Data Protection Privacy Statement & Policy
At Evergreen Studio Ltd we are committed to safeguarding your privacy and maintaining the security of your personal information. The purpose of this Privacy Statement is to explain to you what personal information we collect and how we may use it. We will not sell your data, share it with other third parties without your permission and we promise to keep it safe and secure. For the purpose of the General Data Protection Regulation (GDPR) 2016/679, the data controller is Evergreen Studio Ltd, a company incorporated in Scotland (company number SC544236).
Collection of Information
We collect, store and use information about you in order to deliver our services to you. We collect this information when you:
- View our website
- Contact us by email
- Become a member of our studio
The information is likely to include your name, email address, organisation (if appropriate), address, telephone number, job title and in case for members, bank details.
Use of Information
We collect information about you in order to process your requests such as responding to an enquiry or managing your membership.
We process personal information for legitimate interests and business purposes, which
include the following:
• To identify or prevent fraud
• To fulfill a legal obligation
• To provide communications, including email communications, which with think will be of legitimate interest to you
We may process personal data when we need to do this, for example where you are a member (to manage the relationship) or where we are required to do this by law or other regulations.
When we process your data, we will keep your Personal Data rights in high regard and will take account of these rights.
You have the right to object to our processing of your personal data and to be removed from our system. If you do not wish to continue to receive emails from us, you can contact email@example.com or write to us at the contact address below.
Any financial information (such as credit card number, billing address, and expiration date) collected from you is used only to bill you for the services that you have purchased.
Please bear in mind that if you do not allow us to process your information then we might not be able to carry out the tasks above for your benefit.
We take reasonable steps to protect the personal data collected against loss, misuse, unauthorised use, access, inadvertent disclosure, alteration and destruction. However, no network, server, database, internet or email transmission is ever fully secure or error free so you should take care in deciding what information you send to us when disclosing personal information.
Sharing of Information
Unless we are required to do so by law, we do not share your personal data with any third parties. We do not share your information for marketing purposes with other organisations or companies.
In the course of operating some of our services, your data may be stored temporarily with third party contractors, for example database hosting companies and e-mail distribution services. For example, we use FreeAgent for our invoices and WordPress for our contracts.
Access, update and removing of Information
To request a copy of the information we hold about you, correct or update any information about you, unsubscribe from our services, object to us processing your data or remove any information about you from our records, please contact us at firstname.lastname@example.org or write to us at the contact address below.
We only store your data for as long as is necessary for the purposes of processing that are set out in this policy. When you leave Evergreen Studio as a member we will automatically delete your data after one year.
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. We may release information when it’s release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
The General Data Protection Regulation [GDPR] sets out the rights which individuals have in relation to personal information held about them by data controllers. These rights are listed below, although whether you will be able to exercise each of these rights in a particular case may depend on the purpose for which the data controller is processing the data and the legal basis upon which the processing takes place.
- Access to your information – You have the right to request a copy of the personal information about you that we hold.
- Correcting your information – We want to make sure that your personal information is accurate, complete and up to date and you may ask us to correct any personal information about you that you believe does not meet these standards.
- Deletion of your information – You have the right to ask us to delete personal information about you, where:
You consider that we no longer require the information for the purposes for which it was obtained
We are using that information with your consent and you have withdrawn your consent – see ‘Withdrawing consent to using your information’ below
You have validly objected to our use of your personal information – see ‘Objecting to how we may use your information’ below
Our use of your personal information is contrary to law or our other legal obligations.
- Objecting to how we may use your information – You have the right at any time to require us to stop using your personal information for direct marketing purposes.
- Restricting how we may use your information – In some cases, you may ask us to restrict how we use your personal information.
- Automated processing – If we use your personal information on an automated basis to make decisions which significantly affect you, you have the right to ask that the decision be reviewed by an individual to whom you may make representations and contest the decision. This right only applies where we use your information with your consent or as part of a contractual relationship with you.
- Withdrawing consent using your information – Where we use your personal information with your consent you may withdraw that consent at any time and we will stop using your personal information for the purpose(s) for which consent was given.
Please contact us at email@example.com or write to us at the contact address below if you wish to exercise any of these rights.
You can find more information about these on the Information Commissioner’s website. https://ico.org.uk/
To be in accordance with CANSPAM/GDPR, we agree to the following:
- Not use false or misleading subjects or email addresses..
- Include the physical address of our business or site headquarters.
- Monitor third-party email marketing services for compliance, if one is used.
- Honor opt-out/unsubscribe requests quickly
Changes to our privacy statement
We keep this privacy statement under regular review and will place any updates on this website.
This privacy statement was last updated on 15 November 2019
Contact information and further advice
If you have any further questions about the way in which we process personal data, or about how to exercise your rights, please contact:
3 Tweedale Court
14 High Street
EH1 1TE Edinburgh
We seek to resolve directly all complaints about how we handle personal information but you also have the right to lodge a complaint with the Information Commissioner’s Office:
- Online: https://ico.org.uk/global/contact-us/email/
- By phone: 0303 123 1113
- By post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF