- Visitors to our Website(s)
- Registered and unregistered users of our Website(s)
- Subscribers to our Website(s) or any mailing list maintained by YOTHOP
- Service users, including clients of YOTHOP, and
- Prospective employees, officers, consultants and suppliers of YOTHOP
who are for the purpose of this Policy deemed “Data Subjects” within the meaning of the Data Protection Act 1998.
- Visit our Website(s) including but not limited to, intranets, extranets and emails,
- Apply for any employment with YOTHOP through its Website,
- Use any services of YOTHOP, including communicating with YOTHOP.
We do update this Policy from time to time so please do review this Policy regularly.
- DEFINITIONS AND INTERPRETATION
In this Policy the following terms shall have the following meanings:
|“Data”||means collectively all information that you submit to the YOTHOP via the Website. This definition shall, where applicable, incorporate the definitions provided in the Data Protection Act 1998;|
|“Cookie”||means a small text file placed on your computer by this Website when you visit certain parts of the Website and/or when you use certain features of the Website.|
|“User”||means any third party that accesses the Website and is not employed by YOTHOP and acting in the course of their employment; and|
|“Website”||means the Website that you are currently using www.yothop.com and any sub-domains of this site unless expressly excluded by their own terms and conditions.|
- RELEVANT LEGISLATION (as amended)
- Data Protection Act 1998 – this Act sets down the requirements for processing personal data.
- The Privacy and Electronic Communications (EC Directive) Regulations 2003 – this regulates, primarily, marketing activities, such as direct marketing.
- Freedom of Information Act 2000 – this Act is outside the scope of this Policy because YOTHOP is not a public authority within the meaning of that Act.
- Regulation of Investigatory Powers Act 2000 and the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 – this Act and regulation sets down provisions for the lawful interception of communication.
- DATA CONTROLLER AND DATA SUBJECT UNDER THE DATA PROTECTION ACT 1998
- A Data Controller is a person or organisation who determines the purposes for which, and the manner in which, personal information is to be processed.
- YOTHOP is a Data Controller within the meaning of the Data Protection Act 1998 and have notified under number ZA090526.
- A Data Subject is a living individual who is the subject of personal information, including but not limited to, our Website visitors, subscribers, clients and employees.
- INFORMATION AND PERSONAL DATA WE COLLECT
3.1 In running and maintaining our Website(s) and services we may collect and process the following data about you:
- Information about your use of our Website(s) including details of your visits such as pages viewed and the resources that you access. Such information includes traffic data, location data and other communication data.
- Information provided voluntarily by you. For example, when you register for information or make a purchase.
- Information that you provide when you communicate with us by any means.
- Information that you provide when applying for employment with YOTHOP and any information you provide during the currency of your employment with the same.
- Under the Privacy and Electronic Communications (EC Directive) Regulations 2003 (as amended) we are required to obtain your consent to install and use a cookie on your device, such as a computer, smartphone or tablet.
- We may gather information about your general internet use by using the cookie. Where used, these cookies are downloaded to your computer and stored on the computer’s hard drive. Such information will not identify you personally. It is statistical data. This statistical data does not identify any personal details whatsoever.
- Upon visiting our Website(s) for the first time, or where you have deleted your internet cache files, you will be prompted to give consent for installing and using a cookie.
- You can decline any cookies when prompted, however, you may not be able to continue browsing our Website(s) or some functionality or feature may not work without cookies. You can adjust the settings on your computer to decline any cookies if you wish. This can easily be done by activating the reject cookies setting on your computer.
- USE OF YOUR PERSONAL DATA
- We use the information that we collect from you to provide our services to you. In addition to this we may use the information for one or more of the following purposes:
- To provide information to you that you request from us relating to our products or services.
- To provide information to you relating to other products that may be of interest to you. Such additional information will only be provided where you have consented to receive such information.
- To inform you of any changes to our Website(s), services or goods and products.
- If you have previously purchased goods or services from us we may provide to you details of similar goods or services, or other goods and services, that you may be interested in.
- YOTHOP will not sell, rent or pass your personal data to any third party unless required by law, or where we have obtained your expressed consent.
- STORING YOUR PERSONAL DATA
- YOTHOP stores all electronic personal data securely at various high security Data Centres in the United Kingdom. However, in operating our Website(s) or services it may become necessary to transfer data that we collect from you to locations outside of the European Union for processing and storing. By providing your personal data to us, you agree to this transfer, storing or processing. We do our upmost to ensure that all reasonable steps are taken to make sure that your data is treated and stored securely.
- Unfortunately the sending of information via the internet is not totally secure and on occasion such information can be intercepted. YOTHOP cannot guarantee the security of data that you choose to send us electronically, whether through our Website(s) or otherwise. You acknowledge that sending such information is entirely at your own risk.
- YOTHOP do not store any credit or debit card or bank account details, electronically or otherwise. If you send to us any such details for undertaking a payment transaction, we will dispose of such details immediately and securely upon successful completion of that payment transaction.
- Client files are largely stored electronically on our secure servers, however, where YOTHOP are instructed to assist with or conduct a contentious matter; we will also maintain hard copies of all client files. All client files are destroyed securely after six years.
- All personal data obtained from or submitted by prospective employees, including applications and Curriculum Vitae (CV), whether submitted by formal application or unsolicited, will be kept securely on our servers for a period of up to six-months from date of submission, after which, all personal data will be securely destroyed.
- Any personal data related to or connected with legal proceedings, whether the proceedings are live or otherwise, all personal data will be retained for a period of six years following the conclusion of any legal proceedings. For the avoidance of doubt, this applies to all data subjects and legal proceedings shall include a grievance made against YOTHOP, regardless of whether submitted to a Tribunal or Court.
- DISCLOSING YOUR PERSONAL DATA
- In the event that YOTHOP merge, amalgamate or be acquired by through a sale of business any or all of YOTHOP, including any services or Websites(s) to the buyer.
- Where YOTHOP are legally required by law to disclose your personal data.
- To assist in the prevention and detection of crime, including but not limited to, maximize fraud protection and reduce the risk of fraud or any criminal activity.
- THIRD PARTY WEBSITE LINKS
- ACCESS TO AND THE CORRECTION OF PERSONAL DATA
- In accordance with the Data Protection Act 1998 you have the right to access any personal data that we hold relating to you, except where any of the statutory exemptions under the Act apply.
- To access any personal data we hold about you, you should make a ‘Section 7 Data Subject Access’ request in writing to our Registered Office enclosing the statutory fee, currently 10.00GBP.
- Upon receipt of a valid Data Subject Access request, YOTHOP as a Data Controller has 40 days commencing from receipt of cleared funds of the statutory fee to furnish the Data Subject with personal data we hold. YOTHOP is not obliged to provide access to any personal data until the statutory fee is paid as cleared funds.
9.4 Following a Data Subject Access, if any personal data of the Data Subject is incorrect, you should write to YOTHOP at our Registered Office to formally request a correction. Where appropriate, you should also submit any documentary evidence to substantiate any factual information we hold. YOTHOP will acknowledge in writing any corrections.
- INTERCEPTION OF EMAIL COMMUNICATIONS
- For the purpose of the Regulation of Investigatory Powers Act 2000 and the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 you give express and unconditional consent to the lawful interception of communications, where you:
- Access any part of our Websites(s) at any time,
- Register on any part of our Website(s),
- Submit, reply or expressly accept or acknowledge (by conduct or otherwise) communications electronically, including by email and facsimile.
- Interception of communications will only be undertaken in accordance with the regulations and statutory law in force, including but not limited to, the investigation, monitoring or keeping a record of communications, for.
- The purpose of preventing or detecting crime,
- The purpose of monitoring the quality of any services (and communications),
- The purpose of investigating or detecting unauthorised or inappropriate use,
- The purpose of monitoring compliance with regulatory or self-regulatory practices and procedures.
- POLICY ACCEPTANCE AND VARIATION
12.1 YOTHOP reserves the right to change this Policy as we may deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the Website and you are deemed to have accepted the terms of the Policy on your first use of the Website following any variation.
- COMPLAINTS UNDER THIS POLICY
- In the first instance, if any personal data is incorrect, you should first make a Data Subject Access Request as per clause 9.2 above.
- Our Complaints Procedure under this policy should only be used where, you, as a Data Subject:
- believe that YOTHOP have breached their duty under the Data Protection Act 1998,
- believe your personal data has been compromised in any way, or
- have received a written refusal or an objection to access any personal data from YOTHOP, or
- have a complaint under the Data Protection Act 1998.
- All complaints should be made in writing to the Registered Office of YOTHOP Limited.
- All complaints received in writing, will be acknowledged and investigated by the Data Controller, who will endeavour to provide their findings in writing within 14 days.
- Should any Data Subject be unsatisfied with the handling of their written complaint or the outcome provided by YOTHOP, you have a final recourse to the Information Commissioners Office.
- FURTHER INFORMATION
Further information on privacy and data protection can be obtained from:
Information Commissioners Office (ICO)