BH Associates – Legal Information
This website and its content is copyright of BH Associates – © BH Associates 2017.
Any redistribution or reproduction of part or all of the contents in any form is prohibited other than the following:
you may print or download to a local hard disk extracts for your personal and non- commercial use only
you may copy the content to individual third parties for their personal use, but only if you acknowledge the website as the source of the material
You may not, except with our express written permission, distribute or commercially exploit the content. Nor may you transmit it or store it in any other website or other form of electronic retrieval system.
1.0 OUR CORE BELIEFS REGARDING USER PRIVACY AND DATA PROTECTION
- User privacy and data protection are human rights
- We have a duty of care to the people within our data
- Data is a liability, it should only be collected and processed when absolutely necessary
- We do not spam or support the practice
- We will never sell, rent or otherwise distribute or make public your personal information
2.0 RELEVANT LEGISLATION
Along with our business and internal computer systems, this website is designed to comply with the following national and international legislation with regards to data protection and user privacy:
- UK Data Protection Act 1988 (DPA)
- EU Data Protection Directive 1995 (DPD)
- EU General Data Protection Regulation 2018 (GDPR)
- Australian Privacy Act 1988 (APA)
This site’s compliance with the above legislation, all of which are stringent in nature, means that this site is likely compliant with the data protection and user privacy legislation set out by many other countries and territories as well. If you are unsure about whether this site is compliant with your own country of residences’ specific data protection and user privacy legislation you should contact our data protection officer (details of whom can be found in section 9.0) for clarification.
3.0 PERSONAL INFORMATION THAT THIS WEBSITE COLLECTS AND WHY WE COLLECT IT
This website collects and uses personal information for the following reasons:
3.1 Site visitation tracking
Like most websites, Google Web Analytics (GWA) https://www.google.com/analytics/ to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.
Although GWA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GWA also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. We consider GWA to be a third party data processor (see Section 6.0 below).
3.2 Our blog
Should you choose to add a comment to any posts that we have published, the name and email address you enter with your comment will be saved to this website’s database, along with your computer’s IP address and the time and date that you submitted the comment. This information is only used to identify you as a contributor to the comment section of the respective blog post and is not passed on to any of the third party data processors detailed in Section 6.0. Only your name will be shown on the public-facing website although if the supplied email address is linked to a Gravatar account, your Gravatar photo will also be displayed.
Your comment and it’s associated personal data will remain on this site until we see fit to either 1.) remove the comment or 2.) remove the blog post. Should you wish to have the comment and it’s associated personal data deleted, please email the DPO using the email address that you commented from.
If you are under 16 years of age you MUST obtain parental consent before posting a comment on our blog.
NOTE: You should avoid entering personally identifiable information to the actual comment field of any blog post comments that you submit on this website.
3.3 Contact forms and email links
Should you choose to contact us using the contact form on our Contact us page or an email link, none of the data that you supply will be stored by this website or passed to / be processed by any of the third party data processors defined in Section 6.0. Instead, the data will be collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the internet. The email content is then decrypted by our local computers and devices.
3.4 Email newsletter
If you choose to join our email newsletter, the email address that you submit to us will be forwarded to MailChimp who provide us with email marketing services. We consider MailChimp to be a third party data processor (see section 6.0 below). The email address that you submit will not be stored within this website’s own database or in any of our internal computer systems.
Your email address will remain within MailChimp’s database for as long as we continue to use MailChimp’s services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by requesting removal via email. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
If you are under 16 years of age you MUST obtain parental consent before joining our email newsletter.
While your email address remains within the MailChimp database, you will receive periodic (approximately weekly) newsletter-style emails from us.
4.0 HOW WE STORE YOUR PERSONAL INFORMATION
4.1 Blog/Post Comments
As detailed in section 3.2 above, if you submit a comment to a blog post published on this website some personal information will be stored in this website’s database. This is currently the only occasion where personal data will be stored on this website. This data is currently stored in an identifiable fashion; a limitation of the content management system that this website is built on (WordPress). In the near future, we aim to change the storage of this data to a pseudonymous fashion meaning that the data would require additional processing using a separately stored ‘key’ before it could be used to identify an individual.
Pseudonymisation is a recent requirement of the GDPR which many web application developers are currently working to fully implement. We are committed to keeping it as a high priority and will implement it on this website as soon as we are able to.
4.2 Other Submitted Data
Data submitted to us for processing other than defined in Section 4.1 will be securely retained within our Gsuite system provided by Google. All data within this system is subject to additional password protection, encryption and 2-factor authentication. We retain only the basic data required to deliver our services to you. This is typically Name, Address, Email address, Subscription start/end details and contact opt-in details. Opt-in is not infinite, We will seek a further Opt-in decision from you every three years.
4.3 Opt-Out List
We also maintain a list of people who have opted out of receiving communications from our organisation. Should you attempt to opt-in having opted out previously we will contact you to confirm this decision and for your approval to remove you from the opt-out list. All mailings will be screened against our opt-out list.
4.4 Right to be forgotten
We fully support your right to be forgotten which can be applied by writing to our Data Protection Officer at Section 9.0 giving your identifying details and requesting removal of all material from our data systems. Our DPO will conduct a full sweep of all systems and remove your personal data, this includes our opt-out lists. Once complete the DPO will advise you of this action.
5.0 ABOUT THIS WEBSITE’S SERVER
This website is hosted on a server provided and managed by Hostpapa. Details of Hostpapa can be found in Section 6.2
6.0 OUR THIRD PARTY DATA PROCESSORS
We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out in Section 2.0.
6.1 Google Inc.
Google G Suite is the primary host of BH Associates data storage facility, Google Inc has appointed external Data Protection Officer in accordance with the EU GDPR and the (BDSG Article 4f Para. 1). This person ensures compliance with the act and other provisions relating to data protection and handles tasks in accordance with this legislation.
Data Protection Officer
1600 Amphitheatre Parkway,
BH Associates contractual agreements with Google Inc relating to Data Protection on G Suite can be accessed and downloaded at https://bhassociates.ltd/BHDocs/DPAGSuite.pdf
BH Associates utilise Hostpapa to manage website presence. Some websites may capture details of your customers especially if Woocommerce is used for shop management. If you have a bespoke implementation of BH
Associates INTERACT service that also resides on your hosted webspace.
Hostpapa is working toward compliance with the EU GDPR and in the interim here are their terms and conditions of service and their privacy code.
7.0 DATA BREACHES
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
8.0 DATA CONTROLLER
The data controller of this website is: Bexon Heaps Associates Ltd, UK Private Limited Company Registered in England 10751905 – VAT Registration No 278 6133 74 Whose registered office is:
9.0 DATA PROTECTION OFFICER
Nigel Kevin Heaps Esq.,MBE
Director, BH Associates Ltd.
Telephone: 0115 8883442
10.0 ICO INDEPENDENT ADVICE
For independent advice about data protection, privacy and data-sharing issues, you can contact the Information Commissioner at:
11.1 Change Log
Website Usage Policy
- The term ‘bhassociates.ltd’ or ‘BH Associates or ‘us’ or ‘we’ refers to the owner of the website whose registered office is BH Associates, PO Box 8244, Castle Donington, Derbyshire. DE74 2BY. The term ‘you’ refers to the user or viewer of our website.
- The content of the pages of this website is for your general information and use only. It is subject to change without notice.
- Neither we nor any third parties provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness or suitability of the information and materials found or offered on this website for any particular purpose. You acknowledge that such information and materials may contain inaccuracies or errors and we expressly exclude liability for any such inaccuracies or errors to the fullest extent permitted by law.
- Your use of any information or materials on this website is entirely at your own risk, for which we shall not be liable. It shall be your own responsibility to ensure that any products, services or information available through this website meet your specific requirements.
- This website contains material which is owned by or licensed to us. This material includes, but is not limited to, the design, layout, look, appearance and graphics. Reproduction is prohibited other than in accordance with the copyright notice, which forms part of these terms and conditions.
- All trademarks reproduced in this website, which are not the property of, or licensed to the operator, are acknowledged on the website.
- Unauthorised use of this website may give rise to a claim for damages and/or be a criminal offence.
- From time to time this website may also include links to other Websites, Individuals and Organisations. These links are provided for your convenience to provide further information. They do not signify that we endorse the recipient. We have no responsibility for the content of the linked website(s).
- You may not create a link to this website from another website or document without BH Associates prior written consent.
- Your use of this website and any dispute arising out of such use of the website is subject to the laws of England, Scotland and Wales.
- The information contained in this website is for general information purposes only. The information is provided by BH Associates and while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.
- In no event will we be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website.
- Nothing in these terms and conditions excludes or limits liability for death or personal injury caused by negligence, fraudulent misrepresentation, or any other liability which may not otherwise be limited or excluded under applicable law. The BH Associates organisation will not be liable, in contract, tort (including, without limitation, negligence), pre- contract or other representations (other than fraudulent on negligent misrepresentations) or otherwise out of or in connection with the terms and conditions for any:
- economic losses (including without limitation loss of revenues, data, profits, contracts, business or anticipated savings); or
- loss of goodwill or reputation; or
- special or indirect losses Suffered or incurred by that party arising out of or in connection with the provisions of any matter under these terms and conditions.
- The BH Associates’ aggregate liability (whether in contract, tort or otherwise) for loss or damage shall in any event be limited to a sum equal to the amount paid or payable by you for any product(s) or service(s) in respect of one incident or series of incidents attributable to the same clause
- We will take all reasonable precautions to keep the details of your order and payment secure, but, unless we are negligent, we cannot be held liable for any losses caused as a result of unauthorised access to information provided by you.
- Through this website you are able to link to other websites which are not under the control of BH Associates. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.
- Every effort is made to keep the website up and running smoothly. However, The BH Associates organisation takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control
Cookies – Information & Policy
What are cookies?
Cookies are small pieces of data, stored in text files, that are stored on your computer or other device when websites are loaded in a browser. They are widely used to ‘remember’ you and your preferences, either for a single visit (through a ’session cookie’) or for multiple repeat visits (using a ‘persistent cookie’). They ensure a consistent and efficient experience for visitors, and perform essential functions such as allowing users to register and remain logged in. Cookies may be set by the site that you are visiting (known as ‘first party cookies’), or by other websites who serve up content on that site (‘third party cookies’).
Cookies and bhassociates.ltd
Many of the cookies we use are only set if a visitor is a registered bhassociates.ltd user, whilst others are set for all visitors upon certain actions.
Cookies we use
Below is a description of each category of cookies that are in use, along with specific examples (including both those used for registered and non-bhassociates.ltd users).
These are the cookies that are essential for bhassociates.ltd to perform its basic functions. These include those required to allow registered users to authenticate and perform account related functions, as well as to save the contents of virtual ‘carts’ in the e-commerce functionality. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
These cookies are used to store preferences set by users such as account name, language, and location. They are not used to track visitors on sites external to bhassociates.ltd.
Performance cookies collect information on how users interact with bhassociates.ltd, including what pages are visited most, as well as other analytical data. These details are only used to improve how our website functions. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance and improve future experience.
These cookies are used to display relevant advertising to visitors on bhassociates.ltd, as well as to track the volume of visitors to the site. They track details about visitors such as the number of unique visitors, number of times particular ads have been displayed, the number of clicks the ads have received, and are also used to measure the effectiveness of ad campaigns by building up user profiles. These are set by Automattic and trusted third party networks, and are generally persistent in nature. They do not store directly personal information but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Third Party/Embedded Content
The bhassociates.ltd site makes use of different third-party applications and services to enhance the experience of website visitors. These include social media platforms such as Facebook and Twitter (through the use of sharing buttons), or embedded content from Youtube and Vimeo. As a result, cookies may be set by these third parties and used by them to track your online activity. We have no direct control over the information that is collected by these cookies and disabling them may break the functionality of the embedded content.
To find out more on how to manage and delete cookies, visit aboutcookies.org. For more details on advertising cookies, and how to manage them, visit youronlinechoices.eu (EU based), or aboutads.info (US based).
List of cookies on bhassociates.ltd
This list is monitored and updated by BH Associates who provide our web services.
SIDCC – Google Security cookie to protect users data from unauthorised access
_ga – Google Analytics
_gid – Google Analytics
_gat – Google Analytics
Other Session Cookies
These start with ‘wfvt’ followed by an individual generated string of characters – These contain information about your general geographic location (used to remember your time zone, for example). These are known as session cookies and are deleted when you leave the site.
Cookies created by leaving comments
Comment_author_ – Records your supplied comment name
Comment_author_email_ – Records your supplied comment email address
We at bhassociates.ltd take our responsibilities under data processing law very seriously, we also work hard to bring the best web experience to our visitors. This does mean that we may trial a new feature which may place additional cookies on your device. Where possible we ensure that the list of cookies on this page are updated but occasionally one may slip through the net. If you encounter a cookie from this site that is not listed above please consider blocking it whilst being aware that it may affect functionality, we would so appreciate you reporting the cookie to firstname.lastname@example.org so we may investigate and take remedial action.