The EU General Data Protection Regulation (GDPR) is due to come into effect on May 25th 2018, giving you more control over how and where your personal data is stored and processed.
Whenever we store or process your personal data, it must have a valid lawful basis. This will come under one of the following bases (as set out in the GDPR):
- Consent – You have given clear consent for us to use of your personal data for a specified purpose. You have the right to withdraw this consent at any time by contacting us.
- Contract – The data is needed to fulfill a contract we have with you. (This doesn’t have to be a written, signed contract and can include for instance, an agreement to provide a proposal/quote for a project).
- Legal Obligation – The data is needed to comply with the law or a statutory obligation we have (not including contractual obligations).
- Legitimate Interests – The data is necessary for our legitimate business interests (usually required to carry out our day to day business operations).
Who We Store and Process Personal Data About
Basis: Contract, Legitimate Interest
We may need to use your personal information in order to fulfill an agreement we have with you (written or otherwise). E.g. to produce a written quote, based on a project enquiry or to invoice for work carried out.
We may need to use your personal information (such as email addresses, Facebook IDs, Google usernames or other online account IDs) in order to provide or setup any relevant third party services for you, as agreed for a project. For instance client Facebook user IDs will be required to give access to the backend control panel for a Facebook app.
We archive project contracts, agreements and written approvals for work we’ve carried out, as necessary for our business records.
Clients/Customers, Suppliers & Business Partners
Basis: Legal Obligation, Legitimate Interest
We have a legal obligation to record business accounts (invoices etc.) to report to relevant authorities (e.g. for tax purposes).
We may store and keep contact records of current and prospective suppliers, clients/customers and business partners, including contact details and copies of emails, in order to provide and receive products and services necessary to operate our business.
You can sign up to our mailing list using the sign-up form on our website, to receive information relating to what we do from time to time.
We use double opt-in for all mailing list subscriptions. This means after subscribing, you’ll need to confirm by clicking a link in the confirmation email you receive in order to be added.
We won’t bombard you with junk and you can unsubscribe at any time (just click the link at the bottom of one of our email newsletters, or contact us).
Our mailing list service provider is MailChimp, who store and process our mailing list on our behalf.
Data Capture on Behalf of Our Clients
When we host finished projects on behalf of our clients, we may occasionally (at the client’s request) collect and store personal information voluntarily submitted by players within that particular game. This will typically be names and email addresses, to allow our client to run a competition or promotion.
Submitting any personal information is always optional and we always store and pass the information on to our client in a secure manner. We never keep this data longer than is necessary and always delete any data stored on behalf of the client after it’s been passed over to them.
In these instances we act as data processor, our client will be the data controller. You’ll need to contact them for any queries, or to withdraw your consent to the storing and processing of your personal data (please see the relevant competition rules/Ts&Cs linked at the point where you submitted your data).
How and Where We Store and Share Your Data
The data we hold is stored either as digital files or printed documents.
Digital files may be stored on our local computers and/or devices (e.g. desktop computers, laptops and mobile devices as necessary). They may also be transferred to remote computer systems/services as required. For example:
- Any web based content (including emails) may be stored on our web server (located in our web hosting service provider’s data centre).
- Your data may be transferred to third party services, in order to carry out the intended use of that data. E.g. our mailing list is stored with a mailing list service provider and we may use your personal data to set up services on your behalf, as agreed as part of work we carry out for you.
- We make regular, secure off-site backups of data to avoid data loss in the event of computer hardware failure, fire, or some other unforeseen event. These include copies on removable physical media at a different location and copies on a remote server.
- We store digital copies of all accounts related documents (including supplier and client invoices) on a third party online accounting service.
- We may occasionally be required to share your data with third party organisations in order to fulfill our legal obligations, such as auditors.
In some cases this means your data may be transferred to and stored by third party service providers outside the EU.
We don’t keep data longer than is necessary for the intended purpose of that data.
In some instances we may have a legal obligation to keep personal data (for instance, invoices for accounting purposes). In these cases we will remove this data when we no longer have a legal obligation to keep it.
All other data will be removed when it’s no longer necessary for the purpose it was intended for.
Accessing or Rectifying Your Data
You have the right to access any personal data we store about you. You can also request we correct any personal information that you think may be incorrect or incomplete. If you wish to do so, please contact us.
Getting Data Stored About You Removed
You can request that we erase or stop processing information we store about you, if there is no longer a reason for us to do so.
In some circumstances we may also be able to restrict the use of your data. So we’ll still store it, but will no longer process it.
If you want to object to how we use your data, ask us to remove it, or restrict how we process it, please contact us.
Like many other Web sites, www.themotionmonkey.co.uk makes use of log files. The information inside the log files includes internet protocol ( IP ) addresses, type of browser, Internet Service Provider ( ISP ), date/time stamp, referring/exit pages, and number of clicks to analyse trends, administer the site, track user’s movement around the site, and gather demographic information. IP addresses, and other such information are not linked to any information that is personally identifiable. Log files are stored on the server that hosts the website.
What are Cookies?
Cookies are small files stored on your computer by your web browser, when you visit a website or web page. They can be used to save user preferences (for instance, to eliminate repeat form filling), record user-specific information on which pages the user visits and customise web page content based on visitors, browser type or other information that the visitor sends via their browser. They are a necessary requirement of most online shopping cart systems and are used by most popular web analytics systems (such as Google Analytics), to allow webmasters to monitor behaviour of visitors to their website.
The web as we know it would not work without cookies and all the cookies we use on this website enable us to provide a better user experience to you.
Cookies We Use on This Website
Web analytics give webmasters a wealth of information about how visitors interact with their website, allowing them to fine tune content to give a better, more relevant experience to their users. We use Google Analytics on this website for this purpose.
We don’t store, or get access to any data about individual users that can be used to identify them personally and we don’t enable any remarketing features (that track your behaviour across websites and allow ads to follow you around the internet).
If you wish to disable cookies, you may do so through your individual browser options. More detailed information about cookie management with specific web browsers can be found at the browsers’ respective websites.
Adobe Flash Shared Objects
www.themotionmonkey.co.uk includes Flash applications and games embedded via the Adobe Flash Player plug-in. These Flash elements may store information on the local computer, in the form of a Flash Shared Object (Flash specific version of a cookie). For example, these may be used in the implementation of in-game embedded analytics (e.g. Mochibot, Memecounter) which allow game developers to monitor traffic to their game across multiple websites, to save a user’s in-game progress, or settings and in the implementation of embedded in-game advertising, such as Mochiads. You can disable and manage the use of Flash Shared Objects on your computer in the Flash Player settings.
You also have the right to report any concerns to the appropriate supervisory authority. In the UK that is the Information Commissioner’s Office.