This Privacy Policy describes how https://bizbookkeeping.info/ collects, uses, and discloses your Personal Information when you visit our website. According to the GDPR article 13.
After reviewing this policy, if you have additional questions, want more information about our privacy practices, or would like to make a complaint, please contact us by e-mail at [email protected].
When you visit the Site, we collect certain information about your device, and your interaction with the Site. We may also collect additional information if you contact us. In this Privacy Policy, we refer to any information about an identifiable individual (including the information below) as “Personal Information.” Bizbookkeeping is the only recipient of your personal data. Providing this data is necessary for the reason described in the below chart. The consequence of not providing the described information could have as consequences that it will not be possible to provide the services described in the chart below. See the list below for more information about what Personal Information we collect and why.
SOURCE | PERSONAL DATA | REASON | LEGAL BASIS | RETENTION PERIOD |
---|---|---|---|---|
BROWSING ON THE WEBSITE | • Cookies • IP address • Logs | • Browsing the website • Improve stability and functionality of the website. • Security purpose | • Legitimate interest • Consent • Contract | Until the data is no more needed, or the consent is revoked |
CONTACT FORM | • Name • Email address | • Contact the support for information. | • Contract (precontractual) | Until the contact procedure is completed |
The Site is not intended for individuals under the age of 18. We do not intentionally collect Personal Information from children. If you are the parent or guardian and believe your child has provided us with Personal Information, please contact us at the address above to request deletion.
Pursuant to the General Data Protection Regulation (“GDPR”), if you are a resident of the European Economic Area (“EEA”), we process your personal information under the following lawful bases:
According to the GDPR «storage limitation principle», we do not keep the data longer than necessary for the purpose of the processing. This can be:
Your Personal Information will be initially processed in Amsterdam in a Cloudflare secure server and then will be in certain circumstances transferred outside of Europe to the USA, only in the case of a legal obligation
Cloudflare is using Standard Contractual Clauses and Additional technical and organisational measures as lawful basis. These are complying with the EU GDPR guidelines. You can find more information here https://www.cloudflare.com/gdpr/introduction/
Bizbookkeeping has put in pace security measures like using a secure server from Cloudflare. Additionally, we are using HTTPS connections and are updating regularly our website to find and remove any new vulnerability that could be identified.
The Right to Information; you have the right to request information about the personal data we hold. You have the right to be informed of how your personal data is processed.
The Right of Access; (Article 15, Recitals 63 & 64 GDPR) The General Data Protection Regulation (GDPR), under Article 15, gives individuals the right to request a copy of any of their personal data which are being ‘processed’ (i.e. used in any way) by ‘controllers’ (i.e. those who decide how and why data are processed), as well as other relevant information (as detailed below). These requests are often referred to as ‘data subject access requests’, or ‘access requests’.
The Right to Rectification; (Articles 16 & 19 of the GDPR)
If your personal data is inaccurate, you have the right to have the data rectified, by the controller, without undue delay.
If your personal data is incomplete, you have the right to have data completed, including by means of providing supplementary information.
The right of rectification is restricted in certain circumstances under Section 60 of the Data Protection Act 2018, which provides for restrictions that are necessary for important objectives of public interest, and by Section 43 of the Act which seeks to balance the right of rectification with the right of freedom of expression and information.
The Right to Erasure; (Articles 17 & 19 of the GDPR)
This is also known as the ‘right to be forgotten’.
You have the right to have your data erased, without undue delay, by the data controller, if one of the following grounds applies:
The Right to Restriction of Processing; (Article 18 of the GDPR)
You have a limited right of restriction of processing of your personal data by a data controller. Where the processing of your data is restricted, it can be stored by the data controller, but most other processing actions, such as deletion, will require your permission.
The Right to Data Portability; (Article 20 of the GDPR)
In some circumstances, you may be entitled to obtain your personal data from a data controller in a format that makes it easier to reuse your information in another context and to transmit this data to another data controller of your choosing without hindrance. This is referred to as the right to data portability.
The Right to Object; (Article 21 of the GDPR)
When do you have a right to object?
You have the right to object to certain types of processing of your personal data where this processing is carried out in connection with tasks:
You have a stronger right to object to the processing of your personal data where the processing relates to direct marketing. Where a data controller is using your personal data for the purpose of marketing something directly to you or profiling you for direct marketing purposes, you can object at any time, and the data controller must stop processing as soon as they receive your objection.
You may also object to the processing of your personal data for research purposes unless the processing is necessary for the performance of a task carried out in the public interest.
The Right to Avoid Automated Decision-Making; (Article 22 of the GDPR)
You have the right to not be subject to a decision based solely on automated processing. Processing is ‘automated’ where it is carried out without human intervention and where it produces legal effects or significantly affects you.
Automated processing includes profiling.
In accordance with the UK and EU GDPR you also have the right to lodge a complaint to the Data Protection Authority.
For English-speaking peoples, you can contact the ICO, which is the English authority for the protection of personal data.
The Information Commissioner’s Office
Water Lane, Wycliffe House
Wilmslow – Cheshire SK9 5AF
Tel. +44 1625 545 745
e-mail: [email protected]
Website: https://ico.org.uk