INTRODUCTION
Welcome to the Directors’ Box website privacy policy.
Directors’ Box respects your privacy and is committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.
This privacy policy is provided in a layered format, with the specific areas set out below. Please also use the Glossary to understand the meaning of some of the terms used in this privacy policy.
-
IMPORTANT INFORMATION AND WHO WE ARE
-
THE DATA WE COLLECT ABOUT YOU
-
HOW IS YOUR PERSONAL DATA COLLECTED?
-
HOW WE USE YOUR PERSONAL DATA
-
DISCLOSURES OF YOUR PERSONAL DATA
-
INTERNATIONAL TRANSFERS
-
DATA SECURITY
-
DATA RETENTION
-
YOUR LEGAL RIGHTS
-
GLOSSARY
1. IMPORTANT INFORMATION AND WHO WE ARE
This privacy policy aims to give you information on how Directors’ Box collects and processes your personal data through your use of this website.
It is important that you read this privacy policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements other notices and privacy policies and is not intended to override them.
CONTROLLER
Directors’ Box is the controller and responsible for your personal data (collectively referred to as [“COMPANY”], “we”, “us” or “our” in this privacy policy).
We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact the DPO using the details set out below.
CONTACT DETAILS
If you have any questions about this privacy policy or our privacy practices, please contact our DPO in the following ways:
Full name of legal entity: Tracy Jennifer Morgan
Email address: Tracy@tracyjennifer.com
Postal address: 88a Main Street, Fulford, York, YO10 4PS
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK regulator for data protection issues (www.ico.org.ukOpens in a new window). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
CHANGES TO THE PRIVACY POLICY AND YOUR DUTY TO INFORM US OF CHANGES
We keep our privacy policy under regular review. [This version was last updated on 17/01/2024].
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
THIRD-PARTY LINKS
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.
2. THE DATA WE COLLECT ABOUT YOU
The Directors’ Box website does not collect any personal information.
Directors’ Box utilises cookies to enhance the user experience. Cookies are small text files that are automatically placed on your device when you visit our website. These cookies serve various purposes, including remembering user preferences, analysing site traffic, and providing a more personalized and efficient interaction with our platform.
It is important to note that while cookies may contain information, they are not used to collect personal data such as names, addresses, or contact information.
Cookies used by Directors’ Box fall into the following categories:
Essential Cookies: These cookies are crucial for the basic functionality of our website. They enable a seamless and secure user experience.
Analytical/Performance Cookies: These cookies help us understand how users interact with our website. This allows us to enhance and optimize our content and services based on user preferences.
Functionality Cookies: These cookies remember choices and preferences you have made on our platform, such as language preferences or customized settings. This results in a more personalized and user-friendly experience.
It’s important to note that Directors’ Box respects user privacy, and the information gathered through cookies is used exclusively for internal purposes. We do not use cookies to collect sensitive personal data, and the data obtained is treated in accordance with this privacy policy.
If you wish to manage or disable cookies, you can do so through your browser settings. Please be aware that disabling certain cookies may impact the functionality and performance of our website.
3. HOW IS YOUR PERSONAL DATA COLLECTED?
Directors’ Box employs various technologies to collect and process non-personal information from users, primarily through the use of cookies. Below, we provide a more detailed explanation of the mechanisms involved:
Cookies and Tracking Technologies: When you visit our website and approve to the use of cookies, small text files known as cookies are placed on your device. These cookies serve as identifiers and record information about your interactions with our platform. Cookies are categorized into different types based on their functions, including essential cookies, analytical/performance cookies, and functionality cookies.
It’s important to note that while cookies are a primary mechanism for data collection, we do not use these technologies to intentionally collect personal data such as names, addresses, or contact information. Directors’ Box is committed to respecting user privacy, and the information gathered through cookies is treated in accordance with our privacy policy.
Users have the option to manage cookie preferences through their browser settings. If you have any questions or concerns about our data collection practices, please contact us using the information provided on our website.
4. HOW WE USE YOUR PERSONAL DATA
Directors’ Box is committed to maintaining transparency and ensuring that user information is handled responsibly. While we do not collect personal data directly, it’s crucial to explain how the non-personal information obtained, primarily through the use of cookies, is utilized to enhance your experience on our website:
Technical Optimization: Analytical and performance cookies play a crucial role in technical optimization. Information about page load times, error messages, and site performance is used to identify and address technical issues promptly, ensuring a smooth and efficient browsing experience.
Enhancing Platform Functionality: Functionality cookies, storing preferences and choices made by users, contribute to a more streamlined and user-friendly platform. Directors’ Box aims to provide a platform that adapts to individual preferences, creating an environment that is both intuitive and enjoyable.
It’s important to emphasize that Directors’ Box is dedicated to respecting user privacy, and the data collected is used solely for internal purposes. We do not sell or share personal data with third parties. The non-personal information obtained through cookies is treated with the utmost confidentiality and is governed by this privacy policy.
Additionally, you can contact us using the information provided on our website for further clarification or assistance. Directors’ Box is committed to ensuring a transparent and positive user experience for all our visitors.
5. DISCLOSURES OF YOUR PERSONAL DATA
Directors’ Box takes a comprehensive approach to user privacy, ensuring that personal data is handled with the utmost care and responsibility. While our commitment is to safeguard your information, it’s essential to outline how data, both personal and non-personal, may be disclosed:
No Disclosure of Personal Data: Directors’ Box unequivocally does not disclose personal data to third parties. We uphold a strict policy against sharing or trading such information with external entities.
Legal Compliance: In certain circumstances, Directors’ Box may disclose information, including non-personal data, in response to lawful requests or legal obligations, such as complying with court orders, regulatory requirements, or governmental investigations. Such disclosures are made in strict adherence to applicable laws and regulations, ensuring transparency and accountability in alignment with legal mandates.
Service Providers: Directors’ Box may engage trusted third-party service providers to assist in various operational functions, including website hosting, analytics, or advertising services. These service providers are contractually obligated to adhere to stringent data protection standards and are authorized to process information solely for the specified purposes outlined in our privacy policy.
Business Transfers: In the event of a merger, acquisition, or sale of all or part of Directors’ Box, user information, both personal and non-personal, may be transferred as part of the business assets. Any such transfer would be executed in compliance with applicable privacy laws, and a commitment would be maintained to preserve the confidentiality and security of user information.
If users have specific questions or concerns about data disclosure practices, we encourage them to review this privacy policy and reach out to us using the contact information provided on our website.
6. INTERNATIONAL TRANSFERS
Limited International Transfers: Directors’ Box, in its commitment to user privacy, minimizes the need for international transfers of user information. The platform is designed to primarily operate within a localized framework, with servers and data processing activities strategically located to minimize the necessity of transferring information across borders.
Data Processing in Compliance with Regulations: In instances where international transfers may be deemed necessary, Directors’ Box ensures that such transfers comply with applicable data protection regulations and privacy laws. We are committed to upholding the highest standards of data protection, regardless of the geographical location of the data processing activities.
Standard Contractual Clauses and Compliance: Directors’ Box may employ standard contractual clauses or other approved mechanisms to ensure that any international data transfers adhere to the stringent requirements of data protection laws. This approach guarantees that user information, whether personal or non-personal, is treated with the same level of care and security regardless of its geographical location.
Global User Privacy Standards: Directors’ Box recognizes the importance of global privacy standards and strives to provide users with consistent privacy protection measures, irrespective of their location. The platform is dedicated to aligning its data processing practices with internationally recognized privacy principles and standards.
It’s crucial to emphasize that Directors’ Box is committed to maintaining the highest standards of data protection and privacy, regardless of geographic considerations.
7. DATA SECURITY
Safeguarding user information is a top priority for Directors’ Box, and as such, we employ robust data security measures to ensure the confidentiality, integrity, and availability of the information we collect, even if it is non-personal data obtained through cookies. Here’s an in-depth look at our data security practices:
Physical Security Measures: Our servers and data storage facilities are housed in secure physical environments with restricted access. This physical security ensures that unauthorized individuals are unable to gain physical access to the hardware storing user information.
Encryption Protocols: Directors’ Box utilizes encryption protocols to secure the transmission of data between users and our servers.
Access Controls: Access to user information, including non-personal data, is restricted to authorized personnel who require access for legitimate business purposes. Access controls, such as unique user credentials and role-based access, are implemented to ensure that only authorized individuals can access, modify, or process data.
Data Backups: Regular data backups are performed to prevent data loss in the event of unforeseen circumstances. These backups are stored securely and can be utilized to restore data in case of accidental deletion, system failures, or other unforeseen events.
Continuous Monitoring: Directors’ Box employs continuous monitoring tools and technologies to detect and respond to any suspicious activities or security incidents in real-time. This proactive approach allows us to address potential threats before they can impact user information.
It’s important for users to understand that even though the Directors’ Box Website primarily deals with non-personal data, the same rigorous security measures are applied to ensure the highest standards of data protection. If users have specific inquiries about our data security measures, they are encouraged to contact us using the information provided on our website.
8. DATA RETENTION
Directors’ Box follows a principled approach to data retention, emphasizing the responsible use and storage of information, including non-personal data collected through cookies. Here’s a detailed overview of our data retention practices:
No Indefinite Retention: Directors’ Box does not retain user information, whether personal or non-personal, for an indefinite period. We establish specific retention periods based on the purpose for which the data is collected and in accordance with legal requirements.
Purpose-Limited Retention: User information is retained only for as long as it serves the purpose for which it was collected. For example, non-personal data obtained through cookies is retained for a duration necessary to fulfil its intended use, such as improving website performance or enhancing user experience.
Regular Review and Purge: Directors’ Box conducts regular reviews of stored data to assess its relevance and necessity. Data that no longer serves a valid purpose or is no longer required for legal compliance is promptly identified and purged from our systems.
Backup Retention: Data backups, which may include non-personal information, are retained for a reasonable duration to ensure data recovery in the event of accidental loss or system failures. These backups are securely stored and regularly updated.
Compliance with Legal Obligations: Directors’ Box may retain certain data for longer periods if required to do so by law, regulation, or legal proceedings. In such cases, the platform ensures that the retention is in compliance with the specific legal obligations outlined in applicable jurisdictions.
User Control: Directors’ Box recognizes the importance of user control over their information. Users can manage their cookie preferences and have the ability to delete or disable cookies through browser settings. Additionally, users can request information about the data collected and exercise their rights as outlined in Section 9.
If users have specific questions or concerns about data retention, they are encouraged to contact us using the information provided on our website for further clarification or assistance. Directors’ Box is committed to ensuring that user information is handled responsibly throughout its lifecycle.
9. YOUR LEGAL RIGHTS
Directors’ Box is committed to upholding the legal rights of users, even in the context of non-personal information collected through cookies. Below, we elaborate on the legal rights available to users and how Directors’ Box supports and respects these rights:
Right to Access: Users have the right to request access to the information collected by Directors’ Box, including details about the non-personal data obtained through cookies. We are committed to providing transparent information about the data processing activities upon request.
Right to Rectification: If users believe that any information collected by Directors’ Box is inaccurate or incomplete, they have the right to request correction or modification. This includes information related to cookie preferences or other user settings.
Right to Erasure (Right to be Forgotten): Users can exercise their right to request the deletion of their data, including non-personal information obtained through cookies. Directors’ Box will promptly respond to such requests, provided there are no legal or legitimate reasons to retain the information.
Right to Object: Users have the right to object to certain types of data processing activities, including those related to the use of cookies. Directors’ Box respects user preferences and provides mechanisms for users to manage their cookie settings through browser controls.
Right to Restriction of Processing: Users can request the restriction of certain processing activities concerning their data. Directors’ Box will comply with such requests in accordance with applicable legal requirements.
Right to Lodge a Complaint: If users believe that their rights are not being respected or that Directors’ Box is not compliant with privacy laws, they have the right to lodge a complaint with the relevant data protection authority.
To exercise any of these rights or seek further information, users can contact Directors’ Box using the details provided on our website. It’s essential to note that while many of these rights apply to personal data, Directors’ Box is committed to extending similar considerations and transparency to users, even in the context of non-personal data collected through cookies.
Our team is dedicated to responding promptly and transparently to user requests and ensuring compliance with applicable data protection laws.
10. GLOSSARY
This glossary aims to provide users with clarity regarding the terminology used in this privacy policy. If users have further questions or require additional definitions, they are encouraged to contact Directors’ Box using the information provided on the website.
Cookies: Small text files stored on a user’s device that collect and store information about their interactions with a website. Cookies are commonly used for various purposes, including improving website functionality, analytics, and personalized advertising.
Personal Data: Information that relates to an identified or identifiable natural person. Personal data includes but is not limited to names, addresses, email addresses, phone numbers, or any other information that can be used to identify an individual.
Non-Personal Data: Information that does not directly identify an individual. This category may include aggregated and anonymized data, preferences, and usage patterns.
Data Controller: The entity responsible for determining the purposes, conditions, and means of the processing of personal data. In this context, Directors’ Box serves as the data controller.
Data Processor: An entity that processes personal data on behalf of the data controller. This may include third-party service providers engaged by Directors’ Box to support various operational functions.
Anonymization: The process of removing or modifying personal data in a way that prevents the identification of an individual. Anonymized data is non-personal and does not allow for the re-identification of the original user.
Encryption: The process of converting data into a coded form to prevent unauthorized access. Encryption is commonly used to secure the transmission and storage of sensitive information.
Standard Contractual Clauses: Model contractual clauses established by data protection authorities to ensure the lawful transfer of personal data across borders. These clauses are often used by organizations engaged in international data transfers.
Data Protection Authority: An independent public authority responsible for monitoring and enforcing data protection laws. Users have the right to lodge complaints with the relevant data protection authority if they believe their rights are not being respected.