Get weekly tips & tricks for your business
The boring, but important stuff.
GDPR stands for General Data Protection Regulation and it’s a European privacy law which is enforceable from May 25th 2018. Whether you’re within the European Union or dealing with customers in the EU, you’re compliant. This new and revised policy aims to ‘strengthen, harmonize and modernize’ EU data protection law. Essentially, the law enhances your individual rights over your personal data, in a digital world.
As a company who do pretty much all of our work online, it’s majorly important to us to get this right. In this policy, we’ll outline the general rules and what you can expect from us going forward. And of course, we’ll make it very clear what your rights are! If anything doesn’t look right, or you’re confused about anything, please don’t hesitate to contact us so we can make things a little more clear from you.
Here at Story Avenue, there are certain types of data we require to store and use in order to carry out our normal business tasks. We store and use both data that qualifies as personal and data that is only associated with a business. Names, phone numbers, email addresses and IP addresses are generally the types of personal data we store and use. In the next section, you can see the reasons we store this type of data.
We only store personal data that we have a legitimate interest in. We do not hold any physical records of personal data, everything we do is based on our private server network (based in our office) and cloud software system Google Drive (read their privacy policy here). Our emails are handled by GMail – please refer to this privacy policy for how GMail handles personal data. Therefore, there is no direct physical risk to your data but there are the usual risks associated with electronic storage of information. Every member of our team has access to the server and Google Drive network but all our computers and accounts are password-encrypted. Our physical office building is secure with an external and internal locked door. We also use both WordPress and Magento to build and access our client’s websites – see the ‘Accessing data via your website’ section for more information. It is worth noting that any websites hosted by ourselves (and not your own personal server) are hosted by Host River. You can read their privacy policy here.
There are two main reasons for us storing your data. Firstly, so we can contact you with regards to the work we are doing for you. Secondly, to follow up on a sales lead where you have already shown interest or passed your details to us. We use names, phone numbers and email addresses for the aforementioned purposes. We never use this data for marketing purposes. For example, we may have access to your email address to give you a quote on a project but we will never give this away to third parties or allow access to anyone outside of Story Avenue. We will only ever use your contact details to speak to you about the work we are doing together or to give you the information you have requested.
If at any point you wish to access the data we hold on you, you are completely entitled. Simply email us at [email protected] or call us on +40 753 485 475 and let us know your request.
By the same token, we are obligated by GDPR guidelines to completely dispose of the personal data we hold that identifies you if you request that we do so. We are also required to update your personal data in any way if you ask us to. Again, please just let us know by getting in touch via the contact details above.
Data portability is another right you have within GDPR rules. Essentially, if you wish to obtain and reuse your personal data for another purpose, we are required to provide it to you. This can be in either a physical or digital format. Please just let us know using the outlined contact details in the above two sections.
We do not partake in any outbound marketing but if you enter your details into our website contact form, we will specifically state what we are collecting your data for. Look out for the mandatory checkboxes on our contact forms – these are a requirement any time you fill in a form. The reasons for collecting and storing your data are outlined in the ‘How we store your data’ and ‘How we use your data’ sections. We will never ask for any more personal data than is necessary and we will only contact you if we have a legitimate business-related interest. We never pass on your personal data to third-parties or use for external marketing purposes. If we wish to collect any new data from you (that identifies you personally), we must receive clear, unambiguous consent from yourself. And you must give it freely. If you feel at any point that you are unsure about what we are collecting your data for, do not hesitate to ask for further clarification.
As we mentioned at the beginning of this policy, we have access to personal data in two main ways. Firstly, the data we store on our own systems relating to clients and the data stored on our clients’ websites.
Due to the nature of our work with our clients, we have access to the data stored on your website in two scenarios. Firstly, it is necessary for us to access the back-end whilst we build your website and integrate your databases, software and other features. Secondly, we need access to the back-end to be able to carry out continuing work such as retainers or content packages. It’s up to you how involved we continue to be. However, we give our full assurance that we will never use the data on your site for our own purposes, pass it onto any third parties or access it without need. We will only access the personal data stored on your website if you have given us permission and we are carrying out necessary work on your site with your full consent. We understand that more sensitive information may be stored on your website’s backend, compared to the simple contact details we store on our site. It is our responsibility to ensure that we do not access this data unless absolutely necessary and we will never use it.
If you have previously given your consent for us to store or use your data in a certain way, you have the right to amend this. Simply let us know at any point if you object to the way we use your data and we will adjust this accordingly. For example, if we have been in contact with you regarding an interest in working together, you are entitled at any point to end this communication and we can either keep your records without using them or delete them entirely.
In the very unlikely event of a security breach involving your personal data, we will inform you within the GDPR guideline of 24 hours. But of course, if this ever did happen, we’d hope to let you know much sooner. And with regards to the individual policies of any software or programs we use, please refer to the ‘How we store your data’ section.
As a company, we have a social media presence on the following platforms: Twitter, Facebook, Instagram and LinkedIn. If we ever use anything that could identify you on our social media accounts (such as names, photos or testimonials), we will get full, explicit consent and you have the right to decline or ask us to remove such content in the future.
As is common practice with almost all professional websites, this site uses cookies, which are tiny files that are downloaded to your computer, to improve your experience. This page describes what information they gather, how we use it and why we sometimes need to store these cookies. We will also share how you can prevent these cookies from being stored however this may downgrade or ‘break’ certain elements of the site’s functionality.
We use cookies for a variety of reasons detailed below. Unfortunately, in most cases, there are no industry standard options for disabling cookies without completely disabling the functionality and features they add to this site. It is recommended that you leave on all cookies if you are not sure whether you need them or not in case they are used to provide a service that you use.
You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of this site. Therefore it is recommended that you do not disable cookies.
Email newsletters related cookies: This site offers newsletter or email subscription services and cookies may be used to remember if you are already registered and whether to show certain notifications which might only be valid to subscribed/unsubscribed users.
Surveys related cookies: From time to time we offer user surveys and questionnaires to provide you with interesting insights, helpful tools, or to understand our user base more accurately. These surveys may use cookies to remember who has already taken part in a survey or to provide you with accurate results after you change pages.
Forms related cookies: When you submit data to through a form such as those found on contact pages or comment forms cookies may be set to remember your user details for future correspondence.
Third party cookies: In some special cases we also use cookies provided by trusted third parties. The following section details which third party cookies you might encounter through this site:
Whether you’re unsure of your rights when it comes to Story Avenue storing, using and accessing your personal data, or you’re confused about a scenario with another business, don’t be afraid to get in touch with us at [email protected] or on +40 753 485 475. We’d be happy to give you any advice and inform you of your rights.
Get weekly tips & tricks for your business