Privacy, GDPR and Security for Clients

2014-11-02-13.00.20

Privacy & GDPR

Garner & Hancock  understands your right to privacy and is committed to protecting it. We have designed our website so that you can visit it without identifying yourself or revealing any personal information if you wish.

This Privacy Policy applies to this site. Garner & Hancock will ensure that any data received will be processed in accordance with the principles of the General Data Protection Regulation 2018 and this policy. Links provided from our site are not covered by this policy.

On our site, you can request information, apply for jobs, subscribe to marketing or support materials or register yourself. The types of personal information you provide us with on these pages may include name, address, telephone, email address, user Ids, passwords and contact preferences.

We use your information to communicate with you, to update you on services and benefits, to better understand who uses our site and the pages they access so as to be able to improve the site and to help us understand your needs and interests and provide you with a better service.

Occasionally, we may also use your information to contact you for market research regarding our services. However, we will only do this if you specifically consent and opt into this service.

We will not disclose your personal data to other organisations, unless required for the provision of our services or required by the law. Sometimes we may need to give information to our agents and subcontractors for the purpose of providing legal services. In these circumstances we always ensure that the information is safe and secure.

You agree that if we transfer ownership or management of the site to a third party or if Garner & Hancock merges with another firm we may also transfer your data to such third party or the new entity, provided such third party or new entity agrees to observe this policy.

Parts of our site contains links to third party websites and we are not responsible for any site you choose to visit in this way. Our site does not have a secure transmission method. Thus it is possible that the information can be intercepted, lost, redirected, changed and read by other people. However, at Garner & Hancock we value your trust and is committed to protecting the information you provide. To prevent unauthorised access, maintain accuracy and ensure proper use of information, we have employed physical, electronic and managerial processes to safeguard the information we collect on-line.

All our employees and data processors that have access to, and are associated with the processing of personal data, are obliged to respect the confidentiality of our visitors’ personal data.

We have systems that protect our clients and ourselves against fraud and other crime. We may use your personal information to prevent crime and trace those responsible. We may check your details with fraud prevention agencies. If you give us false or misleading information and we suspect fraud, we will record this. We and other organisations may use and search these records to help us trace and prevent fraud and manage your accounts, or check your identity to prevent money laundering.  With regards to money laundering checks we obtain documentation from you but also use a third party who carry out a variety of electronic checks to identify you.

We do not use cookies for collecting personal information. You can browse our site without disclosing your personal data.

We value your comments and opinions. If you have any comments or questions about Garner & Hancock or our use of your information or about this privacy policy, please send and email to info@garner-hancock.co.uk. If you email us, or give us your email address, we will keep a record of it. We may use it to contact you occasionally about other products and services, which may be of interest to you, unless you ask us not to do so.

When you email us please remember that the content of your email is insecure and could be intercepted. Accordingly, please keep the amount of confidential information to a minimum and we will do the same when we reply.

For any enquiry or concern about our privacy policy, or to request access to your personal data please contact our office manager Nancy Hibbert on 020 8232 9562 or email: nhibbert@garner-hancock.co.uk.

Under the General Data Protection Regulation 2018, we have to provide you with a readable copy of the personal data, which we keep about you, within 28 days of receiving your written request. Under the General Data Protection Regulation 2018 we are entitled not to respond or to charge a reasonable administrative fee if a request is manifestly unfounded or excessive.  If we decide not to respond we will clearly explain the reasons for this and provide you with details of the relevant supervisory authority. Evidence or proof of your identity (for example, a passport or driver’s license and current utility bill) will be required.

 

image

Clear Definitions

Personally identifiable information is information, such as your name, birth date,

e-mail address or mailing address, that can be used to uniquely identify you.

Anonymous information is not personally identifiable information. Anonymous information is information about how you use our site. Anonymous information also includes the domain names and/or I.P. addresses (as explained below) of internet browsers that visit our site, the time of day that the site was visited, and other non-personal information.

Anonymous information is information that is not tied to any person, but helps us know what our users do.

IMG_1952

Security

We operate secure data networks protected by industry standard firewall and password protection. We have security measures in place to attempt to protect against the loss, misuse and alteration of your user data under our control.

Only certain employees have access to the information you provide us. While we cannot guarantee that loss, misuse or alteration to data will not occur, we try to prevent such unfortunate occurrences.

We will not share your personally identifiable information unless you have authorised us to share it

Sharing Personally Identifiable Information with Other Companies

We will not share your personally identifiable information unless you have authorised us to share it. When we share your personal information with other companies, they can use this information but cannot combine this information with other information they have about you or share this information with other companies or people without your express permission.

WEB PIC 10

Disclosure of your Identity

From time to time we receive requests to disclose the identities of our users.

We do not disclose the identities of our users unless we are legally required to do so. If a governmental agency, or a law enforcement agency, requests information in relation to the identities of our user, we will comply with the request.

Garner & Hancock

When you visit out site please read carefully the following.

Collecting and Using Personally Identifiable Information

You can visit our site and use many of our services without telling us who you are or revealing any personal information about yourself to us. It is only when you enter details to contact organisations that will you be asked to provide us with personally identifiable information.

When you fill in these forms, you need to complete certain fields (some are required and some are optional). We use this information to share your information with select third parties who work with us, only if you give us permission (as we explain below).

Anonymous Information

We collect anonymous information when people use our site, even if they have not entered their personal details.

We will not share any anonymous information about your use of our site with third parties if we know that this information will be linked with your personally identifiable information obtained from another source, unless you have given us permission to do this.

12985724963_8f1eec1ebf

Cookies

A cookie is a small piece of data that is sent to your browser from a web server and stored on your computer’s hard drive. Cookies do not damage your computer. Cookies make web surfing easier for you by saving your preferences while you are on our site.

You can decide if you want to accept cookies by changing the settings on your computer. You can reset your browser to refuse all cookies, or allow your browser to show you when a cookie is being sent.

Use of I.P. Addresses

An Internet protocol (I.P.) address is a set of numbers that is automatically assigned to your computer whenever you log on to your internet service provider or through your company’s local area network (LAN) or wide area network (WAN). Web servers, the powerful computers that provide web pages for viewing, automatically identify your computer by the IP address assigned to it during your session online.

We may collect I.P. addresses for some purposes. We do not link a users I.P. address to a persons personal information, which means we will have a record of each users session but the user remains anonymous to us.

Cookies

In May 2011, the UK Government passed new legislation is regards to the use of Cookies. The following section explains what cookies are, which ones we collect and how they are used on the website.

How We Collect Information

Cookies are small text files that are placed on your computer by the websites that you visit. They are commonly used in order to make websites work by tracking goods that you have placed in a basket, or work more efficiently by remembering your login details, as well as to provide information about the usage of the site to the owners of the site.

Types of Cookies

There are three types of cookies dropped and collected by websites. With some exceptions (i.e.  websites that fundamentally require cookies in order for website functionality – see below) from 26th May 2012, all cookies must be consented to by a site’s users.

Cookie Type Description
Moderately intrusive Embedded third-party content and socialmedia-pluginsAdvertising campaign optimisation
Minimally intrusive Web analytics / metricsPersonalised content / interface
Necessary for Website Functionality(Exempt from changes to privacy regulations) Stop multiple form submissionsLoad balancingTransaction specific

We collect the following anonymous cookies for tracking purposes.

Name Description Expiration
__utma This cookie is typically written to the browser upon the first visit to your site from that web browser. If the cookie has been deleted by the browser operator, and the browser subsequently visits your site, a new __utma cookie is written with a different unique ID. This cookie is used to determine unique visitors to your site and it is updated with each page view. Additionally, this cookie is provided with a unique ID that Google Analytics uses to ensure both the validity and accessibility of the cookie as an extra security measure. 2 years from set/update.
__utmb This cookie is used to establish and continue a user session with your site. When a user views a page on your site, the Google Analytics code attempts to update this cookie. If it does not find the cookie, a new one is written and a new session is established. Each time a user visits a different page on your site, this cookie is updated to expire in 30 minutes, thus continuing a single session for as long as user activity continues within 30-minute intervals. This cookie expires when a user pauses on a page on your site for longer than 30 minutes. You can modify the default length of a user session with the _setSessionCookieTimeout() method. 30 minutes from set/update.
__utmc This cookie is no longer used by the ga.js tracking code to determine session status.Historically, this cookie operated in conjunction with the __utmb cookie to determine whether or not to establish a new session for the user. For backwards compatibility purposes with sites still using the urchin.js tracking code, this cookie will continue to be written and will expire when the user exits the browser. However, if you are debugging your site tracking and you use the ga.js tracking code, you should not interpret the existence of this cookie in relation to a new or expired session. Not set.
__utmz This cookie stores the type of referral used by the visitor to reach your site, whether via a direct method, a referring link, a website search, or a campaign such as an ad or an email link. It is used to calculate search engine traffic, ad campaigns and page navigation within your own site. The cookie is updated with each page view to your site. 6 months from set/update.

WordPress Cookies

WordPress websites also collect cookies for commenters. As the website is built using WordPress, these cookies apply to our users.

When visitors comment on the our blog, they will have cookies stored on their computer. This is purely for convenience, so that the visitor will not be required to re-type all their information again when they want to leave another comment in the future.

Three cookies are set for commenters:

comment_author

comment_author_email

comment_author_url

The commenter cookies are set to expire a little less than one year from the time they’re set.

Call Beacon (AdInsight) Cookies

AdInsight is a phone call analytics tool, used by companies to understand the customer interaction between the website and calling the company. Three cookies are used by AdInsight to help demonstrate this journey so the business can improve their customer experience.

Name Description Expiration
adiV The adiV cookie contains an identifier which is used by AdInsight to track a visitor over time. This allows AdInsight to show multiple visits made by a customer over time from the same browser. This cookie is set to expire 1 year after the visitor leaves the website.
adiVi The adiVi cookie contains an identifier which is used by AdInsight to help track a visitor’s path while they are on the website. This cookie is set to expire 30 minutes after the visitor leaves the website.
adiLP The adiLP cookie is used to help track visitors who have multiple tabs open in the same browser to prevent errors in tracking.

 IMG_0314

Third Party Cookies

Users of the site who wish to share the content socially using Facebook, Twitter, or Google+ (the platforms which are currently enabled on the website to allow this function) may have cookies stored on their computers from these third party websites.

Cookies are collected from third party sites so that you can be logged in to your account on their site and share our content simply and easily.

For more information on the cookie policies of these third party sites, please visit their websites. You will be able to control the way cookies are used when you are signed into your accounts on these sites through the privacy settings they have made available to you.

Facebook Privacy Policy (https://www.facebook.com/about/privacy/other)

Twitter Privacy Policy (https://twitter.com/privacy)

Google+ Privacy Policy (http://www.google.co.uk/intl/en/policies/privacy/)

Prohibiting the Collection of Cookies

If you would like to prevent us from collecting cookies when you visit our site, please update your privacy settings in your browser. You can control the kinds of cookies you accept there.

http://www.google.co.uk/goodtoknow/manage-data/

http://www.mozilla.org/en-US/privacy/

http://privacy.microsoft.com/en-gb/default.mspx

Interest-Based Advertising Policy

Google DoubleClick Ad Exchange clients, please refer to the Google DoubleClick Ad Exchange Programme Guidelines.

Under the Google Interest Based Advertising Programme (the “Programme”), Google will endeavor to enable you to serve advertisements to Users (i) who are on your User Lists and (ii) based on Google-defined interest-categories. The following policies only apply to these programme participants.

Definitions

User” means a unique instance of a Web browser.

User Cookie” means a DoubleClick DART cookie or a Teracent cookie associated with a User.

User Lists” means a list of User Cookies created or otherwise obtained by Company and used in connection with the Google Display Network, which is referred to in the user interface as “remarketing lists”.

Web Properties” means properties or content on the Google Display Network and all other Google properties or content that use the User Cookie.

GDPR” means the General Data Protection Regulation, a new European law governing how companies and anyone else who stores data about customers must ensure that your data is protected and only used for proper purposes.

Visual Website Optimiser

As European a site we fall under the EU Cookie law (EU Directive 2009/136/EC, PDF opens in new window). This site sometimes uses Visual Website Optimizer and below is a guide to how Visual Website Optimizer uses cookies and how should you interpret / understand this direction (note: we recommend you to consult your lawyers, this post is merely our understanding of the situation)

What are cookies anyway?

On this topic, Whatarecookies.com gives a very succinct answer:

“Cookies are small files which are stored on a user’s computer. They are designed to hold a modest amount of data specific to a particular client and website, and can be accessed either by the web server or the client computer. This allows the server to deliver a page tailored to a particular user, or the page itself can contain some script which is aware of the data in the cookie and so is able to carry information from one visit to the website (or related sites) to the next.”

What does EU cookie law mean for you?

The common consensus seems to be this: a website must inform its visitors that: a) cookies are being set on their computers/devices; b) explain what cookies are; c) communicate why cookies are being set and what sort of cookies are being set; d) give them an option or inform them how to opt-out of cookies/tracking.

To see how different websites are implementing this policy, we recommend you to read this excellent article by eConsultancy: 20 examples of EU cookie law compliance.

The difference between first party and third party cookies

Cookies are usually associated with one particular domain (the domain they are set on) and only that domain can access the data contained in the cookie. A first party cookie is where the domain you visit and the cookie owner are the same. For example, you visit www.some-web-app.com and the cookie information also says www.some-web-app.com.

A third party cookie is when you visit a certain domain, but the cookie dropped by that domain on your computer identifies itself as belonging to someone else. For example, you visit www.some-web-app.com but the cookie dropped has the information www.web-app-analytics.com

Visual Website Optimizer by default only uses first party cookies. However, if you have cross domain tracking enabled in the test, we use third party cookies to track conversions across multiple different domains. Please see details on Cross Domain Tracking feature to get more information. Note that only if your tests run across multiple domains simultaneously should you be bothered about third party cookies.

The cookies used by Visual Website Optimizer

VWO uses cookies to keep track of the variation a user has seen, the goals a user has completed and even whether a visitor has become a part of the test or not. To know which all cookies are being set by VWO and their usage, please see this article in knowledgebase.

How to opt out of Visual Website Optimizer tracking?

For visitors: in case you want to opt out of tracking by Visual Website Optimizer, simply go to our Opt-Out page input the website URL on which you don’t want to be tracked. This will generate a link, clicking on which will exclude you from any kind of tracking by Visual Website Optimizer.

For website owners: in case you want to provide an option to your visitors so that they can opt out of tracking by Visual Website Optimizer, please enter your website address in our Opt-Out page and copy the generated link. You can then share this link with your visitors. Once they visit the link, they will be excluded from any kind of tracking by Visual Website Optimizer.

Useful links

Please see the following links for a better understanding of what’s happening with EU cookie law and how it might affect your business and your visitors:

Garner & Hancock 2018