Alex Genn Copywriting (a trading name of Genn-Wyatt Ltd) is committed to protecting your privacy. When you interact with us by phone, mail, in person or online, we sometimes receive personal information about you.
This policy tells you what information we keep, why, for how long, and who we share it with. This is called Processing data. We are a data processor (according to the new data law GDPR) so we’re explaining why and how we process it.
Why do we hold (process) information about you?
Either because you’ve consented for us to do so (through working with us, signing up to emails, filling in an online form) or because it’s part of our legitimate business interests, specifically proper administration of our website and running of our business (as they say). There’s more about Legitimate Interest later in this policy, explaining what is is and why we believe we have legitimate interest to process your data.
If you do not want us to hold your information, it is your right to withdraw consent at any time. Just contact us at email@example.com
How do we collect information about you?
We may collect information about you whenever you interact with us. For example, when you sign-up to a newsletter, ask about our business, work with us or otherwise give us any other personal information.
What information do we hold about out you?
The information we hold may include: website cookies, email addresses, phone numbers, physical addresses, position and also some of your opinions (such as the email feedback you give us on our work). We also hold information about any financial transactions you make with us (whether you’re a supplier or a client).
How do we store and protect your data?
We take the security of the data we hold very seriously.
- Electronic devices in our offices are password protected
- Electronic contact data lists (such as lists of names, email addresses etc) held at our office are kept in an encrypted area
- Electronic data kept on our mobile devices is password protected
- Paper records (such as our annual accounts archive) is kept in a secure, alarmed location, at our offices.
- It is our policy to log off our computers or close browser windows when we finish work to ensure that others cannot access personal information and correspondence.
The sad truth is, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot ensure or warrant the security of any information you transmit to us or from our online products or services, and you do so at your own risk.
Who is collecting the information?
When you are asked for personal information by us you, are sharing that information with Genn-Wyatt Ltd (trading as Alex Genn Copywriting), for the purposes of the successful running of our business.
Do we pass your info on?
We never sell your information. We only pass it on to third parties, who we believe have their own GDPR-compliant policies. Who we do pass on to:
- Suppliers, such as writers who work with us (a full list and their privacy policies are available on request)
- Accountant: Munroe Brown Ltd, who might handle your invoices etc. for tax reasons
- Financial management system: Xero, which handles purchase orders, quotes, invoices, etc.
- Mail management systems: Google, Mailchimp, Outlook, One.com
- Contact management system: Insightly
- Our bank: NatWest
- Clients who ask for recommendations
- Our insurance company: Policy Bee
When else might we pass your data on?
We might need to pass it on for legal reasons, as part of the Freedom of information act or for our own legal reason, such as for use in legal proceedings or claims.
How long do we keep your information about you?
We keep it for as long as is necessary to complete the work we’re undertaking for you. We’ll then keep you on our database for 15 years for marketing purpose’s (our own, not any third parties). If you wish to be removed, you can tell us at any time. However we keep a ‘suppression list’ (this tells us which people we should not contact)’ which will be kept indefinitely, to make sure we don’t bother you.
How can you delete or update your information?
It is your right to change or have us delete any or all of your information by contacting us on firstname.lastname@example.org.
If you ask us to delete your information we will do so, but we will retain your details on a suppression list, this ensures we don‘t contact you again. This list will be kept in an encrypted file
When we buy from our suppliers, send invoices receive payments etc, this is handled solely by the Directors Claire Wyatt and Alex Genn. Our bank NatWest, HMRC, our accounting software Xero and our accountants Munroe Brown will also have access to this information.
About our websites and cookies
Our websites are hosted in the US, the UK and Denmark. The European Commission has made an “adequacy decision” about the data protection laws of each country. Transfers to each of these countries are protected by appropriate safeguards (i.e. the standard data protection clauses of the European Commission). You can get a copy from the European Commission.
We collect cookies for our site, but we don’t track you elsewhere. When you use our website you have the option to refuse to allow cookies. You’ll see a notice on the site. We won’t collect cookies unless you agree.
If you visit our websites we may record information about:
- the areas of the website you visit
- the amount of time you spend on the site
- whether you are new to the site, or have visited it before
- how you came to our website – for example, through an email link or a search engine
- the type of computer, browser, network location and internet connection you use.
What are cookies and how they are used?
Internet browsers normally accept cookies by default; however, it is possible to set a browser to reject cookies. By modifying your browser preferences, you have the choice to accept all cookies, to be notified when a cookie is set or to reject all cookies
Your IP address is the unique number that identifies the computer you’re using. When you fill in our online form, we’ll store your IP address. Just let us know if you’d like us to delete it.
What else should I know about my privacy?
Remember whenever you voluntarily disclose personal information online, that information can be collected and used by others. In short, if you disclose personal information online that is accessible to others, you may receive unsolicited messages from other parties in return.
You should be aware that if you access other websites to which we provide links, these are outside our control. If you provide personal data to other companies, the privacy policies of those companies determine the uses to which that information is put and ours will no longer apply.
This policy may change from time to time, so please check back periodically. Ultimately, you are solely responsible for maintaining the secrecy of any information about yourself. Please be careful and responsible whenever you are online.
Data Protection Act
We are committed to the protection and privacy of your personal data, and as such are held in accordance with the Data Protection Act 1998.
For more information, see the UK government’s Data Protection website.
About our Legitimate Interest
Why do we believe we have a ‘Legitimate Interest’ to process your data?
The short answer
We only contact businesses who rely on services like ours. We rely on them using companies like us, to stay in business. So processing the data is mutually beneficial. No harm or damage is done by our processing the data, and no-individual’s rights are affected. If we didn’t hold it, it would harm our ability to do business. We hold data securely (in encrypted files, behind passwords and under lock key). And you can ask us at any time to delete your data.
The long answer
We believe we have a ‘Legitimate Interest’ to process your data because…
– We only hold the data of individuals at companies (such as Ltd, PPL etc) never private individuals
– We only use this data to market services which are directly related and of genuine interest to clients and potential clients (such as copywriting services for Marketing agencies, or Voiceover services for Production companies)
– Processing the data is necessary to maintaining our business
– GDPR identifies this processing activity as legitimate (we have undertaken a balancing test, with a positive outcome)
– The processing activity is essential to our business, so we can find new clients. We always specifically articulate our legitimate interest to our potential clients
– The processing is critical to our business to stay profitable. For example, emailing potential clients is our main source of business. We only email businesses, never private individuals. We believe this is a simple and clear explanation of why we hold and use data. We believe our holding this data does no harm at all to individuals. All data held is related to business contacts.
– The rights of the individuals, whose data we hold, are clearly articulated in our data policy (i.e. you can ask for us to remove or change your data at any time)
– There’s no other way of achieving our objectives, without disproportionate effort
– The people we email expect to receive marketing emails from companies like ours offering services they may already use and be interested in. As a result we believe it is likely they will have considered and accepted the impact of them.
– Our marketing material often contains useful information (such as tips on grammar, modes of address and new trends in voiceover etc.) which certainly add value to the services the individuals we contact provide
– Processing the data will not negatively affect individual’s rights or result in unwarranted harm or distress
– If we were unable to process the data it would prejudice our business, making it significantly harder for us to find new business and making it significantly harder for our suppliers to work for us, prejudicing them also
Processing is in the interest of the individual whose data it relates to, because it gives them access to services which they may need to continue running their business (such as copywriting services for marketing agencies, or voiceover services for production companies)
– The legitimate interests of the individual are aligned with ours, because our business provides services to other businesses. Those businesses rely on services such as ours to stay in business. Therefore our need to process their information presents a legitimate interest, not just for us, but the individual as well.
– The connection between the individual and organisation is: existing customer, lapsed/cancelled customer, client, prospect or supplier
– Processing never limits or undermines the rights of individuals
– Our data has been collected directly and indirectly
– The individual holds (and is informed of) the power to choose to change or delete (although we will keep a ‘suppression list’ to ensure they are not contacted in the future
– Individuals that we contact would absolutely expect us to use their information for our purposes (email marketing), it is standard business-to-business procedure, well established over the last 20 years.
– Individuals whose data is being processed can easily control our processing activity or object to it. Every communication has a clear option to change the information we hold or for the individual to be removed from our data (although we keep an encrypted suppression list)
– Any data we hold is either: in an encrypted electronic space, on password protected devices, or kept in a locked and alarmed location, all of which we believe protects your data
Our place of business and registered office is: 34 Chapmans Crescent, Chesham, Bucks, HP5 2QT
You can contact us by post, at on email@example.com or on 07986 123 626
Our data protection officer is: Alex Genn