Policy key definitions:
- “I”, “our”, “us”, or “we” refer to the business (LilyPad Translations) and its founder (Lottie Valks).
- “you”, “the user” refer to the person(s) using this website.
- GDPR means General Data Protection Act.
- PECR means Privacy & Electronic Communications Regulation.
- ICO means Information Commissioner’s Office.
Processing of your personal data
Under the GDPR (General Data Protection Regulation) I control and / or process any personal information about you electronically using the following lawful bases.
- I am registered with the ICO under the Data Protection Register.
- Visitors to my website are not obliged to provide personal data. However, anyone interested in my services can contact me via the contact information provided; then some personal data is collected in order to establish communication.
- Lawful basis: Contract
The reason I use this basis: As a service provider, I must hold limited personal data on my clients/prospective clients to provide them with quotes, language services, invoices and to keep a record of my work.
I process your information in the following ways: Your data is stored in password-protected documents, which enable me to perform the services you request or to take necessary steps prior to fulfilling that request and to comply with legal requirements.
Data retention period: I will continue to process your information for 6 years (in line with UK tax laws). After this time, your personal data will be evaluated and deleted, as necessary.
Sharing your information: Your information may be shared with third parties (please see the Third Party Access section below).
- Lawful basis: Legitimate interests
The reason I use this basis: To retain data stored in Translation Memories (TMs).
I process your information in the following ways: TMs are stored securely for use on future projects.
Data retention period: I will continue to process data in this way until a request is made to anonymise/delete the data.
Sharing your information: I do not share your information with third parties.
If, as determined by me, the lawful basis upon which I process your personal information changes, I will notify you about the change and any new lawful basis to be used if required. I shall stop processing your personal information if the lawful basis used is no longer relevant.
Third party access
If I send a text to a colleague for revision or editing, that text will be anonymised, so that your personal data will not appear, or the colleague will be asked to sign a confidentiality agreement if necessary. They will be advised of their legal obligations in relation to confidentiality and professional secrecy.
Other parties may have access to your personal data for administrative purposes, including my website and email hosting services, and SaaS project management system. All these parties are GDPR-compliant.
Social media features
This website also includes social media features such as share or like buttons.
These features are provided by third-party social media platforms themselves (LinkedIn, Twitter and Instagram).
Your individual rights
Under the GDPR your rights are as follows. You can read more about your rights in details here;
- the right to be informed;
- the right of access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to data portability;
- the right to object; and
- the right not to be subject to automated decision-making including profiling.
You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way I am handling your data.
I handle subject access requests in accordance with the GDPR.
Data security and protection
I ensure the security of any personal information I hold by using secure data storage technologies and precise procedures in how I store, access and manage that information. My methods meet the GDPR compliance requirement.
Privacy Notice Policy: v.1.0 May 2018