What’s the tl;dr?
We only collect data where you have given your consent or when it is for our legitimate interests. You remain the owner of your data: if you want to learn what data we have on you or would like us to delete it, please email firstname.lastname@example.org.
What’s the long version?
Human Made Ltd is on the ICO’s Data Protection Register. Our registration number is ZA094962.
We’re serious about protecting your data. In this note, you’ll find out:
- The personal data that we collect;
- Where we got your personal data from;
- Your personal data rights;
- Your right to object to our processing your personal data and withdrawing consent;
- How and when we use that personal data;
- Whether we share your personal data with anyone else;
- For how long will we keep your personal data;
- How you can access your personal data;
What data do you collect?
When you browse our website, the personal data that we collect includes your anonymized IP address, the pages you viewed, the time of your requests, the time spent on a page, mouse events, keypresses, browser, and operating system and version. We collect your personal data using Google Analytics, Hotjar, New Relic, and AWS. If your browser sends a Do Not Track signal, we do not collect any data via Hotjar.
We always ensure that we have a lawful basis for processing the personal data that we collect. When you browse our website, the lawful basis for processing your data is that it is necessary for our legitimate interests to understand how people are using our website in order to improve the experience for our visitors.
If you sign up to one of our mailing lists, or fill in a form to get access to a specific publication or to contact us, the personal data we collect includes your full name and email address, as well as your full IP address, user agent, and referrer for anti-spam measures. We collect your personal data from you, via our website, when you have completed our sign-up or content request form. In this case the lawful basis for processing your data is that it is consent.
Okay, great. What are my rights?
You have the right to request access to your personal data, amendments to it, and for it to be deleted. Further information about those rights along with your right to withdraw any consent you’ve given or object to our processing your data can be found in our data protection policy by clicking here. That policy also includes who to speak with if you have any queries about our approach to processing your personal data.
But just what are you doing with that data?
We’re committed to using your personal data responsibly and lawfully. Here’s what we do with your personal data:
- We use data collected from our website visitors, including anonymized IP address, viewed pages, time of visit, time spent on site, browser information, mouse movement, keypresses, and operating system and version information to understand the user journey on our website so that we can better tailor the experience for all of our website visitors.
- If you signed up to our mailing list or filled in a form to get access to a specific publication, we may communicate with you in the form of a newsletter, direct message, or email. This is so we can update you about Altis, its events, products, services, industry news, and similar. We’ll always provide an opt-out button in case you don’t want to hear from us anymore.
Where is my data stored?
Where possible, we keep your data inside the EEA. Where we don’t, the following safeguards are in place:
- We use Google Analytics for website analytics, and your data may be transferred outside of the EU. When this happens, your data is protected by the EU-US and Swiss-US Privacy Shield Frameworks, adhered to by Google Analytics.
- We use New Relic for website analytics, and your data may be transferred outside of the EU. When this happens, your data is protected by the EU-US and Swiss-US Privacy Shield Frameworks, adhered to by New Relic.
- We use AWS as a cloud services platform, and your data may be transferred outside of the EU. When this happens, your data is protected by the EU-US and Swiss-US Privacy Shield Frameworks, adhered to by AWS (Amazon Web Services).
- If you’ve joined our mailing list, your name and email is stored with Mailchimp on their data servers in the US. Mailchimp has self-certified to both the EU-US Privacy Shield and Swiss-US Privacy Shield regimes, and lawfully transfers EU/EEA personal data to the US pursuant to their Privacy Shield Certification.
- If you’ve submitted a form to contact us, or get access to a specific publication, the data you entered into the form is processed by the following third-party services:
- Automattic (Akismet): on their data servers in the US, under EU-US and Swiss-US Privacy Shield
- Google: on their data servers in the US, under the EU-US and Swiss-US Privacy Shield
- Mailgun: on their data servers in the EU
- Zapier: on their data servers in the US, under the EU-US Privacy Shield
- In addition to these, if you’ve submitted a form to contact us, or get access to a specific publication, the data you entered into the form may or may not be processed by these third-party services:
- Apollo: on their data servers in the US, under the EU-US Privacy Shield
- Salesforce: on their data servers in the US, under the EU-US and Swiss-US Privacy Shield
- If you book a demo:
Do you ever share my data?
As a remote company that is heavily reliant on cloud technologies, your data will be shared with some third-party companies. When we share your data with third-parties we conduct an impact assessment to ensure that your data remains protected. The instances when we transfer data to a third-party are:
- When data is sent to Hotjar to track your user journey and experience on our website pages.
- When data is sent to AWS to deliver requests from our website.
- When data is sent to New Relic to monitor your behavior on our website.
- When data is sent to Google Analytics to monitor behavior and traffic to our website.
- When you sign-up to receive email communications from us and your name and email are stored in Mailchimp.
- When you fill in a form to get access to a specific publication, or to contact us, and your name, email, and company name as well as other data you submit via form are processed via Akismet (Automattic), Mailgun and Zapier and stored in G Suite (by Google) and may or may not be stored in Apollo and Salesforce.
- In addition to these, when you use a Calendly form to book a demo, your data is processed and stored by Calendly
How long do you keep my data for?
We only keep your data for as long as we require it for the purposes we outlined above. The maximum that we will keep your data for is:
- IP Address – 50 months
- Pages views – 50 months
- Time of requests – 50 months
- Time on a Page – 50 months
- Mouse events – 12 months
- Keypresses – 12 months
- Browser – 50 months
- Operating system and version – 24 months
Website visitors who request access to specific publications, or contact us:
- Name – 365 days
- Email address – 365 days
- Company name – 365 days
- Other user input on the contact form – 365 days
Mailing list members
- Name – 365 days
- Email address – 365 days
- For the duration of the hiring process.
Can I get a copy of my data?
Sure! You can ask us for a copy of the personal data that we hold on you by emailing email@example.com. We’ll ask you for copies of two types of approved identity in order to process your request (such as a passport and driving license). We will provide you with a copy of your data within one month of your request. You can also ask us to make corrections to data you consider to be inaccurate by emailing firstname.lastname@example.org.
A cookie is a small file (typically letters and numbers) which may be placed on your computer when you access our website. Through the cookie we can recognize your computer and browsing activity if you return to the website.
We use Google Analytics which allows us to collect information about how you use our site. If you access our website directly (and not via an email) your visits will be tracked anonymously. We use Google Analytics and Hotjar to understand how our website is being used in order to improve the experience for you. All user data is anonymous.
We use social buttons such as Twitter, Google, Facebook and LinkedIn to share or bookmark pages on our site or email updates. Those sites may collect information about your internet activity, including if your visit to our site (even if you don’t click on the button if you’re logged on to their site). You should check the privacy and cookies policy of each of these sites to see how they use your information and find out how to opt out and delete such information.
You are able to manage cookies. For more information click ‘here’. If you want to block all cookies all of the time you can set your computer preferences to do so.
Our website does not require you to input personal data to use it. You may however volunteer personal data such as your name and email address to request information, updates and our services. That information is required to deal with your query appropriately.
Any user of this website assumes all responsibility and risk for the use of this website and the Internet generally. Human Made disclaims all warranties, representations, or endorsements, expressed or implied, with regard to the data, information, and material included in, or accessible from, this website or the Internet, including, but not limited to, all implied warranties of merchantability, fitness for a particular purpose or non-infringement. Human Made has the right to discontinue, change or update any data, information, or material included in the website without prior notice, and they do not assume any legal liability or responsibility for the accuracy, completeness, or usefulness of any data, information, or material included in, or accessible from, this website. No advice or information given by Human Made or its affiliated companies shall create any warranty. Neither Human Made nor its affiliated companies warrant that the data, information, and material included in the website or on the Internet will be uninterruptible or error-free or that any data, information, software, or other material accessible from this website is free of viruses or other harmful components.