This Privacy Notice sets out the details of how Paul Ballard-Whyte (“we”, “us”, “our”) as data controller, collects and processes your personal data obtained directly from you, or through our website located at www.luckyhitler.com, or our other online platforms and social media channels
which, for the purposes of this privacy notice, shall be collectively referred to as (“the Website”).
For the purposes of this Privacy Notice, personal data shall mean any information that can be used
to identify an individual whether directly or indirectly (“Personal Data”).
Please read through the content of this Privacy Notice carefully and ensure that you understand it. If
you do not understand the content of this Privacy Notice or do not accept or agree with it then you
must stop using the Website and/ or accessing our other online platforms, social media groups and
any other associated groups or pages immediately. If you have already provided us with any
Personal Data, then you must contact us immediately.
By accessing the Website and providing us with your Personal Data you are warranting that you are
over 18 years of age. This Website is directed to individuals who are at least 18 years of age. The
Website is not intended to be used by anyone under the age of 18 and we do not collect any
Personal Data or information from anyone under 18 years of age in compliance.
If you have any questions about this Privacy Notice or require more information concerning our
privacy and data protection practices, please contact us at paul@luckyhitler.com
What personal data do we process, why do we process it, and how do we collect it We may process Personal Data that you provide to us by subscribing to a newsletter or email list,
requesting information through a contact form, or by any other communication via email, text or
through our websites.
We may also process your Personal Data through the use of cookies or other tracking software on
our website. Please refer to our separate cookie policy for further information.
We may also process Personal Data received from third parties such as Facebook, Google, Pinterest,
Instagram, YouTube, Paypal and Stripe, or other information, analytic or advertising providers or
other search or payment processing services.
When we process your Personal Data we will comply with relevant data protection laws and
principles such as the General Data Protection Regulation (EU Regulation 2016/679) (“GDPR”),
which means that your data will be used lawfully, fairly and in a transparent way, kept securely and
only for as long as necessary for the purposes we have told you about.
We shall only collect and process your Personal Data for purposes that are clearly outlined prior to
you providing us with your data, or for a legitimate reason.
Whenever we process your Personal Data we do so on the basis of a lawful condition this will either
be because you have given your consent for us to process your Personal Data, where we are under a
contractual or legal obligation, or where it is in our legitimate interests to do so.
We do not carry out automated decision making or any type of automated profiling.
The types of Personal Data which we process will vary depending on your own specific
circumstances but typically can include:
•
Personal Information: which may include your name, date of birth, email address, phone
number, business contact details, correspondence address, IP address. We shall process this
data for the purposes of communicating with you and keeping our records on the lawful
grounds of legitimate interest
•
Customer or Client Information: should you purchase goods and/or services from us then
we may process information in connection with your purchase, and the supply of that
purchase, as well as keeping appropriate records. Such information may include your
Personal Information, billing address, delivery address, credit card or other payment
details and we shall process it on contractual grounds
•
User Information: this may include comments or statements that you may make or post via
our website, online platforms or social media channels, images, documents or videos that
you share on or through our website or through any of our pages or other online platforms,
and information concerning your use of our website or other online platforms such as your
browser information, pixel ID, page views, pages visited, number of visits and where
appropriate log-in details. We shall process this information to analyse and monitor usage
and content of our Website and other platforms and channels to ensure the content is
relevant to you, to support our administration and record keeping requirements, and to
maintain security of our systems on legitimate interest grounds
•
Promotional Information: this may include information you provide in connection with any
promotions, marketing, or advertising from us or our third parties. We shall use this
information to provide relevant offers and advertisements, competitions and promotions
and other free resources and to monitor our promotional activity, keep records and compile
analytics on legitimate interest grounds
We may also process your Personal Data to deliver or send relevant advertisements to you through
our website and to analyse the success and effectiveness of such adverts for our legitimate interest
purposes of promoting and growing our business.
In accordance with the Privacy and Electronic Communications Regulations (PECR) we may also send
you relevant advertisements or marketing information if you:
• have ever purchased or enquired about our products or services; and
• at the time of your purchase or enquiry you agreed to receive advertising or marketing
information from us, and you have not opted out from receiving that information
Where we contact you through email, we shall ensure that our emails clearly display the location of
the sender and include clear options for you to opt-out from receiving contact from us in accordance
with the
CAN-SPAM Act.
Special Category Data We do not collect any special category data about you. This is data relating to your health, race or
ethnicity, political opinion, religious or philosophical beliefs, trade union membership, genetics,
biometrics, sex life or sexual orientation. We do not process any data relating to criminal offences
and convictions.
Disclosure of Personal Data We may use any of the following external service providers to support our business and may share
your Personal Data with those third parties:
Facebook;
Instagram;
Google;
Paypal;
Stripe;
Zoom;
Airmeet;
Dropbox;
Whatsapp.
We understand that all of these third parties have appropriate technical and security processes in
place to protect your data.
We may also share your Personal Data as follows:
- where it is necessary for external service providers who have been engaged by us to assist in the provision of services to our clients and customers
- where it is required by our professional support teams
- where we are required by a government body or legal obligation or to protect our rights
- where it is required in connection with the sale or purchase of any business or assets
- with any other member or company of our group
Where we have outsourced a function or activity to an external service provider, we will only
disclose Personal Data that the service provider needs to undertake that function or activity, and we
require external service providers to agree to keep your Personal Data secure in accordance with the
relevant law.
We agree not to share your Personal Data with any third party for that third party’s marketing
purposes unless we have obtained your consent to do so.
Transfer of Personal Data Our website is located within the United Kingdom and your data will be processed in the United
Kingdom. We comply with the Internet laws applicable to that country.
We may also transfer your Personal Data to a third-party service provider which requires your Data
to be transferred outside of the EEA. Where your Data is transferred outside of the EEA by our third party service providers, we understand that they comply with the following standards relating to the
security of your Personal Data:
I. Facebook complies with the General Data Protection Regulation and is certified under the
Privacy shield for data transfers
II. Google complies with the General Data Protection Regulation and is certified under the
privacy shield for data transfers. Google also complies with the Payment Card Industry Data
Security Standards
III. Paypal relies on Binding Corporate Rules approved by competent Supervisory authorities
IV. Stripe is certified under the EU-US Privacy Shield as well as EU Standard Contractual Clauses
and Binding Corporate Rules
V. Zoom is certified under the EU-U.S. Privacy Shield Framework and the Swiss-U.S Privacy
Shield
VI. Dropbox is certified under the EU-U.S. Privacy Shield Framework and the Swiss-U.S Privacy
Shield
VII. Whatsapp is certified under the EU-U.S. Privacy Shield Framework and the Swiss-U.S Privacy
Shield
Where we transfer Personal Data to parties not listed above that are outside of the EEA then we will
ensure that at least one of the following conditions is met:
I. you have given your express consent
II. the country has an approved adequate level of protection for personal data
III. it is legally required
IV. it is authorised by the relevant data protection authority
Data Security We take the protection of your Personal Data seriously and have taken suitable and reasonable
steps to protect the Personal Data we hold from misuse, loss, unauthorised access, and any
modification or disclosure.
We limit access to your Personal Data to those employees, agents, contractor or third parties who
have a business need to know. They will only process your Data on our instructions and must keep it
confidential.
If you are submitting Personal Data over the internet that you wish to remain private, please note
that while attempts are made to secure information transmitted to this site, there are inherent risks
in transmitting information across the internet. If you prefer, we can arrange for you to submit your
Personal Data through alternative means. Please contact us to discuss alternative methods.
Data Retention We will not keep your Personal Data for longer than is required with regards to the purpose for
which it was collected by us or provided by you including any legal or record keeping requirements
and will take reasonable steps to destroy or permanently de-identify your Personal Data when it is
no longer required.
Your Rights in Relation to the Data We Hold You have rights in relation to your Personal Data, these include the right to access and receive a copy
of your Personal Data, to ask us to correct any errors, to erase your Personal Data, to restrict or
object to how your information is processed. You can find out more about your rights by visiting
https://ico.org.uk/your-data-matters/
To ensure the information we hold about you remains accurate please contact us using the email
address above if at any time your personal details change.
Where you have provided your consent for us to process your Personal Data you can withdraw that
consent at any time. Should you wish to do so please contact us at the above email address.
If you are not happy with how we process your Personal Data you have the right to lodge a
complaint with The Information Commissioners Office (ICO), the UK supervisory authority for data
protection issues.
Links to Other Sites The Website may contain links to other sites. We are not responsible for the privacy practices of
those websites and have no knowledge of whether cookies or other tracking devices are used on any
such linked sites. If you have any concerns regarding the privacy of your information you should
ensure you are aware of the privacy policies of those sites before disclosing any personal
information.
Changes to this Privacy Notice We reserve the right to alter or amend this Privacy Notice without any prior notice to you. Should
our Privacy Notice be altered, the new Privacy Notice will be posted on the Website.
Your first use of our website after the date of any amendments or alterations will constitute your
acceptance of such changes therefore, we recommend you review this Privacy Notice regularly to
keep informed of any changes