We are committed to protecting the privacy and the confidentiality of the personal information of visitors to our website and of members/enquirers to our organisation. There is a lot of information here but we want you to be fully informed about your rights and how friends1st Ltd uses your data.
We undertake to ensure that all personal information in our possession is processed in accordance with the requirements of the European General Data Protection Regulation (‘GDPR’) and Data Protection Act (‘DPA’).
We will only use your personal information in a way that is fair to you. We will only collect information where it is necessary for us to do so and we will only collect information if it is relevant to our dealings with you. We have implemented appropriate technology and policies to safeguard your data from unauthorised access and improper use.
We may update this Policy from time to time and you are welcome to come back and check it whenever you wish to.
Explaining the legal bases we rely on
The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:
In specific situations, we can collect and process your data with your consent.
For example, when you tick a box to receive emails from us – for example finding out more information about our service, requesting a free book or signing up for one of our free video courses.
When collecting your personal data, we’ll always make clear to you which data is necessary in connection with a particular service.
In certain circumstances, we need your personal data to comply with our contractual obligations.
For example, if you order a resource from us, we’ll collect your address details to deliver your purchase, and if necessary pass them to our courier. If you sign up for our services, we will share the profile information you provide us with to other members. We will only share the contact details (i.e. phone number and email address) that you have expressly chosen and agreed to let us share with other members. We never ever share your address details with other members or enquirers.
If the law requires us to, we may need to collect and process your data.
For example, we can pass on details of people involved in fraud, misbehaviour or other criminal activity to law enforcement.
In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.
For example, we will use your age to send you or make you age specific personalised offers. Or we might use your marital status to inform you about relevant status specific books.
We will also use your address details to send you direct marketing information by post, telling you about products and services that we think might interest you.
When do we collect your personal data?
· When you sign up for any of our information, books, events, services or other resources on our website
· When you make an online purchase from our website
· When you join us as a member and provide us with your profile information
· When you have a professional photoshoot taken and your photographs are supplied to us by your photographer
· When you engage with us on social media
· When you contact us by any means with queries, complaints, suggestions, feedback etc
· When you book any sort of appointment with us –either as an enquirer (i.e. book a consultation) or as a member (eg a coaching call)
· When you choose to complete any surveys we send you
· When you complete and return any of the forms we send you – either by post or by email
What sort of personal data do we collect?
- If you are an enquirer to our service we will collect your email address, your postal mailing address, your telephone numbers, your age, your marital status and other information from you (like your preferences) that help us to determine the suitability of our services for you.
- If you become a member we also collect your height, how you heard about us, your build, whether you smoke, what Christian denomination you are, your current/recent occupation, your country of origin, nationality, ethnicity and denomination. We also give you the opportunity to tell us about your background and history, your family, your personality, your hobbies and interests, your dislikes, your preferred age criteria, your partner preferences, your Christian faith and any other essential information you would like to share with us for the purpose of finding you new friends and soul mates. Of course, it’s always your choice whether you share such details with us.
- Details of your interactions with us by telephone calls, emails, letters and text
- Details of your interactions with us through online surveys
- Copies of documents you provide to prove your age or identity where the law requires this. (including your passport and driver’s licence). This will include details of your full name, address, date of birth and facial image. If you provide a passport, the data will also include your place of birth, gender and nationality.
- Personal details which help us to recommend items of interest.
- Payment card information.
- Your comments and product/service reviews.
- To deliver the best possible web experience, we collect technical information about your internet connection and browser as well as the country and telephone code where your computer is located, the web pages viewed during your visit, and the advertisements you clicked on.
- Your social media username, if you interact with us through those channels, to help us respond to your comments, questions or feedback
How and why do we use your personal data?
We want to give you the best possible customer experience. One way to achieve that is to get the richest picture we can of who you are by combining the data we have about you.
We then use this to offer you promotions, products and services that are most likely to interest you. The data privacy law allows this as part of our legitimate interest in understanding our customers and providing the highest levels of service.
Of course, if you wish to change how we use your data, you’ll find details in the ‘What are my rights?’ section below.
Remember, if you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to provide some services you’ve asked for.
For example, if you’ve asked us to let you know a certain type or location of member comes onto our books, or if a place on one of our fully booked events comes available, we can’t do that if you’ve withdrawn your general consent to hear from us.
Here’s how we’ll use your personal data and why:
- To process any orders that you make by using our website, in person or over the telephone. If we don’t collect your personal data during checkout, we won’t be able to process your order and comply with our legal obligations. We may keep your details for a reasonable period afterwards in order to fulfil any contractual obligations such as refunds, guarantees and so on.
- To fulfil our contractual obligations to you if you are a member – ie sharing specifically agreed and provided information with other paid up members.
- To respond to your queries, refund requests and complaints. Handling the information you sent enables us to respond. We may also keep a record of these to inform any future communication with us and to demonstrate how we communicated with you throughout. We do this on the basis of our contractual obligations to you, our legal obligations and our legitimate interests in providing you with the best service and understanding how we can improve our service based on your experience.
- To process payments and to prevent fraudulent transactions. We do this on the basis of our legitimate business interests. This also helps to protect our customers from fraud.
- To send you relevant, personalised communications by post in relation to updates, offers, services and products. We’ll do this on the basis of our legitimate business interest.
- For our own legitimate interests (e.g. for good governance, accounting and managing our business operations)
- To send you communications required by law or which are necessary to inform you about our changes to the services we provide you. For example, updates to this Privacy Notice, and legally required information relating to your orders. These service messages will not include any promotional content and do not require prior consent when sent by email or text message. If we do not use your personal data for these purposes, we would be unable to comply with our legal obligations.
- To comply with our contractual or legal obligations to share data with law enforcement agencies.
For example, when a court order is submitted to share data with law enforcement agencies or a court of law.
- To send you survey and feedback requests to help improve our services. These messages will not include any promotional content and do not require prior consent when sent by email or text message. We have a legitimate interest to do so as this helps make our products or services more relevant to you.
- To process your booking/appointment requests (such as with a professional photographer or for your telephone profile interview).
- Based on your consent e.g. when you request us to disclose your personal data to other people.
We will update your information whenever we get the opportunity to keep it current, accurate and complete
Any information you provide when enquiring to us and/or signing up for our service will be used for friends1st’s purposes only.
We may disclose your information to companies who act as ‘data processors’ on our behalf, some of whom may be outside the UK/EEA. This will be for our purposes only – for example sending out a mail shot to you from us. We have never, and will not ever sell, rent or otherwise distribute any personal information to third parties.
You may indicate your preference for receiving direct marketing by email or post, from us. You will be given the opportunity on every electronic communication we send you to indicate that you no longer wish to receive our emails. Once properly notified by you, we will stop using your information in this way. You may also notify us that you no longer wish to receive contact by post.
How we protect your personal data?
We know how much data security matters to all our customers. With this in mind we will treat your data with the utmost care and take all appropriate steps to protect it.
We secure access to all transactional areas of our websites and apps using ‘https’ technology.
Access to your personal data is password-protected, and sensitive data (such as payment card information) is secured by SSL encryption.
How long we keep your personal data?
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected.
At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.
Who do we share your personal data with?
We sometimes share your personal data with trusted third parties.
For example, delivery couriers, professional photographers, our solicitors for debt collection, other law enforcement agencies for fraudulent activity, to handle complaints.
Here’s the policy we apply to those organisations to keep your data safe and protect your privacy:
- We provide only the information they need to perform their specific services.
- They may only use your data for the exact purposes we specify in our contract with them.
- We work closely with them to ensure that your privacy is respected and protected at all times.
- If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.
Examples of the kind of third parties we work with are:
- Mailing houses who send out mail on our behalf
- IT companies who support our website and other business systems.
- Operational companies such as delivery couriers.
- Google/Facebook to show you products that might interest you while you’re browsing the internet. This is based on either your marketing consent or your acceptance of cookies on our websites. See our Cookies Notice for details.
- We may also be required to disclose your personal data to the police or other enforcement, regulatory or Government body, in your country of origin or elsewhere, upon a valid request to do so. These requests are assessed on a case-by-case basis and take the privacy of our customers into consideration.
We operate under GDPR and DPA. We ensure lawful processing of personal data by obtaining your consent; or where there is a contractual obligation to do so in providing appropriate products and services; or where processing the data is necessary for the purposes of our legitimate interests in providing appropriate products and services.
The DPA and GDPR apply to ‘personal data’ we process and the data protection principles set out the main responsibilities we are responsible for.
We must ensure that personal data shall be:
- processed lawfully, fairly and in a transparent manner;
- collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
- adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed;
- accurate and where necessary kept up to date;
- kept for no longer than is necessary for the purposes for which the personal data are processed. We only retain personal data for the purposes for which it was collected and for a reasonable period thereafter where there is a legitimate business need or legal obligation to do so. For details of our current retention policy contact our Privacy Officer at: firstname.lastname@example.org
- processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.We use up-to-date industry procedures to protect your personal information. We have appropriate security measures in place to protect against the loss, misuse or alteration of information that we have collected from you via our websites. However please be aware that the internet is not a 100% secure medium of communication. Friends1st Ltd cannot therefore guarantee the security of any information you input on the website or send to us on the internet. Friends1st Ltd is not, and will not be, responsible for any damages you or others may suffer as a result of the loss of confidentiality of any such information.
Under GDPR you have the following specific rights in respect of the personal data we process:
- The right to be informed about how we use personal data. .
- The right of access to the personal data we hold. In most cases this will be free of charge and will be provided within one month of receipt.
To obtain a copy of the personal information we hold on you, please write to us and provide us with your details or email; email@example.com
- The right to rectification where data is inaccurate or incomplete. In such cases we shall make any amendments or additions within one month of your request.
- The right to erasure of personal data, but only in very specific circumstances, typically where the personal data is no longer necessary in relation to the purpose for which it was originally collected or processed; or, in certain cases where we have relied on consent to process the data, when that consent is withdrawn and there is no other legitimate reason for continuing to process that data; or when the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
- The right to restrict processing, for example while we are reviewing the accuracy or completeness of data, or deciding on whether any request for erasure is valid. In such cases we shall continue to store the data, but will not further process it until such time as we have resolved the issue.
- The right to data portability which, subject to a number of qualifying conditions, allows individuals to obtain and reuse their personal data for their own purposes across different services.
- The right to object in cases where processing is based on legitimate interests, where our requirement to process the data is overridden by the rights of the individual concerned; or for the purposes of direct marketing (including profiling); or for processing for purposes of scientific / historical research and statistics, unless this is necessary for the performance of a public interest task.
- Rights in relation to automated decision making and profiling
You can contact us to request to exercise these rights at any time as follows:
Please contact our Privacy Officer firstname.lastname@example.org for more information about the GDPR and your rights under data protection law or if you have a complaint about data protection at friends1st.
If we choose not to action your request we will explain to you the reasons for our refusal.
Your right to withdraw consent
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.
Where we rely on our legitimate interest
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation.
We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request.
Checking your identity
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice.
If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
How can you stop the use of your personal data for direct marketing?
There are several ways you can stop direct marketing communications from us:
- Click the ‘unsubscribe’ link in any email communication that we send you. We will then stop any further emails from us.
- Write to friends1st, PO Box 4853, Stratford upon Avon, CV37 1FZ
Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated.
Contacting the Regulator
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
You can contact them by calling 0303 123 1113.
Information Commissioner’s Office
Or go online to www.ico.org.uk
If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence. Details can be found in Section 16.
- For statistical purposes to track how many individual unique users we have and how often they visit our websites. We collect data that lists which of our pages are most frequently visited and by which types of users and from which countries.
- Our marketing emails may contain a single, campaign-unique “web beacon pixel” to tell us whether our emails are opened and verify any clicks through to links within the email. We may use this information for determining which of our emails are more interesting to users in order to improve the content of our emails over time.
- We use third parties, including Google Analytics, to collect anonymous user information. To learn more about how we use a third party service to collect and use information click here.
- When you visit the friends1st website you may notice some cookies that are not related to friendsd1st. When you visit one of our pages that contains embedded content, for example if you’d like to watch a video hosted on YouTube, you may be sent cookies from these websites. We have no control over the setting of these cookies. If cookies concern you, we would recommend you check the third-party websites for more information about their cookies and how to manage them.
- Flash cookies may be used to store user preferences for media player functionality and without them some video content may not render correctly.
- You can turn cookies off but please remember that if you do choose to disable cookies, you may find that certain sections of our website do not work properly. You will, however, still be able to view site content.
For more information about cookies and managing them, including how to turn them off, please visit the www.allaboutcookies.org
Measuring website usage (Google analytics)
We use Google Analytics to collect information about how people use our websites. We do this to make sure they meeting the users’ needs and to understand how we could do it better.
Google Analytics stores information about what pages you visit, how long you are on the site, how you got here and what you click on. They do not collect or store your personal information (e.g. your name or address) so this information cannot be used to identify who you are. We do not allow Google to use or share our analytics data.
We hope this Privacy Notice has been helpful in setting out the way we handle your personal data and your rights to control it.
If you have any questions that haven’t been covered, please contact our Data Protection Officer who will be pleased to help you:
- Email us on email@example.com
- Or write to us at
Data Protection Officer
PO Box 4853
Stratford upon Avon
This policy was last updated on 27/04/2018