Legal and Privacy Statements
(Terms & Conditions)
1.0 The Hedley Twist overview of privacy and data protection
- At Hedley Twist we believe that privacy and data protection are human rights.
- Data will only be collected and used when absolutely necessary.
- We endeavour to prevent spam at every opportunity.
- We will never sell, mis-use, make public, or distribute your personal information.
2.0 We cover ALL the relevant legislation and laws
2.1 Legislation and Laws
This website is designed to comply with all the relevant and current legislation on data protection and privacy. Links to the relevant legislative websites can be found below:
Our internal computer systems are also compliant with this legislation. All our data is password protected and physically stored on separate devices.
2.2 Website Statement
Whilst the information provided on this website is given in good faith by Hedley Twist, no warranty or representation is given concerning such information which must not be taken as establishing any contractual or other commitment binding upon Hedley Twist. Furthermore, whilst Hedley Twist uses reasonable efforts to include accurate and up-to-date information on the website, to the extent permitted by law, Hedley Twist make no warranties or representations as to its accuracy. To the extent permitted by law, Hedley Twist excludes all liability to third parties arising directly or indirectly from their use of or reliance on information or materials contained in this website.
The website may contain references or links to other websites on the Internet which are owned and operated by third parties. Those references or links are not an endorsement of those third parties or their products or services. Hedley Twist reserves the right to revise this website at any time.
3.0 Personal information collection by our website
3.1 Tracking visitors to our website and cookies
On occasions, we use Google Analytics (see below) to track visitors to our website. However, we do not use any other analytics program, display advertisements or have affiliate links. Our website therefore uses persistent cookies which requires us to show the cookies popup (EU Cookie Directive 2011). Our website also uses session cookies (tiny pieces of information which speed up loading, or assist with other functionality). These are created automatically through your browser when you visit our websites but only exist during a session. On first visiting our website you will therefore see the EU Directive ‘cookies popup’ statement with a link to this page.
3.11 Core Principles
Cookies are there: The cookies used are analytical cookies.
What cookies are doing: The cookies are being used for analytical purposes.
Implied users consent to store a cookie on their device:
3.12 Cookie Usage
The cookies in use to deliver Google Analytics service are described in detail below:
List: __utma, __utmb, __utmc, __utmv, __utmz
These cookies are used to store information, such as what time your current visit occurred, whether you have been to the site before, and what site referred you to the web page. These cookies contain no personally identifiable information but they will use your computer’s IP address to know from where in the world you are accessing the Internet. Google stores the information collected by these cookies on servers in the United States. Google may transfer this information to third-parties where required to do so by law, or where such third-parties process the information on Google’s behalf.
For more information on the usage of cookies by Google Analytics please see the Google website. A link to the privacy advice for this product is provided here for your convenience.
3.14 Disabling Cookies
3.2 Hedley Twist website blogs/news
Our website has blog/news functionality, but at this time we are not using this. However, should you choose to add a comment to any posts that we have published on our blog (if it goes live), the name and email address you enter with your comment will be saved to this website’s database, along with your computer’s IP address and the time and date that you submitted the comment. This information is only used to identify you as a contributor to the comment section of the respective blog post and is not passed on to any of the third party data processors detailed below. Only your name will be shown on the public-facing website although if the supplied email address is linked to a Gravatar account, your Gravatar photo will also be displayed.
Your comment and it’s associated personal data will remain on this site until we decide to either 1.) remove the comment or 2.) remove the blog post. Should you wish to have the comment and it’s associated personal data deleted, please email us here using the email address that you commented with.
If you are under 16 years of age you MUST obtain parental consent before posting a comment on our blog.
NOTE: You should avoid entering personally identifiable information to the actual comment field of any blog post comments that you submit on this website.
3.3 Email and contact forms / application forms
We use a simple code on our website to encrypt email links. This means that spam bots are unable to harvest our email and subsequently spam us or use our email to spam others. This system is not 100% proof, but we do our best to prevent spam at every opportunity. If you use a contact form on our website, then none of the data you supply is stored on our websites or passed to or processed by any third party. The data collected is collated into an email and sent in a standard way using the SMTP (Simple Mail Transfer Protocol). All email addresses and mail servers are protected by our hosting company using TLS (sometimes known as SSL). This simply means that your details sent are encrypted before being sent across the internet. On arrival, the content is decrypted by local devices at the Hedley Twist offices.
Contact information from the contact email is used to respond to enquiry or send information as appropriate. The individual’s contact information is also used to get in touch with the individual when necessary. Such contact information is never disclosed to a third party. Your contact information is only stored on secure mail software, e.g. Mac Mail or Outlook, or a password protected spreadsheet when we are required to maintain a business relationship with you, e.g. you provide us with a service or your enquiry remains active. At any time you may contact us to request that your information is deleted.
4.0 How we store your personal information
(Also see section 3.3 regarding emails and contact forms) As noted above, if you submit a comment to a blog post published on this website some personal information will be stored within this website’s database. This is currently the only occasion where personal data will be stored on this website. At this time GDPR requires pseudonymisation. Put simply, this means that an identifier (code) is added to sections of personal information which links this information together. The pieces of information are then separated. Without the code, your personal information and identity cannot be linked together. Almost all web applications using a Content Management System (CMS), e.g. WordPress (this site), Joomla, Drupal, Wix, Weebly etc do not yet comply with this part of the legislation. For example, as of 2018, there are nearly 500 million WordPress sites on the web and none of them yet meet this requirement. It will take some time for this change to be developed by the application developers. As soon as it is available, then we shall implement it on our website.
5.0 Our hosting company and security
For our website we use a reputable UK hosting company. The hosting company industry is largely unregulated and many of the largest companies do not use sufficient levels of diligence to prevent hacking or other data breaches. The company we use complies with the Data Protection Act 1998 and has numerous measures to prevent compromise of websites and data. They also maintain up to date software and have closed the main routes often used by hackers. No website is 100% secure, but at Hedley Twist we endeavour to ensure that everything we do online is as secure as it can be.
6.0 Third party data processors
We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out in section 2.0. All 3 of these third parties are based in the USA and are EU-U.S Privacy Shield compliant.
7.0 Data breaches
We undertake to report any unlawful data breach relating to our websites or their databases, and any other source from hardware and software used at Hedley Twist. We will report this breach to all the required authorities within 72 hours as is the requirement under the GDPR legislation.
8.0 Who to contact
If you have an questions or concerns with regard to data or this policy, then please contact:
call: +44 (0)20 7978 7023