- Information about cookies
A cookie is a small file of letters and numbers that, if you agree to their use, is stored on your browser or the hard drive of your computer or device. They contain information that is transferred to your hard drive.
The cookies that we could use can be split into the following categories:
- Necessary cookies. These are cookies that are required for the operation of the website. They include, for example, cookies that enable you to log into parts of the website.
- Analytical cookies. These cookies allow us to recognise and count the number of visitors to the website and to see how they move around within the website when they are using it. This helps us to improve the way the website works, for example, by ensuring that users are finding what they are looking for easily.
- The cookies we use
We use the following cookies:
|Necessary Cookies||PHPSESSID||Necessary cookies enable core functionality. The website cannot function properly without these cookies, and can only be disabled by changing your browser preferences.|
|Necessary Cookies||cookiesAccepted||Necessary cookies enable core functionality. The website cannot function properly without these cookies, and can only be disabled by changing your browser preferences.|
|Necessary Cookies||cookiesAcceptedGoogle||Necessary cookies enable core functionality. The website cannot function properly without these cookies, and can only be disabled by changing your browser preferences.|
|Analytical cookies||'_ga', '_gat', '_gid'||Used to see how our website users navigate the site|
|'NID'||Used by Google for delivering Google Maps on the website|
- How you can block cookies
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies.
However, please be aware that blocking cookies may affect your ability to use the website. In particular, you may not be able to access all or parts of the website or use the functionalities contained on it.
We Prepare Ltd are committed to protecting and respecting your privacy.
This policy, together with any other documents referred to in it, sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
By visiting this website, you are accepting and consenting to the practices described in this policy.
For the purpose of the Data Protection Act 1998 (Act), the data controller is Frank Phillips, a company registered in England and Wales under company no. 11195279. Registered Office: We Prepare Limited, TVP 2, 300 Thames Valley Park Drive, Reading, Berkshire, United Kingdom, RG6 1PT.
Our nominated representative for the purpose of the Act is Frank Phillips.
- Information we collect from you
We will collect and process the following categories of data about you:
- Information you give us. This is information about you that you give us by filling in forms on the website (Site), interacting with the Site or by corresponding with us by phone, e-mail or otherwise. It includes information you provide when you sign up to our newsletter service, make an enquiry about our products and services or log a support ticket.
The information you give us will include your name, address, e-mail address and phone number, as well as preliminary information about your business.
- Information we collect about you. This is information that we collect automatically about your visit during your time on the Site. It typically involves technical information and is often collected using small data files called “cookies”. This information helps us to provide you with a good experience when you browse the Site and also to indicate where the Site requires improvement.
- Information we receive from other sources. This is information that we receive about you if you use any of the other websites we operate. In this case we will have informed you when we collected that data if we intend to share those data internally. We will also have told you for what purpose we will share your data.
This also includes information that we receive from third parties, such as business partners, sub-contractors in technical services, advertising networks, analytics providers, search information providers and so on. We will notify you when we receive information about you from them and the purposes for which we intend to use that information.
Social Media platforms
We operate social media platforms. These platforms are, in most cases, operated outside of the EU and do not comply with current Data Privacy Act and subsequent GDPR provision although they may well conform to the U.S Privacy Shield protocol.
It is our process and protocol that any personally identifiable data gathered on these platforms is only in response to users interacting out of their own volition with our marketing pages. The contact is deemed as a legitimate business enquiry. The personal contact data is removed from the site once the enquiry is processed or the user has requested so.
Our website uses Google Analytics to collect information about how visitors use our website. We anonymise this data at the point of collection and automatically delete user and event data that is older than two years.
- Uses made of the information
All information about you that we collect or receive, whether of a personal or technical nature, may be used by us in the following ways:
- To carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
- To provide you with information about other goods and services that we, or our selected partners, offer that are similar or relevant to those that you have already purchased or enquired about, such contact will only be made by email or phone from which you can opt out at any time; To notify you about changes to our services;
- To administer the Site and for internal operations, including troubleshooting, system and security updates, data analysis, testing, research, statistical and survey purposes;
- To improve the Site to ensure that content is presented in the most effective manner for you and for your computer;
- To allow you to participate in interactive features of our service, when you choose to do so;
- As part of our efforts to keep the Site safe and secure;
- To measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you; and
- To comply with our record keeping and information storage obligations and policy (please see the “Where We Store Your Personal Data” section below for more details).
Information we receive from other sources. We will combine this information with information you give to us and information we collect about you. We will use this information and the combined information for the purposes set out above (depending on the types of information we receive).
- Disclosure of your information
We may share your information with:
- Any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006;
- Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
- Analytics and search engine providers that assist us in the improvement and optimisation of the Site;
- Third party support services, such as, but not limited to project management tools, accounting systems and hosting data centre.
- We will only disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets;
- If we, or substantially all of our assets, are acquired by a third party, in which case personal data held by us about our clients will be one of the transferred assets;
- To protect our rights, property or safety, or those of our clients or others.
- Where we store your personal data
All information that you provide to us is stored on our, or our selected business partners’, secure servers, and we will take reasonable steps to protect your information in accordance with this policy, including (without limitation):
- Installing a secure firewall;
- Using anti-virus protection software;
- Encrypting data; and
- Carrying out regular back-ups.
All data sent via website forms is passed through a third-party relay service and deleted after 30 days.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of any data transmitted to the Site; and any such transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
- Your rights
You have the following rights under law in respect of your personal information:
- The right to be informed about the collection and use of your personal information;
- The right of access to your information to verify the legality of our use of it;
- The right to request that inaccurate or incomplete information about you is rectified;
- The right to request the deletion or removal of your information where there is no further reason for us to use it (such as you have withdrawn your consent or we no longer provide your children with education);
- The right to restrict the use of your information;
- The right to obtain and reuse the information that we have about you for your own purposes;
- The right to object to certain uses (such as for marketing purposes); and
- The right not to be subject to a decision that has a legal effect on you that has been based on an automated decision.
Should you wish to exercise any of these rights, you may do so at any time by writing to us at the address given below. In some cases, we are permitted to charge a small fee of no more than £10 in respect of our administrative costs.
If you would like to request the information we hold about you under a Subject Access Request (“SAR”) you can download the application template here.
If you feel that your rights have been breached in any way, you should contact Frank Philipps at the address given above or lodge an official complaint with the Information Commissioner’s Office via their website (https://ico.org.uk) or by writing to:Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
The Site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Data retention policy
The types of data we retain:
1) NEW ENQUIRIES
5) MEMBERS OF THE PUBLIC NOT COVERED INTO THE CATEGORIES OF 1-4
1) NEW ENQUIRIES
Where it’s stored
We store your data in the following way:
- Microsoft 365 – on our e-mail system
- Mailgun – our website enquiry form relay service
- Our internal cloud based server
Who has access to the data
The Directors & staff of We Prepare Ltd
How long we keep it
We retain the data for 1 year or for as long as we continue to provide a legitimate business service relationship with the subject. Data is deleted earlier upon request by a subject invoking the Right to Erasure which we will act upon within 48 hours of the instruction.
The Deletion Process
Our cloud-based server has a hard‐delete mechanism – once deleted it is unrecoverable
Microsoft 365 is subject to the deletion process at Microsoft
Mailgun is deleted and removed from their servers after 30 days
Where it’s stored
We store your data in the following way:
– Our in-house database on our cloud-based servers
– Microsoft 365- our email system
‐ Mailgun – our website enquiry form relay service
‐ Internal network (firewall protected)
‐ Company and staff ‘phones
‐ Our accountants
‐ Company computers
‐ Analytics & advertisers
‐ Sage Accounting software
‐ Web Design and Support company
‐ Data Centre & domain registries
‐ Courier & Delivery Partner Companies
Who has access to the data
Access to each location by staff of the company and controlled and limited by Company Directors.
How long we keep it
We retain the data for all current clients for as long as they remain active or until requested and invoking the Right to Erasure. When you cease to become a client, we will retain your data on our e-mail and we undertake an annual data purge to remove it, this will be done at the time of our annual review of this Policy each October.
The Deletion Process
We hard‐delete all records according to the above stated methods except where we are required, by law and regulated bodies (such as HMRC) to retain the records for longer.
We retain staff records indefinitely on our internal secure network (firewall protected) purely for the purpose of processing payroll and other legitimate employer correspondence. The information is shared only with HMRC, our bank, pension provider, and our accountancy practice and systems.
We retain employee data, both current and past, in accordance with regulation set by HMRC. We delete past employee details upon request and approval by HMRC.
We retain supplier details on our internal secure network, accountancy practice, bank, email. Details are purged annually unless an ongoing business transaction is required.
5) MEMBERS OF THE PUBLIC NOT COVERED BY POINTS 1-4
We do not retain details relating to members of the public whatsoever.
Data breach policy
Definition of ‘breach’
A breach of data is defined as an unauthorised access or release of PII (personally identifiable information).
As a data controller
We will inform the ICO within 72 hours of becoming aware of a PII data breach.
We will inform potentially affected subjects and the process they must undertake.
As a data processor
We will notify the data controller as soon as we become aware of a data breach and provide as much support as we feel appropriate to assist them in their reporting obligations to the ICO.