Privacy Policy

  • Buffer
  • Sharebar
  • Buffer
jethro's picture

Privacy Policy for SpyJournal

Our privacy promise is that we will aim for best practice in the handling of personal information, by following the privacy principles below unless authorised or required by law to depart from them.
If you have any enquiries about this privacy policy, or wish to make an access or amendment request, please contact us.

The types of personal information we hold

We hold personal information about our own staff, as well as the contact details of suppliers and other types of professional associates. We also hold the contact details of individuals who have purchased from us; downloaded free materials from us; been a past client; made an enquiry about our publications, training or consulting services; and/or subscribed to our monthly eNews.

Our third party service providers

The contact details of individuals with whom we have a relationship (including our staff, and individuals who work for our clients, suppliers and others) may be held offshore, including ‘in the cloud’, by our third party service providers.
Our third party service providers are currently Microsoft Office 365 (address book for professional contacts), QuickBooks Online (accounts information for clients and suppliers), MailChimp (names and email addresses of subscribers to our newsletters), and PayPal (names and email addresses of individuals who have purchased products or paid bills using PayPal).
Financial information about individuals who have purchased via PayPal is held and processed on our behalf by PayPal. We do not know, or have access to, a purchaser’s debit or credit card or bank account information.
Our newsletters are mailed to our subscribers and other contacts on our behalf by MailChimp. MailChimp uses single pixel gifs, also called web beacons, in the newsletters, to create reports for us about which of our contacts has or hasn’t opened emails or clicked links from a newsletter. Further details are available in MailChimp’s Privacy Policy. Our subscribers and other contacts can ‘opt out’ of receiving further newsletters at any time.
We use Google Analytics to measure how many people visit our website, how they found our site (e.g. organic search, clicking on a link from a tweet, or via an ad), which pages on our site they view, and whether they go on to purchase or download one of our products. This data is not shared with any other third party besides Google technical support (and then only if we require it). While Google Analytics does not directly identify users, as mentioned above we do collect the name and email address of individuals who download or purchase our products online.

Limiting our collections

We will only collect personal information if:
• it is for a lawful purpose that is directly related to one of our functions, and
• it is reasonably necessary for us to have the information

How we will collect personal information

We will collect personal information directly from the individual concerned unless it is unreasonable or impractical
We will not collect personal information by unlawful means
We will not collect personal information that is intrusive or excessive
We will take reasonable steps to ensure that the personal information we collect is relevant, accurate, up-to-date and complete

Transparency

When collecting personal information, we will take reasonable steps to inform the person:
• what part of SpyJournal will hold and/or have access to their personal information
• what it will be used for
• what other organisations (if any) routinely receive this type of personal information from us
• how the person can access their personal information held by us
• whether the collection is required by law, and
• what the consequences will be for the person if they do not provide the information to us.
We will enable anyone to know, upon request, whether we are likely to hold their personal information, and if so:
• what type of information we hold about them
• the purposes for which it will be used, and
• how they can access their own personal information.

Security safeguards

We will take reasonable security measures to protect personal information from loss, unauthorised access, use, modification or disclosure.
We will take reasonable steps to ensure personal information is stored securely, not kept longer than necessary, and disposed of appropriately.

Access and amendment

We will allow people to access their personal information without unreasonable expense or delay
We aim to respond to requests within 30 days
We will only refuse access where authorised by law, and we will provide written reasons
We will allow people to update, correct or amend their personal information where necessary, to ensure it is accurate, relevant, up-to-date, complete or not misleading
Where possible, we will notify any other recipients of any changes

Accuracy

Before using or disclosing personal information, we will take appropriate steps to ensure that the information is relevant, accurate, up-to-date, complete, and not misleading

Use and disclosure

We will use or disclose personal information only for the primary purpose for which it was collected, unless one of these apply:
• the person has consented
• it is for a directly related secondary purpose within the reasonable expectations of the person (for example, to issue a receipt or answer an enquiry about an online purchase), or
• it is to a related or associated company for the purpose of providing a service.

Other

We do not use linked health records, nor do we use unique personal identifiers. It is not practicable for us to provide anonymous services.
Last Updated 9 May 2018