The Website is operated by The Blogger Programme Limited (we, us, our, TBP) a company incorporated in England & Wales with company number 09177080 and registered office at Prince Albert House, 20 King Street, Maidenhead, Berkshire, SL6 1DT and we are the “data controller” (i.e. the company which decides the means and purpose for the processing of your personal data).
This policy explains the following:
- what information TBP may collect about you;
- how TBP will use information we collect about you;
- whether TBP will disclose your details to anyone else; and
- your choices and rights regarding the personal information you have provided to us.
1. WHAT DATA DO WE COLLECT AND HOW IS IT USED?
We collect and process the following information which may include your personal data.
|Type of information
||Purpose of the processing and legal basis for the processing
||Who is this data shared with?
We may collect and store any personal information you provide when using the Website, such as your (or your organisation/brand’s):
- brand/influencer bio;
- blog/website url;
- email address;
- log-in details;
- telephone number;
- payment information;
- social media account url; and
- date of birth
- to respond to your enquiries;
- to contact you about matters requiring your attention;
- to provide you with information about the services we offer. This might include sending you newsletters on behalf of our clients;
- to provide you with the services that we offer;
manage risk or prevent other illegal or prohibited activities;
- to take steps you ask of us with a view to entering into an agreement
- to provide you with our services; and
- to resolve issues or fix problems on the website (troubleshooting).
If you would like us to delete your account or personal data, please email us at email@example.com.
- Servers in North America
- MailChimp and Zoho – we share your email address information with MailChimp in order to send out emails and newsletters.
- Xero – used to store email data.
- Braintree – we use Braintree to process your payments. As a result, you may share payment information with Braintree directly.
We may collect and store the following personal information when you first sign up to our Platform:
- Email address;
- Gender; and
- Telephone number;
We may send you marketing emails about offers, promotions, products or services which are similar to, or related to those available via our Platform. We may also contact you via SMS.
If you are an individual, we will not process your information for the purposes of direct marketing unless you provide your consent for us to do so when signing up to our Platform.
We may legally process this personal information to pursue our legitimate interest of direct marketing our services if you have agreed and given your consent.
If you are an individual, you will be given the option to opt-out of our marketing emails with each communication.
We will not share with any third party the personal information that we collect from you for the purposes of marketing, unless you have provided your consent.
If you send us objectionable content, or behave in a disruptive manner when using our Website, we may process any personal information that you have submitted to us, including in your personal messages to respond to and stop such behaviour.
We will only process personal information in this way for the following legitimate interests:
- ensuring that the use of our Website is lawful;
- ensuring that users do not disrupt or harass our staff, clients or other Website users; and
- enforcing our legal rights and complying with our legal obligations.
Where we reasonably believe that you are or may be in breach of the law (i.e. the content you share on the Website amounts to harassment or is defamatory), we may use your personal information to inform relevant third parties about the content, such as:
Where we process personal data in this way, we will hold that personal information on our systems for as long as is reasonably necessary to achieve these objectives.
- your email or internet provider; or
- law enforcement agencies
2. DO THIRD PARTIES HAVE ACCESS TO YOUR PERSONAL INFORMATION?
2.2. Additionally, we may disclose your information to the extent that we are required to do so by law, including disclosing to government bodies and law enforcement agencies, in connection with legal proceedings or in order to establish, exercise or defend our legal rights (including providing information for the purposes of fraud prevention).
2.3. In the event that we are involved in a merger, acquisition or sale of all or part of our business or assets, your personal information may be included as part of that sale, in which case you will be notified via email or via a notice on the Website of any changes in ownership or use of your information.
3.1 We automatically collect and share non-personal, aggregated data with Google such as location, language, log-in details and browser/device information in order to deliver the service to you, including to facilitate user log-ins . This information that is collected and processed is anonymous and therefore not used to develop a personal profile for you.
4. DIRECT MARKETING
4.1. As set out above, if you are an individual and give permission for us to do so, we may send you marketing emails about offers or services which may be of interest to you. You will have the option to opt-out at the point of sign-up to our Platform and unsubscribe with each email communication.
4.2. If you are a company or business organisation, you will receive marketing emails from us relating to offers or services which may be of interest to you. If you would rather not receive these, then please email us at firstname.lastname@example.org.
5. WEBSITE PAYMENTS
5.1. All payments that are processed via the Website are handled by Braintree. We do not handle any financial transactions directly and therefore do not process your payment information. You can find out further information about the handling of your payment information via Braintree here.
6. CONNECTING TO SOCIAL MEDIA ACCOUNTS
6.1. If you choose to link your Facebook, Instagram, Twitter or Google accounts to your Website profile, your log-in details will be captured and processed using OAuth. This is an open protocol which allows your account information to be used by your social media accounts securely. We therefore do not process or collect any of your social media account log in details.
7. YOUR RIGHTS IN RELATION TO PERSONAL DATA WHICH WE PROCESS RELATING TO YOU
7.1. You have the following rights over the way we process personal information relating to you. We aim to comply without undue delay, and within one month at the latest:
7.1.1. to ask for a copy of data we are processing about you and have inaccuracies corrected;
7.1.2. to ask us to restrict, stop processing, or to delete your personal data;
7.1.3. to request a machine readable copy of your personal data, which you can use with another service provider. Where it is technically feasible, you can ask us to send this information directly to another provider if you prefer; and
7.1.4. to make a complaint to a data protection regulator.
Please send your request to email@example.com
8. DATA RETENTION
8.1. We will retain your personal information for as long as you use the Website. If you would like us to stop using your personal information, please email us at firstname.lastname@example.org
9.1. We do not use the Website to knowingly solicit data from or market to children under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at email@example.com
. We will delete such information from our files within a reasonable time.
10.1. We are concerned about safeguarding the confidentiality of your information. We provide physical, electronic, and procedural safeguards to protect information we process and maintain. We will take all reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. Please be aware that, although we endeavour to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.
11. INTERNATIONAL DATA TRANSFERS
11.1. Our servers are called Heroku and located in North America. This is where all information we collect is held.
11.2. We have an agreement in place with Heroku which includes standard data protection model clauses adopted by a data protection regulator and approved by the European Commission to ensure that appropriate safeguards are in place to protect your personal data. If you would like to find out more about those safeguards, please let us know by writing to firstname.lastname@example.org