GENERAL STATEMENT
A privacy policy is a statement that shows some how we use, disclose, and manage your data. We fully acknowledge that we have a legal requirement to protect your information. For the purposes of data protection legislation, we are the data controller and we will process your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 and national laws which relate to the processing of personal data. Please read the following carefully to understand our views and practices regarding your personal data and how we will use it.

 

VISITORS TO OUR WEBSITE
We may collect and process personal data about you in the following circumstances:

  • When you complete forms on our website. This may include your name and contact information, which is provided at the time you ask us to contact you/you contact us about our services.
  • Whenever you provide information to us when reporting a problem with our website, making a complaint, making an enquiry or contacting us for any other reason. If you contact us, we may keep a record of that correspondence.
  • Details of your visits to our website including, but not limited to, traffic data, location data and other communication data, whether this is required for our own billing purposes or otherwise, and the resources that you access.

We may also collect data in the following ways:

  • IP Address
    We may collect information about your device, including where available your Internet Protocol address, for reasons of fraud protection. We may also collect information about your device’s operating system and browser type, for system administration. This is simply automated collection of statistical data about our users’ browsing actions and patterns, and does not identify any individual.
  • Cookies
    Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our website. Cookies set by our website are normally referred to as “first-party cookies”, and only track your activity on our website. Most browsers have a help menu which will direct you to your cookie settings. You can choose to not accept cookies, be notified if a new cookie is requesting to be accepted or to accept cookies.
  • Images and photographs of completed work
    Any inclusion of images of completed projects and design drawings on our website will only be done with customer consent and will not include personal information such as names or full addresses.

 

THIRD PARTY ACCESS TO INFORMATION Analytics Tracking
When someone visits our website we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.

 

DISCLOSURE OF PERSONAL DATA
We may disclose your information to third parties for our legitimate interests as follows:

  • IT software providers that host our website and store data on our behalf
  • professional advisers including consultants, lawyers, bankers and insurers who provide us with consultancy, banking, legal, insurance and accounting services
  • HM Revenue and Customs, regulators and other authorities who require reporting of processing activities in certain circumstances

We may disclose personal data to the police, regulatory bodies, legal advisors or similar third parties where we are under a legal duty to disclose or share personal data in order to comply with any legal obligation.

 

ACCESS TO, UPDATING, DELETING AND RESTRICTING USE OF PERSONAL DATA
It is important that the personal data we hold about you is accurate and current. Please keep us informed if the personal data we hold about you changes. Data protection legislation gives you the right to object to the processing of your personal data in certain circumstances or withdraw your consent to the processing of your personal data where this has been provided. You also have the right to access information held about you. You can also ask us to undertake the following:

  • update or amend your personal data if you feel this is inaccurate
  • remove your personal data from our database entirely

To withdraw your consent, please contact us through the web contact form on this website.

 

SECURITY FOR YOUR PERSONAL INFORMATION
We have in place security procedures to prevent the loss, misuse, alteration or theft of your personal information and in order to comply with the General Data Protection Regulation 2018. We endeavour to take all reasonable steps to protect your personal information. However, we cannot guarantee the security of any data you disclose on-line and accordingly you accept the inherent security risks of providing information and dealing on-line over the internet and will not hold us responsible for any breach of security unless this is due to our negligence or wilful default.

 

SPECIFIC INFORMATION MOST LIKELY TO BE OF INTEREST TO CLIENTS AND SUPPLIERS

  • Names and addresses provided by clients will only be kept for as long as Gabriola Garden Design continue to provide a service. Others will be purged on a regular basis.
  • Names, addresses, phone numbers and email addresses stored on phone are subject to finger print recognition and backups are secured by passwords and other authentication.
  • Invoices with client addresses stored on Google drive, subject to 2-stage Google authentication.
  • Names and addresses written on a consultation form on paper with notes from client design meetings may be stored in a locked filing cabinet when appropriate.
  • Names and addresses of clients may be kept on drawings and stored in locked cabinet when appropriate.
  • Photos of gardens and property may be used for promotion if consent is granted, but will never show house numbers, names or addresses.
  • We do not keep photographs of clients or any other people.
  • Bank account details and addresses of suppliers, along with invoices from suppliers, are kept where appropriate, in a locked cabinet.
  • Accounts are destroyed after the minimum required record keeping period (currently 6 years).
  • Email is secured by google and can only be accessed following 2-stage authentication.

 

CHANGES TO OUR PRIVACY POLICY
We reserve the right to update this privacy policy at any time, and any changes we make to our privacy policy will be posted on this page. We may process your personal data without your knowledge or consent where required by applicable law or regulation.