Isabel Stainsby Translation Privacy Notice
Who I am:
I’m Isabel Stainsby, and I’m committed to maintaining the trust and confidence of my clients, colleagues and suppliers, and visitors to my professional Facebook page. This Privacy Notice outlines when, what and why I collect personal data, how I use it, the limited conditions under which I may disclose it to others, and how I keep it secure.
You may contact me in my capacity as Data Controller of the data under my powers, duties and liabilities, which according to EUROPEAN GENERAL DATA PROTECTION REGULATION (EU) 2016/679
0/1, 36 Waverley Street, Glasgow G41 2DZ, Scotland, UK, or via email
- Client, supplier and collaborator data.
Anyone interested in my services can contact me via the contact information provided on various translation websites, and some personal data must be collected in order to establish communication.
The legal basis for processing your data is to perform the services you request or to take necessary steps prior to fulfilling that request and complying with legal requirements.
I collect, store and use such personal data for the purposes of issuing a quote, providing translation, revision or consulting services that you request or to comply with legal requirements.
I do not use your personal data for marketing purposes.
Categories of data subjects
I hold data on clients, suppliers, collaborators, data processors and potential clients for legitimate interests.
Categories of personal data
Personal data collected may include your name, postal address, email address, telephone number, and ID or tax number, payment and delivery conditions, financial and bank account details.
The data in question will be retained throughout the business relationship only, or for the length of time stipulated to comply with legal and tax obligations.
Retention of personal data
Data relating to quotes will be retained for up to six months. In cases of work carried out, I am obliged to retain your personal data for seven years to comply with tax obligations. I will delete email communication after seven years.
Third party access
For administrative purposes, I have contracted the following company as a data processor for accountancy, administration and tax advice:
In the unlikely event that I send a text for revision or editing to a colleague, that text will be anonymised, so that your personal data will not appear, or the colleague will be asked to sign a confidentiality agreement if necessary. They will be advised of their legal obligations in relation to confidentiality and professional secrecy.
Other parties may have access to your personal data for administrative purposes, including my email hosting service. All these parties are GDPR-compliant (please also see the section on security measures below).
Your rights and obligations
I take all precautionary steps to guarantee the security, integrity and confidentiality of your personal data in compliance with the EUROPEAN GENERAL DATA PROTECTION REGULATION (EU) 2016/679, in relation to the processing of personal data and the free movement of such data.
You are entitled to access, modify, erase or contest the personal data that I hold, in accordance with the abovementioned EU regulation. Please send your request directly to me using the contact provided above, and I will act upon this as soon as possible, within a maximum of one month from the date of your request.
Please contact me on email@example.com if you have any concerns about how I process your personal data. You also have the right to lodge a complaint with the supervisory body in the UK or in the country where you live.
I take all possible precautionary measures to guarantee that your personal data is safeguarded.
Updates to computers and devices: The equipment used for storing and processing personal data is updated as frequently as possible.
Malware: Anti-virus software is installed on the equipment used for storing and processing personal data, to prevent the theft or destruction of this information. This anti-virus software is regularly updated
Firewall: Firewalls are in place on all devices used for storing or processing personal data, to avoid remote unlawful third-party access.
Back up: Personal data are periodically backed up on a device other than that used on a day-to-day basis. The copy is stored in a secure place, separate from the computer containing the original files, so that personal data can be recovered in the event of loss or damage. Should this back-up be done via electronic methods, an encrypted method is used to guarantee the confidentiality of the personal data, in the event of unlawful third-party access.
Technical measures: All electronic systems in use for storing or processing personal information are password-protected.
Hard copy: I frequently print out documents that I am translating for reference purposes. When I no longer need them, I store them in a lockable filing cabinet until there are enough to be shredded by an external confidential shredding service. This may be as long as eighteen months.
Breaches of personal data
In the event of a security breach of personal data, due to theft or unlawful access for example, I will notify the UK Data Protection Agency within 72 hours of this security breach. This will include all of the information necessary to clarify the circumstances under which this happened. Notification will be made electronically via the UK Information Commissioner’s Office online portal: https://ico.org.uk/
I have pages on the social media networks Facebook and LinkedIn, which include features such as share or like buttons. These features are provided by third-party social media platforms themselves.
This Privacy Notice was updated on 22 October 2018 and will be reviewed as and when necessary. Should any differences occur between the various language versions, the English language version will prevail.