GDPR Update

How We’re Keeping Your Data Safe

The European Union’s General Data Protection Regulation (GDPR) came into effect on 25th May, 2018. The new regulations affect all businesses that process (collect, record, store) any EU residents’ data.

As a company, we’ve long been on top of the latest developments in data protection and have always done everything necessary to safeguard the information that you share with us. This of course includes understanding the new legal requirements under GDPR.

Ahead of the new GDPR, we reviewed all of our practices to ensure that we are fully compliant with the upcoming new rules, by:

• Reviewing our internal processes to improve data security
• Reviewing the security of the external software we use to store your data
• Offering you more visibility and control of your data.

When and how do we collect your data?

We collect data via our newsletter sign-up form, via our contact form, via emails with us and via any other online or in person contact with any member of the Wholegrain Digital team.

We also collect analytics data via our website, including location (IP based), browser/device used, which pages were visited and for how long.

What do we do with your data?

Any data we receive as a result of your visiting our website may be used to improve your online experience with us.

If you have supplied your details only for the purpose of receiving our newsletter, then we will only use this information to send you our quarterly updates and occasional special newsletters only. Emails supplied via the newsletter sign-up form would not be used for any other purpose and would only be shared with the email platform we use to send our newsletters.

If you have applied for a role with Wholegrain Digital, whether by emailing us or via the contact page, then any information you send regarding your application (including, but not limited to: CVs, portfolios of work and references) will be held securely on encrypted platforms and would only be directly accessed by the Directors, our People and Office Manager, and the Team Genie. For more information on what we do with recruitment related data, please refer to our recruitment privacy notice.

If you are an existing client or have made a client enquiry and have supplied information relating to this (including, but not limited to: email addresses, phone numbers, project briefs, website credentials etc.), then this data is held securely only on encrypted platforms. Your information would only be shared within the Wholegrain team and with any trusted third party providers as necessary for the delivery of your project.

Your data would never be used for any purpose other than those outlined above.

Who are your third party partners?

The below list outlines those we share data with, with links to further information on GDPR, and their GDPR compliance information:

• Blogvault
• Dropbox
• Google Cloud
• Hotjar
• Invision
• MailChimp
• Quotient
• RedBooth
• Slack
• Xero.

Further partners may be added to the above list, which will be updated as and when appropriate.

Further reading

For more information on how we keep your data safe:

• Wholegrain Digital Terms and Conditions
• Wholegrain Digital Privacy Policy.

For more detailed legal information on GDPR:

• EU GDPR Information Portal
• ICO – Guide to the General Data Protection Regulation (GDPR).

Questions?

If you have any further questions, please email us at [email protected].