Use of our website
The GDPR Portal website provides information about the EU's General Data Protection Regulation and compliance with its requirements. We may also offer products, content and services related to GDPR and other data privacy/protection legislation and best practice.
This website provides products, content, and services for a professional adult business audience and is not intended for children.
We do not knowingly collect or store personal data provided by anyone under 18 years of age. If you are a minor, please do not use our website or attempt to purchase our products or services.
This document describes
What data we collect
Why we collect it
The legal basis for the collection, holding and processing of personal data
How we look after your data
Who we may share your data with
How and where your data is stored
How long we hold your data and how we look after it
Your rights and how to exercise them
How to contact us
How to make a complaint
What data we collect
GDPR Portal may collect data about you that is typical of the kind of information that can be found on a business card: first name, last name, job title, employer/company name, work address, work email, and work phone number. In some cases - for example if you complete a questionnaire or survey - we may request additional information such as the size or type of organisation you work for.
Information You Provide
Some areas of the Site may ask you to submit personal information in order for you to benefit from the specified features (such as newsletter subscriptions, white papers, tips, guides or order processing) or to participate in a particular activity (such as webinars, hangouts and events). You will be informed what information is required and what information is optional.
We may combine the information you submit with other information we have collected from you, whether on- or offline. We may also combine it with information we receive about you from other sources, publicly available information sources and other third parties.
To enhance and/or update the information that you have provided to us, we may combine it with professional information or personal data that we collect from third parties and/or public domain sources.
The personal data referred to in this document is the personal and professional information you provide, as well as information that we may obtain from third party sources, which may be combined in a single record.
Passive Information Collection and Use
As you navigate around the Site, some information can be passively collected (that is, gathered without your actively providing the information), using various technologies. We and our third-party service providers may passively collect and use information in a variety of ways, including:
Through your browser: Certain information is collected by most browsers, such as your Media Access Control (MAC) address, computer type (Windows PC or Macintosh), the current screen resolution, your operating system version, and Internet browser type and version. We may collect similar information, such as your device type and identifier, if you access the Site through a mobile device. This information is used to monitor our website traffic and optimise the design and layout of our content to provide the best experience for our users.
Using pixel tags, web beacons, clear GIFs, or other similar technologies: These may be used in connection with some Site pages and HTML-formatted e-mail messages to, among other things, track the actions of Site users and e-mail recipients, measure the success of our marketing campaigns, and compile statistics about Site usage and email response rates.
IP Address: Your IP Address is a number that is automatically assigned to the computer that you are using by your Internet Service Provider. An IP Address is identified and logged automatically in our server log files whenever a user visits the Site, along with the time of the visit and the page(s) that were visited. Collecting IP Addresses is standard practice on the Internet and is done automatically by many websites. We use IP Addresses to identify the country you are accessing the site from in order to present content appropriate to your geographical region and to enable us to comply with privacy legislation in your region.
We do not request or solicit the posting of personal information and we request that you do not disclose any sensitive personal information (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership) on any of our sites or web properties.
Comments posted on this site or other sites under our control which may contain such information will be removed as soon as identified.
Why we collect it
We may collect your personal data when you register to receive any of the products, content or services offered by GDPR Portal such as subscriptions, newsletters, memberships, webcasts, videos, white papers, online seminars, physical products, conferences and events.
We use the personal data that we collect to communicate with you, to deliver products and/or services you request, to improve our website and services and to present other information and offers that may be of interest.
To communicate with you
We may use your personal data to send you important notices, such as communications about your registration, purchases or services and changes to GDPR Portal terms and conditions, policies and other relevant information.
To deliver requested products/services
We may use your personal data to provide the physical or digital products or services you have requested or purchased or to provide support or customer services in relation to those products or services.
To improve our website and business services
Website usage data is collected to provide information about website traffic and usage to help us improve and optimise the content, design and user experience on the site.
To present offers that may be of interest to you
If you have consented to do so, we may use the data you have provided to update you with relevant news about our products and services and provide other marketing material that may be of interest. You have the right to withdraw this consent at any time.
Legal basis for collecting, holding and processing personal data
Where GDPR Portal uses the personal data that you may provide to supply you with products, content and services that you have requested or purchased, or otherwise for the normal operation of our business, we process your data under GDPR Portal's legitimate interest.
Where you have provided personal data to us for the purpose of receiving information and marketing material about our products or services or third party products and services that may be of interest to you, the legal basis for processing your personal data is your consent.
When GDPR Portal processes your personal data for GDPR Portal's legitimate interests, GDPR Portal will consider and balance any potential impact on you and your rights under data protection and any other relevant law.
GDPR Portal will not use your personal data in circumstances where your rights and freedoms override our legitimate interests, unless we have your consent or are otherwise required or permitted to by law.
How we look after your data
Security of your personal data
GDPR Portal maintains safeguards which include technical and organisational security measures to protect your personal data from loss, disclosure, unauthorised access, misuse or deletion and we require the third parties we contract with to support GDPR Portal business operations to similarly employ reasonable security measures to protect your data.
We update and test security on regular basis and restrict access to your personal data to only those who need to know in order to provide GDPR Portal products, content or services to you.
Storage of your personal data
We may store your personal data using our own secure infrastructure hosted within the UK. Your personal data may also be stored by third parties, via cloud services or other technology, to whom GDPR Portal has contracted with, to support GDPR Portal's business operations.
Where your data is stored or processed by third party providers, your data is subject to the privacy policies of those providers (see below).
Who we may share your data with
GDPR Portal may share your personal data to help deliver content, products and services from our sites, for business operations, and to comply with legal processes.
For content, products and services that you request or purchase
Your personal data may be shared within the GDPR Portal network to provide you with information about products, content and services that might interest you and to help
For business operations
We may also share your personal data with third parties we have contracted with to support GDPR Portal business operations including delivery, fulfilment, payment processing, email deployment and data processing.
As required by law
Your personal data may be shared when required by law in your jurisdiction or ours or when necessary to comply with a valid legal process.
In the event of new ownership
If part or all the ownership of GDPR Portal or any of its products or services are sold or transferred, your personal data will be transferred to the new owner. In the event of any such sale or transfer, you will be notified and will retain the same rights over any personal data under the new owner.
International Data Transfers
GDPR Portal will not hold your data in or transfer your data to a State which is not a Member State of either the European Union or the EEA, or not deemed adequate by the European Commission.
Third party Privacy Policies
GDPR Portal may use third party providers including cloud-based services to store, archive, backup and/or process data. Data held using third party services is subject to their privacy policies. You can view the services and privacy policies of third party providers we may use using the following links:
|G-Suite, Email, Document Storage, Surveys and Questionnaires||Google Cloud Privacy|
|Advertising Services (Adsense)||Google Ads Privacy and Terms|
|Search, mobile apps and other services including website analytics||Google Privacy|
|Microsoft||Office 365, Email, OneDrive Storage, Sharepoint services, Teams, Surveys
|Microsoft||Bing Analytics||Microsoft Privacy|
|Zoho||CRM, Email Campaigns, Surveys and Questionnaires||Zoho Privacy|
|Paypal||Payment Processing||Paypal Privacy|
How long we hold your personal data
We will retain your personal data for the duration of your business relationship with us, and we hold your information only as long as necessary for each purpose we use it, unless we have obtained your consent to use for another or similar purpose, or there is a legal requirement for us to retain it.
Your rights and preferences
Under the General Data Protection Regulation, you have a number of rights. This section describes your rights and how to exercise them.
As a data subject, you have the following rights over personal data we may hold:
The right to be informed
The right of access
The right to rectification
The right to erasure
The right to restrict processing
The right to data portability
The right to object
Rights in relation to automated decision making and profiling
If you inform us that you want your personal data erased, or that you no longer wish for us to communicate with you for marketing purposes, or to otherwise restrict GDPR Portal's processing of your personal data, we may retain some basic information in order to avoid sending you unwanted materials in the future, and to keep a record of your request and our response.
Confirming, accessing, updating or correcting your personal data
To confirm that GDPR Portal is processing your personal data, or to access, update or correct the personal data that GDPR Portal holds about you, or to obtain a copy to reuse for your own purposes, please send an email to email@example.com
Erasing your personal data
If you want your personal data to be erased, please email firstname.lastname@example.org
To stop receiving marketing communications, simply use the 'unsubscribe' link on any of our marketing emails, or email your request to email@example.com. If you want to register to receive marketing emails from GDPR Portal or re-activate marketing emails, you can sign up here.
Restriction of Processing
To restrict processing of your personal data, please email firstname.lastname@example.org
Automated Decision Making and Profiling
We do not use automated decision making and profiling when processing your data.
How to Contact Us
How to contact us
1. By telephone on +44 2038908251 (messages may be recorded)
2. By email to email@example.com
3. By post to the Data Controller, 49 Station Road, Polegate, East Sussex, BN26 6EA
How to Make a Complaint
In the first instance, please use any of the contacts above to contact the GDPR Portal Data Controller.
We aim to respond to enquiries and complaints as soon as possible. If you are not satisfied with the way that GDPR Portal has handled your complaint, you may file a complaint with the applicable supervisory authority.
The supervisory authority in the UK is the Information Commissioner's Office (ICO) and can be contacted as follows:
1) Visit https://ico.org.uk/concerns/ where you will find the best way to register your concern.
2) Call the ICO Helpline on 0303 123 1113
3) Write to the ICO at:
Information Commissioner's Office
You can see details of Data Protection regulators in other EU countries at http://gdpr.portalpages.info/links-resources/eu-data-protection-regulators.
Your feedback is important to us.
We’d love to hear your ideas, opinions and comments about GDPR Portal’s services. Please email firstname.lastname@example.org
Updates to this policy