This privacy notice explains how I (Megan Douglas, trading as Megan Rose Freelance) collect and process your personal data, as the data controller for Megan Rose Freelance. This notice was updated on 18 May 2018.
The personal data I collect
- The personal data I collect about people includes name, gender and contact details (postal address, email address, telephone numbers, social media handles). If I’ve quoted work for you, done work for you or discussed collaboration opportunities with you I may also hold information you’ve shared with me relating to that (background information, details of payments, and feedback).
- My website collects some technical and usage data (e.g. IP address, language and time zone settings, information about how long you spend on each page and how you navigate the site).
How I collect personal data
- The main way I collect data is when you provide it by email, file share, in person or on social media.
- You can sign up for my newsletter through the Mailchimp signup form on my website.
- Occasionally I use SurveyMonkey to gather information about your experience of working with me, or PayPal if you are an international customer who chooses to pay that way.
How I store and process your data
- I store data:
- On my computer (in Word documents and Excel spreadsheets)
- Backed up to GSuite and to an external storage device
- Within my emails (Gmail) and social media messages
- On FreeAgent, to help me manage my invoices and finances
- On Mailchimp, to manage my email marketing
- Occasionally on DropBox, Google Docs, SurveyMonkey or, if you’re an overseas client choosing to pay that way, on PayPal
- In cookies processed by WordPress
How I use your data
- I use the data I collect to fulfil your request, such as contacting you to set up an initial chat, providing you with a quote or doing work for you. I may also get in touch with you to follow up on the service you received after we work together.
- You might also choose to give consent (or not) for me to send you marketing emails. Please note, opting out of receiving marketing communications will not affect any personal data provided to me as a result of a service you have purchased from me.
- The data my website collects as cookies allows me to see how the site is used so that I can improve the site and my services. The cookies may also record information that lets you see the site better (e.g. your language preference or the browser you use).
- I won’t spam you, but if you’ve previously worked with me or if we’ve talked about working together, I might sometimes send you an email if I think there’s something I can help you with or vice versa. I might also send you a Christmas card (if I’m that organised). If you don’t want me to do this, please let me know by emailing firstname.lastname@example.org.
- My website uses HTTPS/SSL security, my computer is protected by security software and I back up my data regularly, both to GSuite and to external storage.
- The following providers, who I currently use to gather, store or process data, are compliant with GDPR (either being based in the EU, or through the EU-US Privacy Shield):
Automattic (WordPress.com), FreeAgent, Mailchimp, Google (Gmail, GSuite, GoogleDocs), DropBox, PayPal, SurveyMonkey, Twitter, Facebook (including Instagram), LinkedIn
- If you’ve purchased a service from me I am required under UK tax law to keep your basic personal data (name, address, contact details) for a minimum of 6 years after which time it will be destroyed. If you consent to me holding personal data about you for marketing purposes, this will be kept until you notify me that you no longer wish to receive this information.
- My website and social media accounts include links to third-party websites. I don’t control these, am not responsible for their privacy statements, and encourage you to read the privacy notice of any website you visit to understand how they may collect and use your data.
- Cookies are small files of information which are stored on your computer’s hard drive by websites you visit. They record how you navigate around a website so that, when you visit again, it can show you options based your last visit. They can also be used to analyse website traffic and for advertising and marketing purposes.
- Cookies can be “persistent” cookies or “session” cookies. Persistent cookies are stored as a file on your computer and remain there when you close the browser. When you visit the same website again, the cookie can be read by that site (the one that created it). Session cookies are only stored on your computer until you close the browser.
- You can usually check or change what kinds of cookies you accept in your browser settings. You can also block cookies using the setting on your browser that allows you to refuse all or some cookies. If you use set your browser to block all cookies (including essential cookies) you may not be able to use all or parts of my site.
- This helps me build a picture of how people use my site and track patterns in how people use it.
- This means I can improve the website and understand what services and information are most useful to people who visit.
I only use your personal data when I’m legally permitted to do so.
The most common ways I use your personal data are:
- Where I need to perform the contract between us.
- Where it is necessary for my legitimate interests, and your interests and fundamental rights do not override those interests.
- Where I need to comply with a legal or regulatory obligation.
I only rely on consent for processing your personal data in relation to marketing to you via email.
Sharing your data
I won’t sell your data to third parties, but on occasion, I may have to share your personal data with the people below in order to carry out the functions I describe in this document:
- Outsourced team members, including other copywriters or, where you’ve requested additional services, other professionals such as photographers, graphic or website designers.
- Service providers who provide my IT and system administration.
- Professional advisors like lawyers, accountants, and insurers who provide services to my business.
- HM Revenue & Customs, regulators and other authorities which are based in the United Kingdom and other relevant jurisdictions who require reporting of processing activities in certain circumstances.
- Applications and tools that I use to run my business: I’ve listed the main ones I use currently but as these change regularly, please email me at email@example.com you would like full details.
You can contact me on firstname.lastname@example.org at any time.
You might want to do things like:
- Withdraw consent from marketing emails
- Request a copy of the data I hold about you and find out how I use it
- Request that I delete your data
- Let me know about changes to your personal data (it’s important that the data I hold for you is up-to-date and accurate)
- Ask any other questions about how I collect and process your data
If you’re unhappy with how I collect and process your data you can complain to the Information Commissioner’s Office (http://ico.org.uk). I always like try to resolve any issues directly first though, so please do contact me in the first instance.