999 DESIGN GROUP. ("WE") ARE COMMITTED TO PROTECTING AND RESPECTING YOUR PRIVACY. SOMETIMES WE COLLECT AND PROCESS INFORMATION ABOUT AND FROM YOU IN ORDER TO PROVIDE YOU WITH OUR SERVICES AND KEEP IN TOUCH WITH YOU.
Our data protection policy sets out our commitments to protecting your privacy and identity and explains why and how we collect any personal data about you, including data that you provide to us, and how it will be processed. It covers personal information collected, used, processed and shared when you visit 999design.com (the “Site”) but also other circumstances through which 999 Design collects personal information, such as over the phone and by email.
Our policies and practices endeavour to ensure that we are fully compliant with the requirements of the General Data Protection Regulation (GDPR) and the Data Protection Act 1998. By visiting www.999design.com you are accepting and consenting to the practices described in this policy.
For the purpose of the Data Protection Act 1998 (the "Act") and the General Data Protection Regulation (the “regulation”), the data controller is 999 Design Group, The Mews, 42 Elliot Street, Glasgow, G3 8DZ.
PRINCIPLES OF DATA PROTECTION
999 Design is committed to following the principles of data protection as outlined under the GDPR. These principles are:
- Lawfulness, fairness and transparency
- Purpose limitation
- Data minimisation
- Storage limitation
- Integrity and confidentiality
COOKIES AND PERSONAL INFORMATION
We may collect and process the following data about you in order to meet our operational needs and fulfil legal requirements. We will only collect sufficient data for the purpose and do so when necessary and according to a lawful basis as outlined in the GDPR.
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information”.
We collect Device Information using the following technologies:
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site.
Additionally, if you make an enquiry through our website, or contact us on addresses provided through the website, we may collect your name, address, e-mail address and phone number as necessary for all parties legitimate interests. We refer to this information as “Enquiry Information”.
HOW DO WE USE YOUR PERSONAL INFORMATION?
We use the contact form data that we collect generally to:
- Communicate with you.
- Provide you with information or advertising relating to our products or services.
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimise our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
We use the Device Information that we collect to serve relevant adverts to you, such as on Facebook, where you have consented to this. We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users.
SHARING YOUR PERSONAL INFORMATION
We collect anonymous Personal Information with Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by using the links below:
- Facebook: https://www.facebook.com/settings/?tab=ads
- Instagram: https://help.instagram.com/615366948510230
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
DO NOT TRACK
Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below. Access requests are not subject to a fee, we will freely provide you with details of the information we hold about you and will do so within 30 days of the request.
The GDPR provides the following rights for individuals:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling.
Additionally, if you are a European resident we note that we only process your information to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, to the United States.
We may retain data for differing periods of time, for different purposes as required by statute and best practice and in order to fulfil contractual obligations, for legitimate interests or inline with other lawful basis for processing and in the spirit of the principles of GDPR. We endeavour to communicate the scope of retention when collecting data. We encourage you to get in touch with us should you wish to exercise your rights under GDPR, such as the right to erasure.
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at firstname.lastname@example.org or by mail using the details provided below:
999 Design Group
[Re: Privacy Compliance Contact]
The Mews, 42 Elliot Street, Glasgow, uG3 8DZ