The details you provide will only be used by ABC Book Club (Data Controller) and some associated businesses as listed in this document. We will never swap, share or sell your details without your consent.
We protect any personal data that you share with us, or that we get from other organisations and we keep it safe. We always aim to be clear with you about how we will use your data and we promise not to do anything with it that you would not reasonably expect.
We collect use and are responsible for certain personal information about you. When we do so we are subject to the EU General Data Protection Regulation 2016/679 which applies across the European Union (including the United Kingdom) and will be subject to the Data Protection Bill 2018 once it comes into force and we are responsible as “controller” of that information for the purposes of those laws.
What is the definition of personal data?
Personal data is any information that can be used to identify you. It can include information such as your name, gender, date of birth, personal or professional interests, e-mail address, postal address, telephone numbers or bank details. It can include information taken from you to enable us to carry out credit or other financial checks on you.
The type and quantity of information we collect and how we use it depends on why you are providing it. We promise that we will only gather information from you that is adequate and relevant to be used for an explicit and specific purpose.
Where do we obtain personal data from?
When you give it to us directly
We collect personal data about you when you register your interest with us either via post, email or via our websites.
When you give it to us indirectly
We may also obtain information about you from other sources, such as a family member or friend.
We will only contact you through social media sites such as Facebook, Linked In, Instagram or Twitter if your privacy settings give us access to your contact details.
We may collect cookies on our website or via automated monitoring of our website and other technical systems
How do we use your personal data?
We use your personal data in a number of ways depending on your instructions and contact preferences. Primarily this will be by email. Your data will only be processed if we have your consent to do so or a legal or legitimate reason.
Why we use your personal data?
We use your personal data in a number of ways depending on your instructions and contact preferences. Primarily this will be by telephone and email.
Your data will only be processed if we have your consent to do so or a legal or legitimate reason.
We may use your personal information to send you updates (by email, text message, telephone or post) about our services.
Where we have a legitimate interest in processing your personal information for promotional purposes (see “Why we use your personal information”), we wont necessarily require your consent. However, where consent is needed, we will ask for this consent separately and clearly.
We will always treat your personal information with the utmost respect and never sell or share it with other organisations outside the ABC Book Club for marketing purposes.
You have the right to opt out of receiving promotional communications at any time by:
- Contacting us by the methods shown in the paragraphs below entitled "How can you ask us to stop using your personal data?"
- Using the ‘unsubscribe’ link in emails or texts
Who do we share your information with?
We will not share or sell your personal data with any third parties without your consent.
Where your personal information is stored and how long we keep it.
Information may be held at the offices of Acorn group companies as described above in paragraph entitled “Who do we share your information with?”
We will retain your personal data for the period necessary to fulfil the purposes outlined in this Policy and as otherwise needed to comply with applicable law and internal company policies.
You have the following rights, which you can exercise free of charge:
- at any time to your personal information being processed for direct marketing (including profiling)
- In certain other situations to our continued processing of your personal information, eg processing carried out for the purpose of our legitimate interests.
For further information on each of those rights, including the circumstances in which they apply, please contact us or see the Guidance from the UK Informational Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
How can you ask us to stop using your personal data?
You have the right to withdraw consent for us to contact you at any time by the following methods:
We will endeavour to make sure that your preferences are updated as soon as possible and within a maximum of 72 hours.
Withdrawing this consent may limit the services you receive from us and our ability to communicate effectively with you. Your rights will not be affected.
How can you update or correct the personal data that we have hold on you?
You can contact us at any time to update the personal details that we have on our database - in fact, that would be a great help to us.
Again, contact us on one of the following methods:
Your right to access the data we hold on you
You will always have control over your personal data. You have the right to request information about the data we hold on you at any time for free. We promise to provide access to that data, free of charge and within 1 month of your request.
You have the right to correct your data and update your preferences at any time. You have the right to have yourdata erased at any time.
You have a right to ask us to stop processing your personal data at any time.
If at any time you wish to withdraw your consent and tell us not to contact you then please contact a member of the Data Compliance team:
How can you lodge a complaint about the way in which we have used your data?
If you have contacted us and you are unhappy with the way in which we have dealt with your query regarding the use of your data then it is within your rights to lodge a complaint with a supervisory authority.
The ICO (Information Commissioner’s Office) is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
You can find out more information or report a concern through the ICO website: www.ico.org.uk/concerns/handling/
How long do we keep your data for and who has access to it?
Everyone who handles your data has a responsibility to protect it in accordance with the law. ABC Book Club has a comprehensive Computer Use & Data Protection Policy in place to ensure that staff members are aware of the regulations surrounding the use of personal data.
All staff that has access to your data are sufficiently trained and where your data is stored on our encrypted servers, passwords are required for access.
We will keep information for a reasonable amount of time in order to perform the purposes listed above. We only keep your information for as long as necessary. In line with The Property Ombudsman’s (www.tpos.co.uk) code of practice, we generally keep personal information for 7 years after our last contact with you. However we reserve the right to keep information for longer if we feel that this is in our legitimate interests.
We will not transfer or store your personal details outside of the EU.
What security is in place to protect the loss, misuse or alteration of your information?
A data breach can be defined as, ‘accidental or unlawful destruction, loss alteration, unauthorised disclosure of, access to, personal data’.
We have appropriate security measures in place to prevent personal information being accidentally lost or used or accessed unlawfully. We limit access to your information to those who have a business need for it.
In the event of a data breach we will contact the ICO (Information Commissioner’s Office) within 72 hours where we are legally required to do so. The consequences of the breach will be documented and the appropriate actions will be taken to mitigate the consequences.
We will also notify you without undue delay should the breach poses a high risk to your rights and freedoms.