Skip to main content

Privacy & Legal Information

 

I am Warren P. George. In this privacy notice, I will refer to myself as ‘I’ or ‘me’. I am a freelancer in Italy with PIVA IT16523141006. I am the Data Controller of the personal information I collect, hold and use about you, as explained in this notice.

You can get hold of me by emailing me at warren@warrenpgeorge.com

I take the privacy, including the security, of personal information I hold about you seriously. This privacy notice is designed to inform you about how I collect personal information about you and how I use that personal information. You should read this privacy notice carefully so that you know and can understand why and how I use the personal information I collect and hold about you.

I do not have a data protection officer, but if you have any questions about this privacy notice or issues arising from it, you should get in touch via the information above. I am responsible for matters relating to data protection, including any matters in this privacy notice.

I may issue you with other privacy notices from time to time, including when I collect personal information from you. This privacy notice is intended to supplement these and does not override them.

I may update this privacy notice from time to time. This version was last updated on April 27 2024.

 

Key definitions

The key terms that I use throughout this privacy notice are defined below, for ease:

Data Controller: under UK and EU data protection law, this is the organisation or person responsible for deciding how personal information is collected and stored and how it is used.

Data Processor: a Data Controller may appoint another organisation or person to carry out certain tasks in relation to the personal information on behalf of, and on the written instructions of, the Data Controller. (This might be the hosting of a site containing personal data, for example, or providing an email-marketing service that facilitates mass distribution of marketing material to a Data Controller’s customer base.)

Personal Information: in this privacy notice, I refer to your personal data as ‘personal information’. ‘Personal information’ means any information from which a living individual can be identified. It does not apply to information that has been anonymised.

Special Information – certain very sensitive personal information requires extra protection under data protection law. Sensitive data includes information relating to health, racial and ethnic origin, political opinions, religious and similar beliefs, trade union membership, sex life, and sexual orientation and also includes genetic information and biometric information.

Details of personal information that I collect and hold about you

Set out below are the general categories and details of retention periods in relation to those categories and in each case the types of personal information that I collect, use and hold about you:

General Category

 

Types of Personal Data in that category

 

Identity information

This is information relating to your identity such as your name (including any previous names and any titles that you use), gender, marital status and date of birth

This information will be kept for as long as deemed necessary in conjunction with its use

 

Contact information

This is information relating to your contact details such as email address, addresses, telephone numbers

This information will be kept for as long as deemed necessary in conjunction with its use

 

Account information

This is information relating to your account with us (including username and password)

This information will be kept for as long as deemed necessary in conjunction with its use

 

Payment information

This is information relating to the methods by which you provide payment to us such as [bank account details, credit or debit card details] and details of any payments (including amounts and dates) that are made between us

This information will be kept for as long as deemed necessary in conjunction with its use

 

Transaction information

This is information relating to transactions between us such as details of the goods, services and/or digital content provided to you and any returns details

This information will be kept for as long as deemed necessary in conjunction with its use

 

Survey information

This is information that we have collected from you or that you have provided to us in respect of surveys and feedback

This information will be kept for as long as deemed necessary in conjunction with its use

 

Marketing information

This is information relating to your marketing and communications preferences

This information will be kept for as long as deemed necessary in conjunction with its use

 

Details of special information that I collect and hold about you

Special information is explained above.

We do not collect or hold any special information about you.

We do not collect information from you relating to criminal convictions or offences.

 

Details of how and why I use personal information

We are only able to use your personal information for certain legal reasons set out in data protection law. There are legal reasons under data protection law other than those listed below; but, in most cases, I will use your personal information for the following legal reasons:

 

    1. Contract Reason: this is in order to perform my obligations to you under a contract I have entered into with you;
    2. Legitimate Interests Reason: this is where the use of your personal information is necessary for my (or a third party’s) legitimate interests, so long as that legitimate interest does not override your fundamental rights, freedoms or interests;
    3. Legal Obligation Reason: this is where I have to use your personal information in order to perform a legal obligation by which I am bound; and
    4. Consent Reason: this is where you have given me your consent to use your personal information for a specific reason or specific reasons.

As explained in above, there are more sensitive types of personal data, which require higher levels of protection. Where I process such sensitive types of personal data, I will usually do this in the following circumstances:

 

    1. We have your explicit consent;
    2. Where it is necessary in relation to legal claims;
    3. Where you have made the personal data public.

So that I am able to provide you with services, I will need your personal information. If you do not provide me with the required personal information, I may be prevented from supplying the services to you.

It is important that you keep your personal information up to date. If any of your personal information changes, please contact me as soon as possible to let me know. If you do not do this, then I may be prevented from supplying the services to you.

Where I rely on consent for a specific purpose as the legal reason for processing your personal information, you have the right under data protection law to withdraw your consent at any time. If you do wish to withdraw your consent, please contact me using the details set out at the beginning of this notice. If I receive a request from you withdrawing your consent to a specific purpose, I will stop processing your personal information for that purpose, unless I have another legal reason for processing your personal information – in which case, I will confirm that reason to you.

I have explained below the different purposes for which I use your personal information and, in each case, the legal reason(s) allowing me to use your personal information. Please also note the following:

 

    1. if I use the Legitimate Interests Reason as the legal reason for which I can use your personal information, I have also explained what that legitimate interest is; and
    2. for some of the purposes, I may have listed more than one legal reason on which I can use your personal information, because the legal reason may be different in different circumstances. If you need confirmation of the specific legal reason that I am relying on to use your personal data for that purpose, please contact me using the contact details set out at the start of this privacy notice.

 

Purpose

Legal Reason(s) for using personal information

To enrol you as a customer

Contract Reason: Legitimate Interests Reason (in order to [offer you other goods, services and/or digital content which helps us to develop my business)

To process your order, which includes taking payment from you, advising you of any updates in relation to your order or any enforcement action against you to recover payment

Contract Reason

Legitimate Interests Reason (in order to [recover money that you owe])

To manage my contract with you and to notify you of any changes

Contract Reason

Legal Obligation Reason

To comply with audit and accounting matters

Legal Obligation Reason

For record keeping, [including in relation to any guarantees or warranties provided as part of the sale of goods, services and/or digital content

Contract Reason

Legal Obligation Reason

To improve the goods, services, and/or digital content that we supply

Legitimate Interests Reason (in order to improve the goods, services, and/or digital content for future customers and to grow my business)

To recommend and send communications to you about goods, services, and/or digital content that you may be interested in.

Legitimate Interests Reason (in order to grow my business

Consent Reason

To ensure the smooth running and correct operation of my website

Legitimate Interests Reason (to ensure my website runs correctly)

To understand how customers and visitors to my website use the website and interact with it via data analysis

Legitimate Interests Reason (to improve and grow my business, including my website, and to understand my customer’s needs, desires and requirements)

Sometimes I may anonymise personal information so that you can no longer be identified from it and use this for my own purposes. In addition, sometimes I may use some of your personal information together with other people’s personal information to give me statistical information for my own purposes. Because this is grouped together with other personal information and you are not identifiable from that combined data I am able to use this.

Under data protection laws, I can only use your personal information for the purposes I have told you about, unless I consider that the new purpose is compatible with the purpose(s) I told you about. If I want to use your personal information for a different purpose that I do not think is compatible with the purpose(s) I told you about, then I will contact you to explain this and what legal reason is in place to allow me to do this.

 

Details of how I collect personal information and special information

We usually collect information directly from you when you fill out a form, survey or questionnaire, contact me by email, telephone, in writing or otherwise. This includes the personal information that you provide to me when you subscribe to my mailing list enter a competition or survey.

We may receive some of your personal information from third parties or publicly available sources. This includes:

 

    1. Contact Information and Payment Information from my selected third-party suppliers, such as MailChimp
    2. Website, Device and Technical Information from third parties such as analytics providers (like Google);

We may also receive Website, Device and Technical Information automatically from technologies such as cookies that are installed on my website. To find out more about these please see my cookie policy, which is available here.

 

Details about who personal Information may be shared with

We may need to share your personal information with other organisations or people. These organisations include:

 

    1. Other companies in my group (who may act as joint data controllers or as data processors on my behalf) and who describe the services they provide that require them to have access to personal information, e.g. it services, or describe the reasons it may be shared with them, e.g. for management reporting.
    2. Third parties who are not part of my group. These may include:
        1. Suppliers: such as IT support services, payment providers, administration providers, marketing agencies who are based in the UK and United States
        2. Government bodies and regulatory bodies: such as fraud prevention agencies, who are based in the UK, United States and Italy;
        3. My advisors: such as lawyers, accountants, auditors, insurance companies who are based in the UK and Italy;
        4. My bankers who are based in the UK and Italy;
        5. Email platforms who are based in the United States;
    3. any organisations that propose to purchase my business and assets, in which case I may disclose your personal information to the potential purchaser.

Depending on the circumstances, the organisations or people who I share your personal information with will be acting as either Data Processors or Data Controllers. Where I share your personal information with a Data Processor, I will ensure that I have in place contracts that set out the responsibilities and obligations of me and them, including in respect of security of personal information.

I do not sell or trade any of the personal information that you have provided to me.

 

Details about transfers to countries outside of the EEA

If any transfer of personal information by me will mean that your personal information is transferred outside of the EEA, then I will ensure that safeguards are in place to ensure that a similar degree of protection is given to your personal information as is given to it within the EEA and that the transfer is made in compliance with data protection laws (including, where relevant, any exceptions to the general rules on transferring personal information outside of the EEA that are available to me – these are known as ‘derogations’ under data protection laws). We may need to transfer personal information outside of the EEA to other organisations within my group or to the third parties listed above who may be located outside of the EEA.

The safeguards set out in data protection laws for transferring personal information outside of the EEA include:

 

    1. where the transfer is to a country or territory that the EU Commission has approved as ensuring an adequate level of protection;
    2. where personal information is transferred to another organisation within my group, under an agreement covering this situation, which is known as ‘binding corporate rules’;
    3. having in place a standard set of clauses that have been approved by the EU Commission;
    4. compliance with an approved code of conduct by a relevant data protection supervisory authority;
    5. certification with an approved certification mechanism;
    6. where the EU Commission has approved specific arrangements in respect of certain countries, such as the US Privacy Shield, in relation to organisations that have signed up to it in the USA.]

 

Details about how long I will hold your personal information

I will only hold your personal data for as long as is necessary. How long is necessary will depend upon the purposes for which I collected the personal information and whether I am under any legal obligation to keep the personal information (such as in relation to accounting or auditing records or for tax reasons). We may also need to keep personal information in case of any legal claims.

We have set out above the details of my retention periods for different types of data.

 

Automated decision making

‘Automated decision making’ is where a decision is automatically made without any human involvement. Under data protection laws, this includes profiling. ‘Profiling’ is the automated processing of personal data to evaluate or analyse certain personal aspects of a person (such as their behaviour, characteristics, interests and preferences).

Data protection laws place restrictions upon me if I carry out any automated decision making (including profiling) that produces a legal effect or similarly significant effect on you.

We do not carry out any automated decision making (including profiling) that produces a legal effect or similarly significant effect on you. If I do decide to do this then I will notify you and I will inform you of the legal reason I am able to do this.

 

Your rights under data protection law

Under data protection laws, you have certain rights in relation to your personal information, as follows:

 

    1. Right to request access: (this is often called ‘subject access’). This is the right to obtain from me a copy of the personal information that I hold about you. We must also provide you with certain other information in response to these requests to help you understand how your personal information is being used.
    2. Right to correction: this is the right to request that any incorrect personal data is corrected and that any incomplete personal data is completed.
    3. Right to erasure: (this is often called the ‘right to be forgotten’).This right only applies in certain circumstances. Where it does apply, you have the right to request me to erase all of your personal information.
    4. Right to restrict processing: this right only applies in certain circumstances. Where it does apply, you have the right to request me to restrict the processing of your personal information.
    5. Right to data portability: this right allows you to request me to transfer your personal information to someone else.
    6. Right to object: you have the right to object to me processing your personal information for direct marketing purposes. You also have the right to object to me processing personal information where my legal reason for doing so is the Legitimate Interests Reason and there is something about your particular situation that means that you want to object to me processing your personal information. In certain circumstances, you have the right to object to processing where such processing consists of profiling (including profiling for direct marketing).

In addition to the rights set out in above, where I rely on consent as the legal reason for using your personal information, you have the right to withdraw your consent.

If you want to exercise any of the above rights in relation to your personal information, please contact me using the details set out at the beginning of this notice. If you do make a request, then please note:

 

    1. I may need certain information from you so that I can verify your identity;
    2. I do not charge a fee for exercising your rights unless your request is unfounded or excessive; and
    3. if your request is unfounded or excessive, then I may refuse to deal with your request.

 

Marketing

You may receive marketing from me about similar goods and services, where either you have consented to this, or I have another legal reason by which I can contact you for marketing purposes.

However, I will give you the opportunity to manage how or if I market to you. In any email that I send to you, I provide a link to either unsubscribe or opt out, or to change your marketing preferences. To change your marketing preferences, and/or to request that I stop processing your personal information for marketing purposes, you can always contact me on the details set out at the beginning of this notice.

If you do request that I stop marketing to you, this will not prevent me from sending communications to you that are not to do with marketing (for example in relation to services that you have purchased from me).

We do not pass your personal information on to any third parties for marketing purposes.

 

Complaints

If you are unhappy about the way that we have handled or used your personal information, you have the right to complain to the UK or EU supervisory authority for data protection. Please do contact me in the first instance if you wish to raise any queries or make a complaint in respect of my handling or use of your personal information, so that we have the opportunity to discuss this with you and to take steps to resolve the position. You can contact us using the details set out at the beginning of this privacy notice.

 

Third-party websites

My website may contain links to third-party websites. If you click and follow those links, then these will take you to the third-party website. Those third-party websites may collect personal information from you and you will need to check their privacy notices to understand how your personal information is collected and used by them.

 

 

Cookie Policy

 

I use cookies on my website. You’ll find a notice about this on my homepage as well, which also links back to this policy.

If you use this website after I’ve displayed the notice to you, I will treat this as your consent to my use of cookies for the purposes that I’ve explained below in this policy.

I last updated this policy on April 27 2024.

 

Information about cookies

A cookie is a small text file that is placed onto your computer (or other electronic devices) when you access my website.

There are 4 different types of cookies:

  1. Strictly-necessary cookies (required for the website to run). These allow you to do things like log in securely.
  2. Performance cookies (which measure how many visitors use my site, which pages they visit and how they interact with the site). These help me to improve my website.
  3. Functionality cookies (which remember specific visitor’s preferences for the way they use my site, e.g. language settings or font size).
  4. Targeting/advertising cookies (these collect information about individual visitors that enable me, or third parties, to provide relevant advertisements to those who have visited my site)

My website may use each type of cookie in order to:

  1. Make your online experience more efficient and enjoyable
  2. Improve my services
  3. Recognise you whenever you visit this website and distinguish you from other users of my site
  4. Obtain information about your preferences and use of my site
  5. Provide you with advertising that is tailored to your interests
  6. Carry out research and data analysis to help me to improve my content and services and to better understand my customer preferences and interests

Your web browser places cookies on your hard drive for record-keeping purposes and sometimes to track information about you.

I have set out specific details of the cookies I use on my site below.

 

Third-party cookies

Like many other websites, third parties may also set cookies on my website. These third parties are responsible for the cookies they set on my site and I have no control over them. For further information on how their cookies policies work, please visit their websites.

 

Managing cookies

You can manage cookies yourself.

You can set your web browser to refuse cookies, delete cookies, or to alert you when cookies are being sent.

You will need to visit the web browser’s site to manage, but for ease we have provided links to popular browsers below:

For further information about cookies and how to manage or disable them please go to: www.aboutcookies.org.

Please also note that if you change/block cookies then:

  • some parts of my website may not function properly or as well as they otherwise might;
  • changes will apply across all websites that you visit (unless you choose to block cookies only from particular websites); and
  • the settlings that you change will only apply on the device on which you change the settings and will not apply across all other devices that you use.

I have set out below details of each of the cookies on my site, a description of what they do and, where relevant, external links that provide more information about them:

Google Analytics

I use Google Analytics to analyse the use of this website. Google Analytics generates statistical and other information about website use by means of cookies, which are stored on users’ computers. The information generated relating to my website is used to create reports about the use of the website. Google will store this information.

Google’s privacy policy is available at: http://www.google.com/privacypolicy.html

My preferred contact methods are email and WhatsApp.

Click to get in touch:

PRIVACY & LEGAL
© WARREN P GEORGE