Updated Policy May 2018
The new GDPR laws are designed to protect you, and require anyone who may store data on people to allow them access to it, and request it to be deleted, or provided to them on request.
There is a lot of confusion amongst businesses about how best to approach this new law, and to comply by it. What it requires is for us, a business, to speak in clear, normal language about what we do with that data.
So we shall now do that. Literally.
Our commitment to your privacy
We are committed to ensuring that your privacy is protected. We’ll ask you to provide certain information by which you can be identified when you complete our contact form. This is only really so we know your name and can email you back. We ask for your phone number too, and the reason for this is so that we can call you to discuss a project.
We can reassure you that The White Canvas only retain the absolute minimum information required in a professional business relationship.
We repeat, we do not use your information – or share your information – with anyone else.
What we collect (Information we hold)
We may collect and process information you provide by completing forms on our website and information you supply in email correspondence.
We may collect the following information:
Your address (This is for the contract)
What we do with this information
This information from our contact form goes straight to our email. If we proceed, this data is then stored on our Macs and webmail. Both are password protected. If it’s a cold call from a salesperson we ignore it and it gets deleted.
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and internal business development. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
Uses made of the information
We use information held about you in the following ways:
To ensure that content from our site is presented in the most effective manner for you and for your computer.
To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
To carry out our obligations arising from any contracts entered into between you and us.
To allow you to participate in interactive features of our service, when you choose to do so.
To notify you about changes to our service.
Privacy & Individuals Rights
The GDPR includes the following rights for individuals:
The right to be informed
The right of access
A right to rectification
The right to erasure
Right to restrict processing
The right to data portability
A right to object
The right not to be subject to automated decision-making including profiling.
Lawful Processing of Data
We only process data in relation to enquiries and invoicing with clients. The processes and systems we have in place are designed with your privacy in mind.
If you would like to access the data we have on you, you can request this in writing via email. It won’t cost anything as it’s only your name, address, email and mobile number.
What ‘consent’ means with GDPR:
GDPR definition: “any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her”
Your name, address, email and mobile number are only used for invoicing, and contact when working on a project or enquiry. We do not sell it. We do not abuse it.
Promotional emails & mailing lists
We might use email newsletters to inform you about our latest updates, services and offers. You can subscribe in the footer of our website. Some subscriptions may be manually processed through prior written agreement with existing clients.
Subscriptions are taken in compliance with UK Spam Laws detailed in the Privacy and Electronic Communications Regulations 2003. All personal details relating to subscriptions are held securely and in accordance with the Data Protection Act 1998.
Email marketing campaigns may contain tracking facilities within the actual email. Your activity is tracked and stored in a database for future analysis and evaluation. We just want to understand more about your interaction with our newsletters, things like; the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity [this is by no far a comprehensive list].
This information is used to refine future email campaigns and supply you with more relevant content based around your activity.
In compliance with UK Spam Laws and the Privacy and Electronic Communications Regulations 2003 you are given the opportunity to un-subscribe at any time through an automated system. This process is detailed at the footer of each email campaign. If an automated un-subscription system is unavailable clear instructions on how to un-subscribe will by detailed instead.
Precautions are taken on our website to ensure it is as secure as possible. This reduces the chance of data being robbed via hacking or malware.
Our computers are password protected. Any cloud back-up services we have are also thoroughly protected.
This business is owned and operated by Khalid Birawi
Our principal place of business is at: 26 Clement Court, Howard Road, Stanmore, London HA7 1FZ
You can contact us by email at