This Privacy Policy applies when you visit our website, thetalesofadventure.com and hausofhiatus.com. It also applies where we are in contact with you in other ways, whether in your capacity as an individual or as director, shareholder, partner, employee or other representative of a company or other organisation.
We can be reached by email at hello@hausofhiatus.com or by completing the form at https://www.hausofhiatus.com/work-with-us.
Tales of Adventure and Haus of Hiatus adheres to the following principles when processing your personal data:
· Storage limitation – data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
· Purpose limitation – data must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
· Accuracy – data must be accurate and, where necessary, kept up to date.
· Lawfulness, fairness and transparency – data must be processed lawfully, fairly and in a transparent manner.
· Data minimisation – data must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
· Integrity and confidentiality – data must be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage by using appropriate technical or organisational measures. For each visit to our website, our web server automatically recognises and collects only the domain name (where possible), but not the email address.
You may choose to provide us with personal data when you are introduced to us, when we meet you in person, or when we are in contact by phone, email, via our website or otherwise.
The categories of personal data you provide includes:
first and last name;
job title and company name;
email address;
phone number;
Marketing and communications data includes your preferences in receiving marketing from us and your communication preferences.
Information we collect online
We collect, store and use information about your visits to our website and about your computer, tablet, mobile or other device through which you access our website. This includes the following:
technical information, including the Internet protocol (IP) address, browser type, internet service provider, device identifier, your login information, time zone setting, browser plug-in types and versions, operating system and platform, and geographical location;
information about your visits and use of the Site, including the full Uniform Resource Locators (URL), clickstream to, through and from our Site, pages you viewed and searched for, page response times, length of visits to certain pages, referral source/exit pages, page interaction information (such as scrolling, clicks and mouse-overs), and website navigation and search terms used; information collected by cookies on our website (for more information on cookies, please see the section on cookies below).
Sensitive personal data
We do not collect sensitive (or special categories of) personal data. Sensitive personal data is defined by data protection laws to include personal data revealing a person’s racial or ethnic origin, religious or philosophical beliefs, or data concerning health. If we do collect sensitive personal data, we will ask for your explicit consent to our proposed use of that information at the time of collection.
Children
Our website is not intended for or directed at children under the age of 16 years and we do not knowingly collect data relating to children under this age. We collect the email addresses of those who communicate with us via email and user-specific information on what pages are accessed or visited.
The purpose for which we use and process your information (excluding sensitive personal data) and the legal basis on which we carry out each type of processing is explained below.
Purposes for which we will process the information: legal basis for the processing
· To provide you with information and services that you request from us. It is in our legitimate interests to respond to your queries and provide any information requested in order to generate and develop business.
· To ensure we offer a good and responsive service, we consider this use to be proportionate and will not be prejudicial or detrimental to you.
· To send you alerts, newsletters, bulletins, announcements, and other communications concerning Haus of Hiatus, developments in marketing communications or notifications we believe may be of interest to you. It is in our legitimate interests to market our services. We consider this use to be proportionate and will not be prejudicial or detrimental to you.
· You can always opt-out of receiving direct marketing-related email communications or text messages by following the unsubscribe link.
· To invite you to seminars, events, or other functions we believe may be of interest to you. It is in our legitimate interests to market our services. We consider this use to be proportionate and will not be prejudicial or detrimental to you.
· You can always opt-out of receiving direct marketing-related email communications or text messages by following the unsubscribe link.
· To enforce the terms and conditions and any contracts entered into with you It is in our legitimate interests to enforce our terms and conditions of service. We consider this use to be necessary for our legitimate interests and proportionate.
· To send you information regarding changes to our policies, other terms and conditions and other administrative information. It is in our legitimate interests to ensure that any changes to our policies and other terms are communicated to you. We consider this use to be necessary for our legitimate interests and will not be prejudicial or detrimental to you.
· To administer our website including troubleshooting, data analysis, testing, research, statistical and survey purposes;
· To improve our website to ensure that consent is presented in the most effective manner for you and your computer, mobile device or other item of hardware through which you access our website; and to keep our website safe and secure.
· For all these categories, it is in our legitimate interests to continually monitor and improve our services and your experience of our website and to ensure network security. We consider this use to be necessary for our legitimate interests and will not be prejudicial or detrimental to you.
· For email marketing to an individual subscriber (that is, a non-corporate email address) with whom we have not previously engaged as a client, we need your consent to send you unsolicited email marketing.
Where you provide consent, you can withdraw your consent at any time, but without affecting the lawfulness of processing based on consent before its withdrawal.
You have the right to opt out of receiving email marketing communications from Haus of Hiatus at any time by: contacting Haus of Hiatus using the details set out above; or using the “unsubscribe” link in emails. We do not share your personal data with third parties except as provided in this Privacy Policy.
We share your information with the following third parties:
with Haus of Hiatus staff;
with suppliers providing marketing services to us
with our third-party data processors and service providers who assist with the running of our website and our office services including our IT support services and data storage/back up services.
Our third-party processors and service providers are subject to security and confidentiality obligations and are only permitted to process your personal data for specified purposes and in accordance with our instructions.
In addition, Haus of Hiatus may disclose information about you in the following circumstances:
in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
if all or substantially all of Haus of Hiatus’ assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets;
if we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation;
if necessary to protect the vital interests of a person; and
to enforce or apply our terms and conditions or to establish, exercise or defend the rights of Haus of Hiatus, our staff, customers or others.
We do not transfer your personal data outside the UK or the European Economic Area (EEA).
We use industry standard physical and procedural security measures to protect information from the point of collection to the point of destruction. This includes encryption, firewalls, access controls, policies and other procedures to protect information from unauthorised access.
Where data processing is carried out on our behalf by a third party, we take steps to ensure that appropriate security measures are in place to prevent unauthorised disclosure of personal data.
Despite these precautions, however, Haus of Hiatus cannot guarantee the security of information transmitted over the Internet or that unauthorized persons will not obtain access to personal data. In the event of a data breach, Haus of Hiatus have put in place procedures to deal with any suspected breach and will notify you and any applicable regulator of a breach where required to do so.
You have the right to access information which we hold about you. If you so request, we shall provide you with a copy of your personal data which we are processing (“data subject access request”). We may refuse to comply with a subject access request if the request is manifestly unfounded or excessive or repetitive in nature.
You may also have the right to receive personal data which you have provided to us in a structured and commonly used format so that it can be transferred to another data controller (“data portability”). The right to data portability only applies where your personal data is processed by us with your consent or for the performance of a contract and when processing is carried out by automated means.
We want to make sure that your personal data is accurate and up to date. You have the right to have inaccurate personal data rectified, or completed if it is incomplete. You can update your details or change your privacy preferences by contacting us as provided above. We may refuse to comply with a request for rectification if the request is manifestly unfounded or excessive or repetitive.
You have the right to object at any time to our processing of your personal data for direct marketing purposes.
You also have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on our legitimate interests. Where you object on this ground, we shall no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
You also have the following rights under data protection laws to request that we rectify your personal data which is inaccurate or incomplete.
In certain circumstances, you have the right to:
Request the erasure of your personal data erasure (“right to be forgotten”); restrict the processing of your personal data to processing in certain circumstances.
Please note that the above rights are not absolute and we may be entitled to refuse requests, wholly or partly, where exceptions under the applicable law apply. We may refuse a request for erasure, for example, where the processing is necessary to comply with a legal obligation or necessary for the establishment, exercise or defence of legal claims. We may refuse to comply with a request for restriction if the request is manifestly unfounded or excessive or repetitive in nature.
You can exercise any of your rights as described in this Privacy Policy and under data protection laws by contacting us as detailed above.
Save as described in this Privacy Policy or provided under data protection laws, there is no charge for the exercise of your legal rights. However, if your requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may either: (a) charge a reasonable fee taking into account the administrative costs of providing the information or taking the action requested; or (b) refuse to act on the request.
Where we have reasonable doubts concerning the identity of the person making the request, we may request additional information necessary to confirm your identity.
Our website may, from time to time, contain links to and from third-party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and Haus of Hiatus does not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Email which you send to us or which we send to you may be monitored by Haus of Hiatus. Monitoring is not continuous or routine, but may be undertaken on the instruction of a director where there are reasonable grounds for doing so. Occasional spot checks or audits may also be undertaken on the instruction or with the authority of a director.
If you have any questions or complaints regarding our Privacy Policy or practices, please contact us as detailed above.
You have the right to make a complaint at any time with a supervisory authority, in particular if you are in the UK or in the EU (or EEA) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is ICO who can be contacted at https://ico.org.uk or telephone on 0303 123 1113.
From time to time, we may change this Privacy Policy. The current version of this Policy will always be available from us in hard copy or on our website. We will post a prominent notice on our website to notify you of any significant changes to this Policy or update you by other appropriate means.
Cookies
To make this site work properly, we sometimes place small data files called cookies on your device. Most big websites do this too.
What are cookies?
A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions and preferences (such as login, language, font size and other display preferences) over a period of time, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another.
How do we use cookies?
Google Analytics: We use Google Analytics to collect information about visitor behaviour on our website. Google Analytics stores information about what pages you visit, how long you are on the site, how you got here and what you click on. This Analytics data is collected via a JavaScript tag in the pages of our site and is not tied to personally identifiable information. We therefore do not collect or store your personal information (e.g. your name or address) so this information cannot be used to identify who you are.
You can find out more about Google’s position on privacy as regards its analytics service at https://support.google.com/analytics/answer/6004245.
YouTube and Vimeo: Videos embedded on the website are hosted on YouTube or Vimeo, and the video player uses cookies from this domain to to remember preferences, track your browsing and to provide data to third parties. Information on YouTube and Vimeo’s use of cookies can be found on their cookie policy page.
How to control cookies
You can control and/or delete cookies as you wish – for details, see www.aboutcookies.org. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.