Privacy Policy

Introduction: why do we have this policy?

Arrowmaker Communications Ltd. is a B2B copywriting and content company. It does not target marketing to consumers, nor does it hold or process your personally identifiable data for that purpose.

However, Arrowmaker Communications does hold and process personally identifiable information arising from individual contact persons in the companies and sole trader organisations with which it does business, as well as in its suppliers.

The vast majority of this data is used to enable us to deliver the services you have requested from us (or we from you) and for payment of these services. Some of the information is also used to market further services to you.

All of this means that, under the General Data Protection Regulation (GDPR) that came into law on 25th May 2018, as well as many preceding Acts and new laws already being planned, it is necessary for us to include this privacy policy on our website to clarify how and why we use your personally identifiable information, and how you can talk to us about it and claim your legal rights in relation to it.

We believe GDPR is a necessary step in protecting your (and our) personally identifiable information and we are very glad to support it. There is still significant uncertainty about some of the ramifications of the Regulation, particularly for smaller businesses, and our take on it may have to evolve over the coming months and years.

But we are determined to take whatever steps we reasonably can to treat your personal data with the respect it deserves now and in the future. 

The policy: scope, purpose and applicability

This policy is applicable to the processing of customers’ personal data by Arrowmaker Communications Ltd. (“our”, “us” or “we”). The purpose of this policy is to provide our current, former and potential customers (jointly referred to as “customers” or “suppliers” or “you”) with a general understanding of:

  • Circumstances under which we collect and process your personal data
  • Types of personal data we collect
  • Reasons for collecting your personal data
  • How we handle your personal data
  • Responsibility for the processing of personal data at Arrowmaker Communications Ltd.
  • Contact details so you can receive information about, and claim your rights in relation to, our processing of your personal data.

This policy will be updated when appropriate to reflect measures taken by Arrowmaker Communications Ltd. in relation to your personal data.

‘Controller’

Arrowmaker Communications Ltd. (company number 08387802) is the Controller in relation to processing of your personal data for services offered to customers.

Arrowmaker Communications Ltd. is also Controller for any processing of personal data in relation to legal and regulatory requirements.

Data processing: principles

We consider your privacy an essential part of the integrity of the services we offer. To safeguard your personal data whilst maximising the value of our services to you, we adhere to five general principles:

Principle 1: Freedom of choice

Your personal data belongs to you. It’s your choice whether or not to share your personal data with us.

Principle 2: Legitimate interest and other circumstances

We will only process your personal data in the pursuit of a legitimate interest, where there is risk to life or limb if we do not process it, or where ordered to process it (for example, as a legal requirement, or instruction by the forces or agents of the Law).

Principle 3: Proportionality

Arrowmaker Communications Ltd. will only process our customers’ personal data if it is adequate, relevant and necessary in relation to the purpose for which it has been gathered or supplied.

Principle 4: Transparency and security

Arrowmaker Communications Ltd. wants to be transparent about which personal data we process and for which purposes, and understands that it is critical that we protect that data. On request, Arrowmaker Communications Ltd. will provide customers with further information regarding our processing and protection of your personal data.

Principle 5: Legal compliance

It is Arrowmaker Communications Ltd.’s policy to comply with the applicable laws, rules and regulations governing privacy and data protection in the United Kingdom (our sole country of operation). Where necessary, we will adjust our processing of your personal data as described in this policy to ensure legal compliance.

Personal data that Arrowmaker Communications Ltd. collects or receives about you will be used to:

  • Provide you with services
  • Invoice you for services provided
  • Inform you of new services, events, special offers, and news
  • Inform you of changes to our terms and conditions and policies;
  • Obtain your opinion so that we may improve our services to you
  • Comply with legal requirements or lawful authority requests;
  • Identify services that may interest you

Definitions of terms

Arrowmaker Communications Ltd. makes use of the below-listed definitions in this policy:

  • “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data;
  • “Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
  • “personal data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
  • “processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  • “Sensitive personal data” means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. (See also qualification below.)

Data collection

You may provide us with information about you, for example through our website or by email, or by voice call. We may also obtain such data from third parties. Such data may include:

  • your contact information (name, address, telephone number, email address, etc.);
  • demographic information (age, marital status, household composition, etc.)
  • location data (geography)

Although we do not typically collect or process sensitive personal data (as defined above or by any applicable law) we will carefully apply additional measures if and when collecting and processing such data, as required by applicable law.

Notice

Where reasonably practical or as required by applicable law, we will, in connection to collecting or registering your personal data, provide you with (i) specific information as to the purposes of the processing of your personal data, (ii) the identity of the Controller, (iii) the identities of any third parties to whom the data may be disclosed and (iv) other information which may be necessary to ensure that you are able to safeguard your rights.

Gaining your consent

Where reasonably practical or as required by applicable law, we will obtain your consent prior to collecting or using your personal data. The request for your consent will be clear and specific and provide you with a reasonable basis with which to make your decision. We will never take your consent for granted. Instead, we will make sure that you can consent in a clear and transparent manner.

Your consent is voluntary and may always be revoked, for example by terminating a particular service or contacting Arrowmaker Communications Ltd. at the address indicated in the “Information and access” section below. If you do not give your consent, it may not be possible to use services or parts of services.

International transfer and sharing of data

Arrowmaker Communications Ltd. will not transfer your personal data to recipients in countries outside of the European Economic Area or share your data with them unless you give us express written permission to do so, in which you also indicate that you have understood that no liability can be accepted by Arrowmaker Communications for the standard of data processing and protection, and how it is or is not enforced by law, in the countries concerned.

Use of data

For most processing acts, you are able to terminate our use of your personal data by either using built-in unsubscribe links or buttons, or by contacting Arrowmaker Communications Ltd. at the address indicated in the “Information and access” section below or as otherwise instructed by us.

However, termination of the use of your personal data does not cover processing that we must perform in order to comply with our legal obligations.

Retention of your data

We will only retain your personal data for as long as it is necessary to fulfil the purposes outlined in this policy or for legitimate purposes of which you have otherwise been informed.

This means that when you have consented to our processing of your personal data, we will retain the data for as long as the customer relationship lasts or can reasonably be said to be ongoing, until you withdraw your consent.

If you have revoked your consent, we may nevertheless retain certain personal data for the period required in order for us to meet our legal obligations and defend ourselves in legal (including financial) disputes. If we have not received your consent for processing, the personal data will only be retained to the extent we are permitted to do so by law.

Data quality and correction

When we process your personal data, we make reasonable efforts to ensure that it is correct and up to date. We will delete or correct personal data that is incorrect or incomplete, once you have brought any such faults to our attention. For more information regarding your right to ensure the accuracy of your personal data held by us, please see the “Information and access” section below.

Information and access

As stated in the “Notice” section above, we may provide you with specific information concerning our processing of your personal data when collecting or registering such data.

You have the right to request (i) a copy of the personal data that we store about you, (ii) that we correct or remove personal data that you think is inaccurate, and (iii) to have your personal data deleted. In addition, you have the right to object to our processing of your personal data as well as to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format and to have these transmitted to another Controller.

Requests should be sent to the legal entity stipulated in the end of this document. Your requests will be dealt with in a prompt and proper manner. For more information on your rights please contact us using the details at the end of this document.

Security

Arrowmaker Communications Ltd. has taken, and continues to take, technical and organisational measures in order to protect your personal data against accidental or unlawful destruction, accidental loss or alteration, unauthorised disclosure or access and any other unlawful forms of processing.

Disclosures to third parties

Arrowmaker Communications Ltd. may share your personal data:

  • Among Arrowmaker Communications Ltd.’s Directors, and any employees, contractors and consultants who have a legal basis for access to it
  • In connection with the sale or transfer of Arrowmaker Communications Ltd. or its assets;
  • As required by law, for example in connection with a government inquiry, dispute or other legal process or request;
  • When we, in good faith, believe that disclosure is necessary in order to protect our rights, for example in order to investigate potential violations of our terms and conditions or to detect, prevent or disclose fraud or other security issues
  • With other business partners or third parties where you have elected to receive a service from them and authorised them to request data from Arrowmaker Communications Ltd. (such authorisation must be confirmed by you in citable written form, such as email)
  • With our product and service providers who work alongside us, or on our behalf, in connection with the above uses, or whose services you have requested further information about, such as (but not limited to) website designers and website builders, photographers, videographers, graphic designers, etc. (such request must be confirmed by you in citable written form, such as email)
  • With emergency services providers or in other circumstances where there is danger to life or limb

Arrowmaker Communications Ltd., being the Controller of your personal data will, as a general rule, only disclose your personal data to a third party if it has received your consent to do so (see above). However, if permitted by law we may share your personal data without your consent, unless we consider your consent necessary in the individual case or your consent is required by law, in the following situations:

  • When disclosure is required by law; and
  • When disclosure is necessary for the purpose of a legitimate interest pursued by Arrowmaker Communications Ltd. (for example in order to protect our legal rights, as described above).

Data processing on our behalf

We restrict processing access to your personal data by others on our behalf to third party applications such as (but not limited to) mailing, invoicing / accounting and document storage / document management software, which are required by us in order to deliver and manage services to you that you have requested from us.

Marketing

We will not sell or trade your personal data with third parties unless we have your consent to do so. We will not share your personal data with third parties for their marketing purposes, unless we have received your consent for such disclosures. If you have provided such consent, but wish to stop receiving marketing materials from a third party, please contact that third party directly.

We may provide you with information regarding new products, services, events or similar marketing activities. If you wish to unsubscribe from a particular e-mail newsletter or similar communication, or change previously submitted preferences, please follow the instructions, links and buttons in the relevant communication.

Websites and cookies

In general, you can visit Arrowmaker Communications Ltd.’s website without telling us who you are or revealing any information about yourself. However, to be able to provide you with certain services or offerings, we often need to record certain items of personal data such as your name and email address.

We may also collect (by means of cookies) anonymous information on how you have used our websites prior to such recording. This information will be helpful to us in order to improve our websites or marketing, and, in turn, the customer experience you receive from us.

Arrowmaker Communications Ltd.’s website will include information concerning our use of cookies if cookies are deployed when you are using the website..

Protection of children

Our services are not intended for use by children. We do not knowingly solicit or collect any personal data about children nor do we market our products or services to them.

If a child has provided us with personal data, a parent or guardian of that child may contact us to have the information deleted from our records. If you believe that we might unknowingly have any information collected from, or personally identifying, a child, please contact us. We will take steps to delete the information as soon as possible, where jurisdiction permits.

Complaints

If you are of the opinion that we are processing your personal data in violation of data protection laws and regulations you have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office (ICO).

However, if you suspect there has been an error or a contravention of any of the processes outlined in this document, we would advise you to contact us first (see contact information below), as we are in the best position to rectify the problem most rapidly and ensure it causes you and others no further issues.

Data protection representative and contact details

You can contact the Arrowmaker Communications Ltd. data protection representative via the following contact details:

E-mail address: data.enquiries@arrowmaker.net

Registered company and correspondence address: Arrowmaker Communications Ltd., 1 Station Cottages, Templars Way, Sharnbrook, Bedford, MK44 1PZ, United Kingdom.

To exercise your rights – e.g. to obtain information or access to personal data which we process – or to suggest how we could improve the information on these pages – please use the contact details above.

 

Thanks for reading.

Your Arrowmaker Communications Team