Effective Date: 31st day of October 2020
PLEASE READ THE FOLLOWING CAREFULLY
THIS STATEMENT PROVIDES GENERAL INFORMATION ABOUT THE PRIVACY STATEMENT OF THIS WEBSITE, AND ITS RELATED APPS (MOBILE OR OTHERWISE). IF YOU ARE UNDER 16 YEARS OF AGE, PLEASE BE SURE TO READ THIS PRIVACY STATEMENT WITH YOUR PARENTS OR GUARDIAN AND ASK THEM QUESTIONS ABOUT WHAT YOU DO NOT UNDERSTAND.
YOUR USE OF THIS SERVICE CONSTITUTES ACCEPTANCE BY YOU OF THIS PRIVACY STATEMENT.
IT STARTED HERE LTD (collectively, “IT STARTED HERE”, “we”, “our” and “us”.) has created this privacy statement (“Statement”) in order to demonstrate its firm commitment to the privacy of the details that you provide to us when using www.itstartedhere.co.uk (“the webpage” or “messenger” or “mobile app”, collectively “the website”) , as the data controller for the purposes of the GDPR (General Data Protection Regulations EU 2016/679), The California Online Privacy Protection Act (CALOPPA), 2003 and the UK data Protection Act of 2018.
At IT STARTED HERE, we are committed to maintaining the trust and confidence of all visitors to our website. In particular, we want you to know that the website is not in the business of selling, renting or trading email lists with other companies and businesses for marketing purposes.
We believe your business is no one else’s. Your Privacy is important to you and to us. So, we’ll protect the information you share with us. To protect your privacy, IT STARTED HERE follows different principles in accordance with worldwide practices for customer privacy and data protection.
– We won’t sell or give away your name, mail address, phone number, email address or any other information to anyone.
– We‘ll use state – of – the – art security measures to protect your information from unauthorized users.
We take your privacy seriously and take measures to provide all visitors and users of the website with a safe and secure environment.
The Personal Information on the www.itstartedhere.co.uk , is collected, controlled and processed by the following entities:
IT STARTED HERE LTD (“The Data Controller”)
Telephone: [Insert Phone No]
This Policy explains our processing of your personal data and your rights according to ENGLISH DATA PROTECTION LEGISLATION and the EU GDPR and for our United States users, the CALOPPA. IT STARTED HERE reserves the right to modify this Statement at any time without notice by posting the changes on this webpage.
“Personal Data” means any information which relates to a living, identifiable person. It can include names, addresses, telephone numbers, email addresses etc but it is wider than that and includes any other information relating to that person or a combination of information which, if put together, means that the person can be identified.
“Processing” covers all activities relating to the use of personal date by an organization, from its collection through to its storage and disposal and everything in between.
“Data subject” means the person whose personal data is being processed.
“Consent” any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
“Controller” the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
“Data handling” any set of operations or operations performed in an automated or not automated manner on personal data or files, thus collection, capture, systematization, distribution, storage, transformation or alteration, query, introspection, use, communication, forwarding, distribution or by any other means of making data available, coordination or interconnection, restriction, deletion or destruction;
“Data controller” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
“Addressee” means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not;
“Third party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;
“Profiling” any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements and;
“Privacy data breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
RULES OF DATA HANDLING
The Data Controller recognizes the contents of this Data Management Guide as binding on itself, and states, that all data management related to his/her own activity is consistent and complies with the legal provisions as stated in the normative GDPR laws and with the applicable domestic sectoral laws, so especially as provided in the UK Data Protection Act, 2018.
The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR).
Everyone responsible for using personal data has to follow strict rules called ‘data protection principles’. They must make sure the information is:
- used fairly, lawfully and transparently
- used for specified, explicit purposes
- used in a way that is adequate, relevant and limited to only what is necessary
- accurate and, where necessary, kept up to date
- kept for no longer than is necessary
- handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage
There is stronger legal protection for more sensitive information, such as:
- ethnic background
- political opinions
- religious beliefs
- trade union membership
- biometrics (where used for identification)
- sex life or orientation
There are separate safeguards for personal data relating to criminal convictions and offences.
The Data Controller defines his / her data management in such a way that it is with the principles set out in the GDPR/DPA – legality, fairness and transparency, purpose limitation, data saving and accuracy, limited storage, integrity and confidentiality, as well as accountability – complies fully.
Accordingly, the Data Controller handles the collected, stored (managed) personal data solely for the clear and legitimate purposes defined and described below in subsequent paragraphs and only for the time stated. Thus, the subjects can read in detail about each of the data management activities in the mentioned points.
The legal basis for data management of the Data Controller is typically the consent of the data subject, the fullfillment of the contract concluded with the data subject, its preparation and the fulfillment of the legal obligation.
The legal basis for data management will be the fullfillment of the contract if the data subject orders the service from the Company, for example through the Website, i.e. a contractual relationship between the concerned (user) and the Company.
We’re talking about statutory data management when a law obliges Data Controller to include some data as well as the duration of data storage.
Data Controller ensures data security and proper management. The Data Controller ensures that the data is stored in a form that allows identification of data subjects only for the time necessary to achieve the purposes for which personal data are processed. He/she also takes the technical and organizational steps to ensure that the data processed is adequately protected. Within this framework, he/she will take reasonable measures to prevent unauthorized access, alteration of use, transmission, disclosure, deletion or destruction, as well as unavailability of accidental destruction and damage resulting from changes in the technique used.
Therefore the Data Controller’s staff shall ensure that unauthorized persons do not access personal data and that the storage and placement of personal data is designed in such a way that it is not accessible, accessible, alterable, destroyed, or destroyed by an unauthorized person.
The Company undertakes that the personal data of the data subjects will only be forwarded to the addressee (third party or data processor) who also handles the personal data provided or transmitted to them in accordance with these principles. The Company does not sell the data of the affected persons.
The users of the Website are also responsible for the security of their data. For protecting Your username and password, please be careful about the security of these data and not give it to third parties.
THE COLLECTION OF INFORMATION
Our principal goals in collecting information are to provide and improve our Site, Application, services, features and content, to administer your use of the Site and Application (collectively, the “Service”) and to enable users to enjoy and easily navigate the Site and Application. The types of information that we collect include:
Information you provide to us
Personal Information: When you register for and use the Service, access certain content or features, or directly contact the Site or Application, we may ask you to provide information, including:
Your name, phone number, mobile phone number, email address and postal address;
Your username, password, and account setting preferences;
Your credit card number, billing address and other billing related information.
(Collectively, “Personal Information”) Information automatically collected when you visit and interact on the Site or Application, certain information is collected automatically, including:
Non-Identifying Information: We collect other non-identifying information you provide as part of the registration, administration and personalisation of your It Started Here Account profile (e.g. account preferences) (“Non-Identifying Information”). We may combine your Personal Information with Non-Identifying Information and aggregate it with information collected from other It Started Here Users (defined below) to attempt to provide you with a better experience, to improve the quality and value of the Site, Application and Service and to analyse and understand how our Site, Application and Service are used. We may also use the combined information without aggregating it to serve you specifically, for instance to deliver an advertisement or product to you according to your preferences or restrictions.
Log Data: When you visit the Site and Application, whether as a User or a non-registered user (any of these, a “It Started Here User”), our servers automatically record information that your browser sends whenever you visit a website (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type or the webpage you were visiting before you came to our Site and Application, pages of our Site and Application that you visit, the time spent on those pages, information you search for on our Site and Application, access times and dates, and other statistics. We use this information to monitor and analyse use of the Site, Application and the Service and for the Site and Application’s technical administration, to increase our Site and Application’s functionality and user-friendliness, and to better tailor our Site and Application to our visitors’ needs. We do not treat Log Data as Personal Information or use it in association with other Personal Information, though we may aggregate, analyse and evaluate such information for the same purposes as stated above regarding other Non-Identifying Information.
Web Beacons: Our Site and Application may contain electronic images known as Web beacons (sometimes called single-pixel gifs) and are used along with cookies to compile aggregated statistics to analyse how our Site and Application are used and may be used in some of our emails to let us know which emails and links have been opened by recipients. This allows us to gauge the effectiveness of our User communications and marketing campaigns.
Information collected from other sources
We may access information about you from third-party sources and platforms. You can register to use the Service by logging into online accounts you may have with third party service providers (“TPSP”)(e.g. Facebook, Google); each such account, a “Third Party Account”, via our Site or Application as described below. As part of the functionality of the Site, Service and Application, you may link your It Started Here Account with Third Party Accounts, by either: (i) providing your Third Party Account login information to It Started Here through the Site, Service or Application; or (ii) allowing It Started Here to access your Third Party Account, as is permitted under the applicable terms and conditions that govern your use of each Third Party Account. You represent that you are entitled to disclose your Third Party Account login information to It Started Here and/or grant It Started Here access to your Third Party Account for use for the purposes described herein without breach by you of any of the terms and conditions that govern your use of the applicable Third Party Account and without obligating It Started Here to pay any fees or making It Started Here subject to any usage limitations imposed by the applicable TPSP.
If you register by logging into a Third Party Account via our Site or Application, we will obtain the Personal Information you have provided to the applicable TPSP (such as your name, email address, profile picture, names of TPSP friends, names of TPSP groups to which you belong, other information you make publicly available via the applicable TPSP and/or other information you authorise It Started Here to access by authorising the TPSP to provide such information) from your Third Party Accounts and use that information to create your It Started Here Account and It Started Here Account profile page. Depending on the Third Party Accounts you choose and subject to the privacy settings that you have set in such Third Party Accounts, you understand that by granting us access to the Third Party Accounts, we will access, make available and store (if applicable and as permitted by the TPSP and authorised by you) the information in your Third Party Accounts so that it is available on and through your It Started Here Account on the Site, Service and Application. If there is information about your “friends” or people with whom you are associated in your Third Party Account, the information we obtain about those “friends” or people with whom you are associated, may also depend on the privacy settings such people have with the applicable TPSP.
USE OF YOUR INFORMATION
Mobile Communications: With your consent, we may use your mobile phone number to send you information, notifications and updates regarding the Site, Application or Service.
Profile Information: We use the information we collect at registration to create your It Started Here Account and It Started Here Account profile page. Your It Started Here Account profile page will include, among other things, your first and last name, a profile picture and your location. You can select the other items of Personal Information that you wish to be included in your It Started Here Account profile page – including, but not limited to, a list of the TPSP groups to which you belong, a biography and information surrounding your skills and experience relevant to your Profile listing, if applicable (together, your “Profile Information”). We will display your Profile Information in your It Started Here Account profile page publicly via the Site and Application, and, with your prior permission, on third party sites. Any information you choose to provide as part of your Profile Information will be publicly visible to all It Started Here Users and consequently should reflect how much you want other It Started Here Users to know about you. We recommend that you guard your anonymity and sensitive information and we encourage Users to exercise caution regarding the information disclosed in their It Started Here Account profile page. You can review and edit your Profile Information at any time.
Profile listings: If you register as a Consultant, parts of your account profile will become your Profile listing, we may publish, use, and share or otherwise disclose the Content of that Profile listing publicly via the Site and Application and may enable third parties to publish the Profile listing on their websites.
It Started Here Marketing: We may also use your Personal Information to contact you with It Started Here newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of these marketing related notifications at any time by accessing the “Notification Settings” section of your It Started Here Account. Please note that we may also use your Personal Information to contact you with information related to your use of the Service; you may not opt out of these notifications.
Request Fulfillment: We may use the information that we collect to fulfill your requests for products, services and information. For example, we may use your information to respond to your customer service requests.
Data Analysis: In order to learn more about how our Site, Application and Service are used, we aggregate and analyse the data we collect. We may use the information, for example, to monitor and analyse use of the Site, Application and Service, to improve the functionality of same and to better tailor our content and design to suit our visitors’ needs.
Testimonials/Reviews: It Started Here posts testimonials and Customer reviews on the Site and Application. With your consent, we may post your testimonial or reviews on the Site and Application along with your name. To have your testimonial removed, please contact us at support@ItStartedHere.co.uk
INFORMATION SHARING AND DISCLOSURE
Analysis: We may share aggregated information that does not include Personal Information and we may otherwise disclose Non-Identifying Information and Log Data with third parties for industry analysis, demographic profiling, payment processing, customer service and other purposes. Any aggregated information shared in these contexts will not contain your Personal Information.
Service Delivery: We may employ third party companies and individuals to perform Site-related services, including maintenance services, database management, web analytics, data processing and email and text message distribution. These third parties have access to your information only to perform these tasks on our behalf.
Investigations: We may share information about you to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety or other rights and interests of any person, violations of It Started Here’s Terms of Service, or as otherwise required by law.
Compliance with Laws: We may share information about you to respond to law enforcement measures, to establish or exercise our legal rights, or to defend against legal claims.
THIRD PARTY SERVICES
To customise your experience on the Site and Application and to simplify our registration process, we provide you with the opportunity to access or interact with TPSPs, such as Facebook and Google. When you connect to the Site or Application through these TPSPs, we may share information about you with these third-party service providers and they may share data about you with us.
When you allow us to access your data through a third-party service to create a Site account, we may use this data for several purposes, including:
Populating a list of potential friends to whom you can send service-specific messages. For example, we may use friend lists from a TPSP to create a list of contacts to whom you may choose to share your It Started Here Account profile page.
To enhance and personalise your experience on the Site. When you are connected via a TPSP, we may access certain account information, such as your name, and profile picture, in order to enhance and personalise your experience on the Site or application.
Please note that we do not control the privacy practices of these third-party services. We encourage you to read the privacy policies of all TPSP websites.
UPDATING AND DELETING YOUR PERSONAL INFORMATION
All Users may review, update, correct or delete the Personal Information in their registration profile by contacting us at support@ItStartedHere.co.uk or editing their profile. If you would like us to deactivate your It Started Here Account, please contact us and we will attempt to accommodate your request if we do not have any legal obligation or a legitimate business reason to retain the information contained in your It Started Here Account. Please note that, if you cancel your It Started Here Account, any of your User Content on the Site and Application will remain publicly viewable via the Site and Application. Please see below for privacy contact information
SECURITY AND DATA RETENTION
To protect your privacy and information, It Started Here uses multiple security procedures and practices to protect from unauthorised access, destruction, use, modification and disclosure of Personal Information of users.
When you enter Personal Information on our Site and Application, we encrypt that information using secure socket layer technology (SSL). SSL creates a secured connection between our web servers and your browser, which protects against unauthorised access to transmitted data and supports data being sent only to intended recipients.
Your Personal Information is password protected and our main servers are locked and hosted by a leading provider of Internet access to enterprises with mission-critical Internet application requirements. Access to the host environment is secure.
Safeguarding information to help protect you from identity theft and the practice known as “phishing” is a top priority for It Started Here. We do not and will not, at any time, request your credit card information, your It Started Here Account ID, login password, or national identification numbers in a non-secure or unsolicited email or telephone communication.
We follow generally accepted industry standards to protect the Personal Information submitted to us, both during transmission and once we receive it. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our Site and Application, you can contact us at support@ItStartedHere.co.uk .
Note that we will make any legally required disclosures of any breach of the security, confidentiality, or integrity of your unencrypted electronically stored “personal data” to you via email or conspicuous posting on the Site and Application in the most expedient time possible and without unreasonable delay, insofar as consistent with (i) the legitimate needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.
Sharing personal contact/financial details including personal email addresses, phone numbers, TPSP, Skype/zoom/IM usernames or any other financial or contact details.
All communications, information and files exchanged should be performed exclusively using It Started Here’s messaging systems. Keeping communications and transactions on and within the It Started Here Site and Application is first and foremost for your safety and to mitigate privacy risk.
To protect our users’ privacy, personal information should be kept anonymous. Requesting or providing email addresses, skype/zoom/IM usernames or other personal contact details (other than your name) are strictly prohibited. It Started Here’s Voice,Video and Text service and User notifications are designed to enable communication between all users.
Face to Face meetings, if you decide to communicate off the Service by scheduling an appointment to meet in person. To protect your privacy and for your safety, you agree that you will not share personal contact information, importantly your financial information (for example, your credit card or bank account information), or wire or otherwise send money, to other members.
It Started Here is building a knowledge share community, using new forms of communications. For this community to thrive, security and trust must be maintained for all users. This is only possible through maintaining initial conversations within the It Started Here application. Protecting our users’ privacy is of critical concern for everyone on the It Started Here team.
It Started Here and its third party partners to whom we disclose information under this policy may perform activities outside of the United Kingdom and potentially collect, transfer, store, and process your personal information in other countries. As a result, your information may be subject to the laws of those countries or other jurisdictions. These laws may not be equivalent to the privacy and data protection laws in your jurisdiction. Information may be disclosed in response to valid demands or requests from government authorities, courts, or law enforcement in these countries. By using the Site, Application or providing us with your information, you consent to the potential collection, transfer, storage, and processing of information in other countries.
We will make available to you any of your personal information that we have collected, used or disclosed upon request. Please contact us at support@ItStartedHere.co.uk
ADDRESSING YOUR CONCERNS
DATA RIGHTS AND PROTECTION
Our customers’ privacy and information protection. Given the ever changing regulatory environment, surrounding our User’s privacy and information protection, we endeavour to stay abreast of any updates to policies or information. In order to adhere to international and domestic law we have the following policies in plac
If at any time you wish to remove consent, please email our Data Protection Officer at Support@itstartedhere.co.uk . Additional details are provided below in our “Data Protection Officer” description.
Timely Breach Notification:
In the event of a data breach, we will notify our data handlers/controllers and Users within 72 hours. In addition to outlining the nature of the breach, the breadth, and actions involved to remedy the situation will be detailed.
Right to Data Access:
If at any time a User wishes to access their existing data profile, we will provide a free electronic copy of the data we collected about that user. This report will also include the various ways the information has been used.
Right to Be Forgotten:
If at any time a User discontinues their relationship with It Started here, the User can request that their personal data is wholly erased from our records.
This gives users rights to their own data. Users will be able to obtain their data from It Started Here in an electronic report and reuse that same data in different environments outside of ours.
Right to rectify your inaccurate Personal Information and to have incomplete personal data completed, including by means of providing a supplementary statement.
Right to restrict processing of your Personal Information;
Right to object to processing of Your Personal Information,
Right to withdraw your consent to the usage of your Personal Information at any time
You also have the right to lodge a complaint with regards to the handling of your data to the U.K Information Commissioners Office (ICO);
ICO – Website – https://ico.org.uk/make-a-complaint/
Telephone: 0303 123 1113
Textphone: 01625 545860
Monday to Friday, 9am to 4:30pm
PRIVACY BY DESIGN:
It Started Here has specifically designed its systems and trained its staff to maintain customer privacy. We strive to continue to improve and adapt this design to be forward looking.
DATA PROTECTION OFFICER:
It Started Here has appointed a Data Protection Officer who can be reached at Support@ItStartedhere.co.uk This internal officer will be able to rescind customer consent as requested, alert stakeholders of a data breach, provide access to data reports, ensure the right to be forgotten, establish data portability as requested, and oversee privacy by design responsibility.
When someone visits the website, we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to track things such as the number of visitors to the various parts of the site and interactions with the site. This information is processed in a way which does not identify anyone. We do not make and do not allow Google to make, any attempt to find out the identities of visitors to our website.
We do not knowingly gather or otherwise process personal data of minors under the age of 16. If we notice that one of our users/visitors is a minor we’ll immediately take steps to remove their information. If you believe we have processed or still hold information on minors, please send us an email at Support@ItStartedhere.co.uk and we’ll remove it A.S.A.P.
CHANGES IN THE PRIVACY STATEMENT
We encourage you to periodically review this page for the latest information on our privacy practices.