a) ‘Personal data’ – information such as name, address, e-mail address or phone number that can be used to identify a person.
b) ‘Data subject’ – a person who has personal data processed by us.
c) ‘Processing’ – any operation or set of operations performed on personal data (including collection, recording, storage and usage for the purpose for which it was collected).
d) ‘Data controller’ – a person or people who determine the purposes and means of processing personal data at a company.
e) ‘Data processor’ – a person who processes personal data on behalf of the controller.
f) ‘Consent’ – specific, informed and clear affirmative action by a data subject indicating that they agree to the processing of personal data relating to them.
g) ‘Third party’ – a person or public authority, agency or body other than the data subject, data controller or data processor.
2. Rights of the data subject
Data subjects are entitled to:
– get confirmation as to whether or not personal data concerning them is being processed
– get information about their personal data stored at any time
– revoke consent to the processing and storage of their personal data
– have their personal data erased
– receive their personal data in a structured, commonly used and machine-readable format
Email your request to Alex McDonald, email@example.com, Flat 5, Basil House, Wyvil Road, London, SW8 2SW
3. Collection of general data when visiting website
The website of Jodi Goldman Ltd collects general data and information when a data subject views the website. This general data and information is stored in the server log files. Collected may be (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrers), (4) the specific pages visited on our site (5) the date and time of access to the site, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system and (8) any other similar data and information that may be used in the event of attacks on our information technology systems.
When using this general data and information, we do not draw any conclusions about the data subject. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimise the content of our website as well as its advertisement, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. Therefore, Jodi Goldman Ltd analyses anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our enterprise, and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files is stored separately from all personal data provided by a data subject.
4. Subscription to newsletter and marketing material
On the website of Jodi Goldman Ltd, users are given the opportunity to subscribe to our newsletter and marketing material (which is then delivered via e-mail). These emails may only be sent to the data subject if they have specifically and voluntarily supplied their name and a valid email address. This personal data is only used by Jodi Goldman Ltd to provide these emails.
A double-opt in email will be sent to the data subject which is used to obtain their consent to receiving our newsletter and marketing material. If this consent is not given then they will not receive this material and their personal data will be deleted.
During the data subject’s registration for the newsletter and marketing material, we also store the IP address of the computer system assigned by the Internet service provider (ISP) and used by the data subject at the time of the registration, as well as the date and time of the registration. The collection of this data is necessary in order to understand the (possible) misuse of the e-mail address of a data subject at a later date, and it therefore serves the aim of the legal protection of the controller.
There will be NO TRANSFER of personal data- used to send the newsletter and marketing material to data subjects – to third parties.
The newsletter and marketing material of Jodi Goldman Ltd contains so-called tracking pixels. A tracking pixel is a miniature graphic embedded in e-mails which are sent in HTML format to enable log file recording and analysis. This allows a statistical analysis of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, Jodi Goldman Ltd may see if and when an e-mail was opened by a data subject and which links in the e-mail were called up by data subjects.
Such personal data collected in the tracking pixels contained in the emails is stored and analysed by the controller in order to optimise the shipping of the newsletter and marketing material, as well as to adapt the content of future material even better to the interests of the data subject. This personal data will NOT be passed on to third parties.
The subscription to our newsletter and marketing material – and consent to the storage and processing of personal data related to this – may be terminated by the data subject at any time. To this end, an unsubscribe link is provided on any emails sent to the data subject. It is also possible to unsubscribe at any time by contacting the data controller directly:
Alex McDonald, firstname.lastname@example.org, Flat 5, Basil House, Wyvil Road, London, SW8 2SW
5. Contact via the website contact form
If a data subject contacts us by e-mail or via contact form, the personal data transmitted by the data subject is automatically stored. Such personal data transmitted on a voluntary basis by a data subject to us is stored on our email system for the purpose of processing or contacting the data subject. There is NO transfer of this personal data to third parties.
As is standard for almost all websites and servers, the website of Jodi Goldman Ltd uses ‘cookies’ (small text files that are created and stored on a data subject’s web browsing device).
Only the website or server that created the cookie can retrieve or read the contents within it and for most purposes a website sending a cookie does not need to know who the data subject is – it just needs to remember that it has seen the data subject’s browser before. However, to do this, the cookie will typically use a unique identifier (the cookie ID) that allows websites and servers to identify a specific browser. This can leave traces which, when combined with other information received by servers, may be used to identify an individual and therefore as suggested by recital 30 of the GDPR, cookies constitute a form of personal data.
Consent and how you can control cookies
Should a data subject choose to, they can change their cookie settings at any time. If they choose to block our cookies, some of the functionality of the website may not be available and this may adversely affect the performance and experience of the site.
7. Data Protection provisions about the application and use of WordPress plugins and social media
On this website, the controller has integrated the component of Google Analytics (with the anonymiser function). Google Analytics is a web analytics service. Web analytics is the collection, gathering, and analysis of data about the behaviour of visitors to websites. A web analysis service collects, inter alia, data about the website from which a person has come (the so-called referrer), which sub-pages were visited, or how often and for what duration a sub-page was viewed. Web analytics are mainly used for the optimisation of a website and in order to carry out a cost-benefit analysis of Internet advertising.
For web analytics through Google Analytics the controller uses the application “_gat. _anonymizeIp”. By means of this application the IP address of the Internet connection of the data subject is abridged by Google and anonymised when accessing our websites from a Member State of the European Union or another Contracting State to the Agreement on the European Economic Area.
The purpose of the Google Analytics component is to analyse the traffic on our website. Google uses the collected data and information, inter alia, to evaluate the use of our website and to provide online reports, which show the activities on our website, and to provide other services concerning the use of our Internet site for us.
Google Analytics places a cookie on the information technology system of the data subject. The definition of cookies is explained above. With the setting of the cookie, Google is enabled to analyse the use of our website. With each call-up to one of the individual pages of this site, which is operated by the controller and into which a Google Analytics component was integrated, the Internet browser on the information technology system of the data subject will automatically submit data through the Google Analytics component for the purpose of online advertising and the settlement of commissions to Google. During the course of this technical procedure, Google gains knowledge of personal information, such as the IP address of the data subject, which serves Google, inter alia, to understand the origin of visitors and clicks and subsequently create commission settlements.
The cookie is used to store personal information, such as the access time, the location from which the access was made, and the frequency of visits of our website by the data subject. With each visit to our site, such personal data, including the IP address of the Internet access used by the data subject, will be transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America.
Google may pass this personal data collected through the technical procedure to third parties.
The data subject may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such an adjustment to the Internet browser used would also prevent Google Analytics from setting a cookie on the information technology system of the data subject. In addition, cookies already in use by Google Analytics may be deleted at any time via a web browser or other software programs.
Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/ and under http://www.google.com/analytics/terms/us.html.
On this website, the controller has integrated Google AdWords. Google AdWords is a service for Internet advertising that allows the advertiser to place ads in Google search engine results. The purpose of Google AdWords is the promotion of our website by the inclusion of relevant advertising on Google search engine results.
If a data subject reaches our website via a Google ad, a conversion cookie is filed on the information technology system of the data subject through Google. The definition of cookies is explained above. A conversion cookie loses its validity after 30 days and is not used to identify the data subject. If the cookie has not expired, the conversion cookie is used to check whether certain sub-pages, e.g, the shopping cart from an online shop system, were called up on our website. Through the conversion cookie, both Google and the controller can understand whether a person who reached an AdWords ad on our website generated sales, that is, executed or cancelled a sale of goods.
The data and information collected through the use of the conversion cookie is used by Google to create visit statistics for our website. These visit statistics are used in order to determine the total number of users who have been served through AdWords ads to ascertain the success or failure of each AdWords ad and to optimise our AdWords ads in the future. Neither our company nor other Google AdWords advertisers receive information from Google that could identify the data subject.
The conversion cookie stores personal information, e.g. the Internet pages visited by the data subject. Personal data, including the IP address of the Internet access used by the data subject, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass this personal data collected through the technical procedure to third parties.
The data subject may, at any time, prevent the setting of cookies by our website, as stated above, by means of a corresponding setting of the Internet browser used and thus permanently deny the setting of cookies. Such a setting of the Internet browser used would also prevent Google from placing a conversion cookie on the information technology system of the data subject. In addition, a cookie set by Google AdWords may be deleted at any time via the Internet browser or other software programs.
The data subject has a possibility of objecting to the interest based advertisement of Google. Therefore, the data subject must access from each of the browsers in use the link www.google.com/settings/ads and set the desired settings.
Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/.
8. Legal basis for the processing of personal data
Art. 6(1) lit. a of the GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, when processing operations are necessary for the supply of goods or to provide any other service, the processing is based on Article 6(1) lit. b GDPR. The same applies to such processing operations which are necessary for carrying out pre-contractual measures, for example in the case of inquiries concerning our products or services.
9. Routine erasure and blocking of personal data
The data controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage. If the storage purpose is not applicable, or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data erased in accordance with legal requirements.
10. Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement.
We are committed to ensuring that your information is secure. Jodi Goldman Ltd has implemented suitable physical, electronic and managerial procedures in order to protect personally identifiable information from loss, misuse, alteration or destruction. Only authorised Jodi Goldman Ltd employees are provided access to personally identifiable information and these employees have agreed to maintain the confidentiality of this information.