You can also completely prevent the loading of AddThis plugins with add-ons for your browser, e.g., with the script blocker "NoScript" (https://noscript.net/).
6. Duration of data storage
We only store personal data for as long as it is necessary for the purposes for which it is processed or for as long as any consent you have given us has been revoked by you. Insofar as statutory retention obligations must be observed, the storage period for certain data may be up to 6 years, irrespective of the processing purposes.
7. Transfer of personal data
All Typed Up will not disclose or otherwise distribute your personal data to third parties unless this is necessary for the performance of our services (legal basis for processing: Art. 6 para. 1 lit. b) GDPR), you have consented to the disclosure (legal basis for processing: Art. 6 para. 1 lit. a) GDPR) or the disclosure of data is permitted by relevant legal provisions.
All Typed Up is entitled to outsource the processing of your personal data in whole or in part to external service providers acting as processors for All Typed Up pursuant to Art. 4 No. 8 GDPR within the framework of the data protection provisions. External service providers support us, for example, in the technical operation and support of the website, data management, the provision and performance of services, marketing, as well as the implementation and fulfilment of reporting obligations.
The service providers commissioned by All Typed Up process your data exclusively in accordance with our instructions. All Typed Up remains responsible for the protection of your data, which is ensured by strict contractual regulations, technical and organisational measures and additional controls by us.
Personal data may also be disclosed to third parties if we are legally obliged to do so e.g., by court order (legal basis for processing: Art. 6 (1) (c) GDPR) or if this is necessary to support criminal or legal investigations or other legal investigations or proceedings at home or abroad or to fulfil All Typed Up' legitimate interests (legal basis for processing: Art. 6 (1) (f) GDPR).
8. Automated decision-making
Automated decision-making including profiling pursuant to Art. 22 (1) and (4) GDPR does not take place on the part of All Typed Up.
9. Direct marketing in the context of a customer relationship
We use the data you provide to fulfil and process our contract and to respond to your enquiries in accordance with Art. 6 (1) (b) GDPR or on the basis of your consent in accordance with Art. 6 (1) (a) GDPR. Insofar as you have also given us your separate consent to process your data for consulting, marketing and advertising purposes, All Typed Up is entitled to contact you for these purposes via the communication channels you have given your consent to.
10. Your data subject rights
10.1. Information
Upon request, we will provide you at any time and free of charge with information about all personal data that we have stored about you.
10.2. Correction, deletion, restriction of processing (blocking), objection
If you no longer agree with the storage of your personal data or if this data has become incorrect, we will arrange for the deletion or blocking of your data or make the necessary corrections (insofar as this is possible according to the applicable law) on the basis of a corresponding instruction. The same applies if we are only to process data in a restrictive manner in the future. You have the right to object in particular in cases where your data is required for the performance of a task that is in the public interest or in our legitimate interest, as well as profiling based on this. You also have such a right of objection in the event of data processing for the purpose of direct advertising.
10.3. Right to revoke consent with effect for the future
You may revoke your consent at any time with effect for the future. Your revocation will not affect the lawfulness of the processing up to the time of revocation.
10.4. Data portability
If data is processed on the basis of a contract, pre-contractual negotiations, consent or with the help of automated procedures, you have the right to data portability. Upon request, we will provide you with your data in a common, structured and machine-readable format so that you can transfer the data to another data controller if you wish.
10.5. Exercise of your data subject rights and right of appeal
To assert these rights, please contact us. The same applies if you have questions about data processing in our company. You also have the right to lodge a complaint with a data protection supervisory authority. The Information Commissioner`s Office (ICO) is the for All Typed Up Ltd relevant authority in matters of data protection. You have the right to make a complaint at any time to the ICO (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO in the first instance.
11. Security
State-of-the-art internet technologies are used to ensure the security of your data. During the online enquiry process, your details are secured with SSL encryption. For secure storage of your data, the systems are protected by firewalls that prevent unauthorised access from outside. In addition, technical and organisational security measures are used to protect the personal data you have provided against accidental or intentional manipulation, loss, destruction or access by unauthorised persons.
12. Social Media
We are present in various "social media" platforms in order to communicate with our customers, interested parties and users registered there and to be able to inform them about our offers there. We would like to point out that you use these platforms and their functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g., commenting, sharing, rating).
In addition, your data may be processed for market research and advertising purposes. For example, usage profiles can be created from your usage behaviour and the resulting interests. This allows, for example, advertisements to be placed within and outside the platforms that presumably correspond to your interests. Cookies are usually stored on your computer for this purpose. Independently of this, data that is not directly collected from your devices may also be stored in the usage profiles (especially if you are a member of the respective platforms and are logged in to them).
We, as the provider of this information service, do not collect and process any data from your use of our service beyond this.
The processing of users' personal data is based on our legitimate interests in providing users with effective information and communicating with users pursuant to Art. 6 para. 1 p.1 lit. f. GDPR. If you are asked by the respective providers for consent to data processing, the legal basis for processing is Art. 6 para. 1 sentence 1 lit. a., Art. 7 GDPR.
If you are a member of a social network and do not want the network to collect data about you via our website and link it to your stored membership data with the respective network, you must
After logging in again, however, you will once more be recognisable to the network as a specific user. In the case of requests for information and the assertion of user rights, we would also like to point out that these can most effectively be asserted with the providers. Only the providers have access to the users' data and can take appropriate measures and provide information directly. If you still need help, you can contact us.
13. Updating your information
If you believe that the information, we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so within your account or contact us. For your protection and the protection of all of our users, we may ask you to provide proof of identity before we can answer the above requests.
Keep in mind, we may reject requests for certain reasons, including if the request is unlawful or if it may infringe on trade secrets or intellectual property or the privacy of another user. Also, we may not be able to accommodate certain requests to object to the processing of personal information, notably where such requests would not allow us to provide our service to you anymore.
14. When you send a data subject access request
The legal basis for the processing of your personal data in the context of handling your data subject access request is our legal obligation and the legal basis for the subsequent documentation of the data subject access request is both our legitimate interest and our legal obligation.
The purpose of processing your personal data in the context of processing data when you send a data subject access request is to respond to your request. The subsequent documentation of the data subject access request serves to fulfil the legally required accountability.
Your personal data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the processing of a data subject access request, this is three years after the end of the respective process.
You have the possibility at any time to object to the processing of your personal data in the context of the processing of a data subject access request for the future. In this case, however, we will not be able to further process your request. The documentation of the legally compliant processing of the respective data subject access request is mandatory. Consequently, there is no possibility for you to object.
15. Links to other providers
Our website also contains - clearly recognisable - links to the websites of other companies. Insofar as there are links to websites of other providers, we have no influence on their contents. Therefore, no guarantee or liability can be assumed for these contents. The respective provider or operator of the pages is always responsible for the content of these pages.
The linked pages were checked for possible legal violations and recognisable infringements at the time of linking. Illegal contents were not recognisable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete indications of a legal violation. Such links will be removed immediately if infringements of the law become known.
16. Personal information and children
Our services are aimed at people aged 18 and over. We will not knowingly collect, use or disclose personal information from minors under the age of 18 without first obtaining consent from a legal guardian through direct offline contact.
17. Changes and updates to the privacy policy
We kindly ask you to regularly inform yourself about the content of our privacy policy. We will amend the privacy policy as soon as changes to the information processing activities we carry out make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g., consent) or other individual notification.
18. Concerns and Contact
If you have any concerns about a possible compromise of your privacy or misuse of your personal information on our part, or any other questions or comments, you can contact us.
