Our website address is:https://cassidyacoustics.com.
We ensure the processing of data is in compliance with the Data Protection Act 1998 and any subsequent data protection and privacy legislation, European Union Law including Regulation (EU) 2016/679, known as the General Data Protection Regulation or GDPR and any subsequent amendments.
When you visit or use the website in any way, we may collect and process different types of information about you. We have set out below the different types of data that we collect.
We collect technical information including your Internet Protocol (IP) address, browser type and version, operating system and device type. This is collected in an anonymous manner and helps us optimise the site for our users. We also anonymously collect information about your visit, including the Uniform Resource Locators (URLs) of the pages you visit during your visit, pages you view, length of time on page and referring URL. This is the web page that you came from if you followed a link to our site. This helps us better understand what content appeals to our users and how to best structure our site. We may collect personal data you provide about yourself anytime you contact us about our Services(for example, your name and contact details), including by phone, email or post or when you speak with us through social media.
The data we collect, the basis of processing and the purposes of processing are detailed below. Sometimes, these activities are carried out by third parties.
Your data may be stored and transferred within the European Economic Area (EEA) or transferred to, and stored in, countries outside the EEA, for example, when one of our service providers use employees or equipment based outside the EEA. The EEA comprises those countries that are in the European Union (“EU”) and some other countries that are considered to have adequate laws to ensure personal data is protected. When transferring your data outside of the UK, Ireland or the EEA, we will (and will ensure that service providers acting on our behalf agree to) protect it from improper use or disclosure and ensure the same levels of protection are in place as are applied within the UK, Ireland and the EEA.
We may use yourData that we hold to: provide you with general information on our webite; analyse your online browsing behaviour on our website; respond to your requests for information and other communication or correspondence you may submit to us; provide you with information or services that you request from us; carry out statistical analysis and market research; investigate any improper use of our services.
We may access and/or disclose your Data if required to do so by law or in good faith and belief that such action is necessary.
We use third party service providers who work for us in the provision of our services. In providing the services your data may be processed by the service provider on our behalf.
In certain circumstances, we may share and/or are obliged to share your Data with third parties for the purposes described above and in accordance with Data Protection Legislation.
We keep your personal data for as long as it is necessary to do so to fulfil the purposes for which it was collected, such asretention in case of queries and in accordance with legal and regulatory requirements.
Our Site contains links to and from other websites. Third party websites may also provide links to this website. If you follow a link to any of those websites they have their own privacy policies. We do not accept any responsibility or liability for those policies. Please check those policies before you submit any personal data to those websites. We do not accept any responsibility for the privacy policies and information protection practices of any third party website (whether or not such website is linked on or to this website). These links are provided to you for convenience purposes only, and you access them at your own risk. It is your responsibility to check the third party website’s privacy statement before you submit any personal data to their websites.
We endeavour to use appropriate technical and physical security measures to protect your personal data which is transmitted, stored or otherwise processed byus, from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access. Our service providers are also selected carefully and required to use appropriate protective measures. As effective as modern security practices are, no physical or electronic security system is entirely secure. The transmission of information via the internet is not completely secure. Although we will do our best to protect your data, we cannot guarantee the security of your data transmitted to our website. Any transmission of data is at your own risk. Once we receive your data, we will use appropriate security measures to seek to prevent unauthorised access. We will continue to revise policies and implement additional security features as new technologies become available. In the event that there is an interception or unauthorised access to your personal data, we will not be liable or responsible for any resulting misuse of your personal information.
You may have various rights under Data Protection Legislation. However, in certain circumstances, these rights may be restricted (Article 23 of the General Data Protection Regulation sets out the circumstances in which your rights may be restricted). In particular, your rights may be restricted where this is necessary: for the prevention, detection, investigation and prosecution of criminal offences; in contemplation of or for the establishment, exercise or defence of a legal claim or legal proceedings (whether before a court, tribunal, statutory body or an administrative or out-of-court procedure).
Subject to the above, your rights under Data Protection Legislation may include (as relevant):
- Right of Access - Subject to certain conditions, you are entitled to have access to your personal data which we hold. Requests should be made to the email below. We must be able to verify your identity. Your request may not affect the rights and freedoms of others, e.g. privacy and confidentiality rights of other individuals and/or businesses.
- Right of Data Portability - Subject to certain conditions, you are entitled to receive the data which you have provided to us and which is processed by us by automated means, in a commonly-used machine readable format. Requests should be made to the email below. The GDPR does not establish a general right to data portability. This right only applies if the processing is based on your consent or on our contract with you and when the processing is carried out by automated means (e.g. not for paper records). It affects only personal data that was “provided” by you. Therefore, it does not, as a rule, apply to personal data that was created by us.
- Rights in relation to inaccurate personal or incomplete data - You may challenge the accuracy or completeness of personal data which we process about you. If it is found that personal data is inaccurate, you are entitled to have the inaccurate data removed, corrected or completed, as appropriate. Notify us of any changes regarding your personal data by contacting the email below. This right only applies to your own personal data. When exercising this right, please be as specific as possible.
- Right to object to or restrict our data processing - Subject to certain conditions, you have the right to object to or ask us to restrict the processing of your personal data. Requests should be made to the email below. This right applies only if the processing of your personal data is necessary for the performance of a task carried out in the public interest. Objections must be based on grounds relating to your particular situation. They must not be generic so that we can demonstrate that there are still lawful grounds for us to process your personal data.
- Right to have personal data erased - Subject to certain conditions, you are entitled, on certain grounds, to have your personal data erased e.g. where you think that the information we are processing is inaccurate, or the processing is unlawful. Requests should be made to the email below. There are various lawful reasons why we may not be ina position to erase your personal data. This may apply where we have to comply with a legal obligation, in case of bringing legal proceedings or defending legal proceedings, or where retention periods apply by law.
- Right to withdrawal - ou have the right to withdraw your consent to any processing for which you have previously given that consent. Requests should be made to the email below. If you withdraw your consent, this will only take effect for the future.