HOW WE COLLECT YOUR DATA
We collect personal data in the following ways;
- when you complete and submit the contact form on our company’s website
- when you contact us by telephone and leave a voicemail message or send us emails or text messages or contacting us through our website or social media accounts
- when viewing and using our website https://flowdigital.je/, where the data collected relates to the type of device being used, any cookie data and Google Analytics website usage data.
- from third party channels such as public registers, social media, and any other public open forums
- directly from you as a member of the public, prospective employee, existing employee when engaging directly with us.
- from use of website cookies and beacons which may track your usage of our website and uploading of information to the website
- from Google Analytics or other similar software to assist us in managing our website performance, and if required for our clients’ website. Only information such as IP address, location, time zone, browser type/version, with plug-in types/versions, device operating system and platform are referenced
INFORMATION COLLECTED
- meet our obligations in the performance of a contract for the provision of our professional services which you have requested of us
- to manage your account with us, and deal with any feedback or complaint
- keep you informed of our products and services which may be of interest to you
- assist us in the delivery and operation of secure business communications via email and our website and other relevant means
- meet legal obligations from relevant local laws in relation to sale of product and services transactions e.g. GST/VAT
- meet any legal obligations in relation to the defence of a legal claim or where we received a court order for the disclosure of personal data
- meet any other legal obligations from relevant local laws
- assist you in case of an emergency situation e.g. if there was an accident on our premises
SOFTWARE APPLICATIONS USED
Listed below are some of the main software applications we use to deliver our professional services for our clients’ projects. Each application has a specific function and purpose for processing data to deliver the required services.
Google Ads, YouTube Ads, Facebook ads, Sendible, UpViral, Instagram, LinkedIn, Hubspot
Personal data: Trackers; Usage Data; Name; Email address
Google Analytics, Google Optimize, Facebook Ads conversion tracking (Facebook pixel), Meta Events Manager, LinkedIn Insight
Personal data: Cookies; Usage Data;Trackers; Usage data
Mailing list or newsletter and Contact Form
Personal data: Email address
Displaying content from external platforms
Google fonts, Vimeo, YouTube
Personal data: Trackers; Usage data
Hosting and backend infrastructure
Personal data: Various types of data as specified in the privacy policy of the service
Infrastructure monitoring
Personal data: Cookies; Usage data
Managing contacts and sending messages
Mailgun, MailChimp, Hubspot
Personal data: Email address
Remarketing and behavioural targeting
Facebook Remarketing LinkedIn Insight
Google Ads
Hotjar
Personal data: Cookies; Trackers; Usage data
Personal data: Trackers; Usage data
Traffic optimisation and distribution
HubSpot CRM
HubSpot Lead Management
Personal data: Email address, first name, last name, Trackers, Usage data, various types of data as specified in the privacy policy of the service
INFORMATION ON OPTION OUT OF INTEREST-BASED ADVERTISING
In addition to any opt-out feature provided by any of the services listed in this document, Users may follow the instructions provided by YourOnlineChoices (EU), the Network Advertising Initiative (US)and the Digital Advertising Alliance (US), DAAC (Canada), DDAI (Japan) or other similar initiatives.
Such initiatives allow Users to select their tracking preferences for most of the advertising tools. The Owner thus recommends that Users make use of these resources in addition to the information provided in this document.
The Digital Advertising Alliance offers an application called AppChoices that helps Users to control interest-based advertising on mobile apps.
Users may also opt-out of certain advertising features through applicable device settings, such as the device advertising settings for mobile phones or ads settings in general.
RECIPIENTS OF DATA
Personal data collected may be disclosed or transferred to;
- Flow Digital data processors who provide those requested services in relation to theprovision of our branding, design and marketing services, website creation, video creationand technology hosting services for our clients
- Flow Digital data processors who provide services in relation to the secure and safe runningof its business systems and processes
- Professional agents in the provision of required services (e.g. lawyers, bankers, accountants,auditors)
- Law Enforcement and Competent Authorities as required by law where such disclosure is necessary for compliance with a legal obligation
- Other third parties if requested by you and when relevant consent has been obtained from you
- Any new owner of Flow Digital should it be acquired or merged with another company
Third party service providers are bound by the requirements of the Data Processor Agreement obligations, where personal data is to be processed to high standards of confidentially and in line with the required security arrangements.
SOCIAL MEDIA PLATFORM
When we use social media platforms e.g. Facebook, Instagram, LinkedIn, we only operate it so as to promote our own business and we would not knowingly engage in activities that go beyond this scope.Our clients (and other data subjects) are advised to refer to the respective privacy notices of these social media platforms to check your data protection and privacy rights. Flow Digital cannot be held responsible for third party social media platforms or websites activities.
Flow Digital own social media accounts are identified as being the following;
Facebook https://www.facebook.com/FlowDigital.jeInstagram https://www.instagram.com/flowdigital.je/LinkedIn https://www.linkedin.com/company/flowdigitalje/
DATA SHARING AND DISCLOSURE
We do not share your data beyond what is agreed as necessary for the provision or operation of our services to you. Any third parties we engage to process your personal information are obliged to respect the confidentiality of your information.There are circumstances where we might share anonymised data (not identifying you) for research and analytical purposes.There are legal and regulatory circumstances where we may be obliged to share data, for example with Court, Police or Regulator.
THIRD COUNTRY TRANSFERS AND SAFEGUARDS
We operate in Jersey and our data substantially resides in Jersey. However, we do use technology which may transfer data to another jurisdiction, for example use of Microsoft and Cloud-based back-up of data. Where possible, we would always look to hold your data withinJersey or UK or EEA in the first instance.
For those occasions where your data is to be held outside the Jersey, UK, or EEA, in locations where such transfers do not offer the same level of protection of personal data as may be enjoyed within Jersey (e.g., United States) we will ensure that your data is appropriately protected (for example by reference to IT security standards). We would also look to ensure that the service provider is contracted to adhere to the appropriate security and data protection standards as provided for in the required Standard Contractual Clauses data transfer mechanism.
Where we cannot guarantee these safeguards, we would always request your consent before the data is transferred.
DATA SECURITY
We use up-to-date data storage and security techniques to protect your personal information from unauthorised access, improper use or disclosure, unauthorised modification or unlawful destruction or accidental loss.We have a Data Protection Policy and Information Security Policy and Training Policy ensuring high standards of governance for your data.The security measures we have in place include:
- Policies - All staff adhere to the Acceptable use policy.
- Training - There is a mandatory Data Protection training for all the new staff and annual updates for existing staff.
- Physical Security/Access Permissions - There are access controls to all data held which are appropriate to staff requirements. To ensure security in the workplace staff have their own access card for perimeter doors to prevent unauthorised access.
- Destruction process - All personal data is securely destroyed after it has reached the retention period. Paper waste is sent to secure disposal in designated confidential waste bins.
- Encryption - Encrypted email can be used for email data transfer outside of our network.
HOW LONG WE HOLD DATA
We will retain your personal data for as long as necessary to fulfil the purpose for which it was collected.
Flow Digital will retain personal data in relation to clients, suppliers, other data subjects’ transactions for 10 years from the date of the transaction where they are deemed to be part of the financial records of the business.
Anything else we delete 1 year after your last interaction with us. So, if we don't hear from you for a year, we delete your data (unless we need to retain it for legal or regulatory reasons).
YOUR RIGHTS
Data subjects have a number of rights available to them;
- access to their personal data
- rectification of any inaccuracies,
- restriction on the processing their data
- to object to the processing of their data
- to be forgotten (erasure of your data)
- right to data portability
- right to object to automated decision making and profiling
- right to withdraw consent for those data processing activities based on consent
Flow Digital does not make any decisions based on purely automated means, but if we do, you have a right to object.
Each data subject request to exercise the rights noted above will be reviewed against the requirements of the Data Protection (Jersey) Law 2018 and in certain circumstances (e.g.restriction, erasure, objection, data portability) these rights may not be exercisable by the company. Full explanations will be given in such cases.
MAKING A COMPLAINT:
The Office of the Information Commissioner in Jersey, Channel Islands, is an independent statutory authority where you can make a complaint or learn more about data protection inJersey. Their office is located at 2nd Floor, 5 Castle Street, St. Helier, Jersey, JE2 3BT. Their website is
www.jerseyoic.org and telephone number is 01534 716530.
CHANGE TO THIS POLICY:
Flow Digital may update this Privacy Policy at any time. The updated policy notice will appear on our website https://flowdigital.je/ and in our Terms of Business.
This Privacy Policy was last approved on 09 March 2023.
CONTACT DETAILS:
If you have any questions, concerns or complaints with respect to this Privacy Notice or the handling of your privacy or personal information, please contact one of our directors or our data protection manager at
dpo@flowdigital.je
