PRIVACY POLICY

Data protection is a high priority and BrandDNA Limited is committed to protecting and respecting your privacy.


This Privacy Policy applies to BrandDNA Limited’s website at www.branddna.uk (the “Website”). This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by BrandDNA Limited (“BrandDNA”) under the Data Protection Act 1998 (“DPA”) and the General Data Protection Regulations (“GDPR”).

For the purpose of the DPA and GDPR, BrandDNA is the data controller and any enquiry regarding the collection or processing of your data should be addressed to Rob King, 1 Drummond House, Balmoral Gardens, Windsor, Berkshire, SL4 3SG.

As the controller, BrandDNA has implemented measures to ensure the most complete protection of personal data processed through this Website. However, Internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed. For this reason, every visitor is free to transfer personal data to us via alternative means, e.g. by telephone.

Name and Address of the controller

Controller for the purposes of the General Data Protection Regulation (GDPR) is:

BrandDNA Limited, 1 Drummond House, Balmoral Gardens, Windsor, Berkshire, SL4 3SG, United Kingdom
Phone: 07941 178 302, Email: rob@branddna.uk. Website: www.branddna.uk

Information we collect

We will collect personal data on this Website only if it is directly provided to us by you the user, e.g. your name and e-mail address and, therefore, has been provided by you with your consent. Normally you will only provide such details if you make an enquiry relating to our services or request to receive our Brand Blueprint report.   

We also use analytical and statistical tools that monitor details of your visits to our website and the resources that you access, including, but not limited to, traffic data, location data, weblogs and other communication data (but this data will not identify you personally). 

  • Squarespace analytics   
    The Website is connected to Squarespace Analytics, a reporting platform that gives insight into how the site is performing. The platform records visitors’ activity via JavaScript in the browser, placing cookies on visitor’s browsers to help the Website run effectively, provide the best experience for visitors, and help us learn more about traffic to the site. A cookie banner has been added to the Website to inform visitors about the site’s cookies but prevents Squarespace from sending analytics cookies to visitors until they click “Continue” on the cookie banner. The Activity Log, which is a searchable list of every time a visitor accessed a URL (a page) on the Website in the past seven days, has been disabled.

As with existing law, the GDPR requires that certain safeguards be put in place when transferring personal data outside the EU. Squarespace already self-certified to the EU-US Privacy Shield, which allows it to lawfully transfer EU personal data to its US-based datacenters. Squarespace may soon also certify to the Swiss-US Privacy Shield. Further information about Squarespace’s Privacy Shield certification(s) may be retrieved under https://www.privacyshield.gov/participant?id=a2zt0000000GnjcAAC&status=Active. Squarespace respects your privacy. Further information may be retrieved under https://www.squarespace.com/privacy/.

  • Google analytics

The Website uses Squarespace’s built-in integration to connect the site to Google Analytics for visitor tracking and other reporting like the number of users, sessions, bounce rate, session duration. Google Analytics mainly uses first-party cookies to report on user interactions. Google Analytics reports are broken down into four key categories: Audience reports, Acquisition reports, Behavioural reports and Conversion reports.

Google Analytics consists of JavaScript on each page of the Website, a data collection service on Google’s servers and a processing engine that creates report data. BrandDNA does not keep a backup of data. Data that is collected, processed and stored using Google Analytics is secure and kept confidential.  

Google Analytics places a cookie on the information technology system of the visitor. The cookie is used to store personal information, such as the access time, the location from which the access was made, and the frequency of visits of our Website by the visitor. With each visit to our Internet site, such personal data, including the IP address of the Internet access used by the visitor, will be transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may pass these personal data collected through the technical procedure to third parties.

The visitor may prevent the setting of cookies through our Website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such an adjustment to the Internet browser used would also prevent Google Analytics from setting a cookie on the information technology system of the visitor. In addition, cookies already in use by Google Analytics may be deleted at any time via a web browser or other software programs.

In addition, the visitor has the possibility of objecting to a collection of data that are generated by Google Analytics, which is related to the use of this Website, as well as the processing of this data by Google and the chance to preclude any such. For this purpose, the visitor must download a browser add-on under the link https://tools.google.com/dlpage/gaoptout and install it. This browser add-on tells Google Analytics through a JavaScript, that any data and information about the visits of Internet pages may not be transmitted to Google Analytics. The installation of the browser add-ons is considered an objection by Google. If the information technology system of the visitor is later deleted, formatted, or newly installed, then the visitor must reinstall the browser add-ons to disable Google Analytics. If the browser add-on was uninstalled by the visitor or any other person who is attributable to their sphere of competence, or is disabled, it is possible to execute the reinstallation or reactivation of the browser add-ons.

Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/ and under http://www.google.com/analytics/terms/us.html. Google Analytics is further explained under the following link: https://www.google.com/analytics/.

  • 1&1 Internet, Ltd (“1&1”)
    The Website’s contact forms collect information from visitors and passes the submissions from the form to an external storage option – an email address – accessible via Microsoft Outlook. The default email address is “rob@branddna.uk”. The forms include an email address field, so we can reply to the email to respond to the person who submitted the form. The administrator’s email address in managed by 1&1 – the email provider. All emails are stored in 1&1 Webmail which is accessible via the administrator’s laptop, smartphone and tablet.

1&1 comply with all relevant data protection legislation. Further information may be retrieved under https://www.1and1.co.uk/terms-gtc/terms-privacy/?

Use of your information

We may hold and process personal data that you provide to us in accordance with the DPA and GDPR.  The information that we collect and store relating to you is primarily used to enable us to provide our services to you, and to meet our contractual commitments to you. In addition, we may use the information to notify you about changes to our website, such as improvements or service/product changes that may affect our service.

Disclosure of your information

We may disclose your information to regulatory bodies to enable us to comply with the law and to assist fraud protection and minimise credit risk. If you do not want us to use your data for our third parties’ use, you will have the opportunity to withhold your consent to this by writing to us at the address detailed above or sending us an email to rob@branddna.uk at any time.

Controlling the use of your data

If you have given us consent to use your data for a particular purpose you can revoke or vary that consent at any time. If you do not want us to use your data or want to vary the consent that you have provided you can write to us at the address detailed above or email us at rob@branddna.uk at any time.

Where we store and transfer your data

As part of the services offered to you, for example through our Website, the information you provide to us may be transferred to and stored in countries outside of the European Economic Area (EEA) as outlined above. We may disclose your personal data outside of BrandDNA (a) in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets; and (b) if BrandDNA’s business is bought by a third party, in which case personal data held by it about its customers will be one of the assets to transfer to the buyer. However, any such transfer will only be on terms that the confidentiality of your personal data is protected and that the terms of this privacy policy will continue to be complied with by the recipient.

Otherwise, we will process, disclose or share your personal data only if required to do so by law or in the good faith belief that such action is necessary to comply with legal requirements or legal process served on us or the website.

Security

The transmission of information via the Internet or email is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of data while you are transmitting it to our Website; any such transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.

Third party links

The controller has connected the Website to social media accounts including LinkedInand Twitter. These websites have their own privacy policies, which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.

  • LinkedIn
    The controller has connected the Website to LinkedIn, a web-based social network that enables users with existing business contacts to connect and to make new business contacts. If the visitor clicks on the LinkedIn button integrated on our website, they will be redirected to the BrandDNA LinkedIn page, provided that the visitor has a LinkedIn account. The purpose of the connection with LinkedIn is to increase visitor numbers to our BrandDNA LinkedIn page.

The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, UNITED STATES. For privacy matters outside of the UNITED STATES LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible.

LinkedIn provides under https://www.linkedin.com/psettings/guest-controls the possibility to unsubscribe from e-mail messages, SMS messages and targeted ads, as well as the ability to manage ad settings. LinkedIn also uses affiliates such as Eire, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua, and Lotame. The setting of such cookies may be denied under https://www.linkedin.com/legal/cookie-policy. The applicable privacy policy for LinkedIn is available under https://www.linkedin.com/legal/privacy-policy. The LinkedIn Cookie Policy is available under https://www.linkedin.com/legal/cookie-policy.

  • Twitter
    The controller has connected the Website to Twitter, a multilingual, publicly-accessible microblogging service on which users may publish and spread so-called ‘tweets,’ e.g. short messages, which are limited to 140 characters. The purpose of the connection with Twitter is to increase visitor numbers to the BrandDNA Twitter page and to encourage visitors to share their experiences to other Twitter users.

The operating company of Twitter is Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, UNITED STATES. The applicable data protection provisions of Twitter may be accessed under https://twitter.com/privacy?lang=en.

  • YouTube
    The controller has embedded a background video to play on loop without sound to add a dynamic visual effect to the Website. The video is set to Public/Unlisted and is set to allow embedding and is saved on the BrandDNA YouTube channel. It is not possible to upload a video directly to the BrandDNA website, so the video’s URL has been embedded directly into the BrandDNA website. YouTube installs cookies to register a unique ID that is used by Google to keep statistics on how the visitors use YouTube videos across different websites; to try and estimate the visitor’s bandwidth on pages with integrated YouTube videos; and to keep statistics of what videos from YouTube the user has seen. The data is sent to United States.

The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, UNITED STATES. The YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, UNITED STATES.

YouTube's data protection provisions, available at https://www.google.com/intl/en/policies/privacy/, provide information about the collection, processing and use of personal data by YouTube and Google.

Period for which the personal data will be stored

The criteria used to determine the period of storage of personal data is the respective statutory retention period. All contact form submissions passed to the Website’s email address will be stored until such time that the Data Subject requests their information to be deleted, or BrandDNA has no legitimate reason to store it. Google Analytics has been set to retain data for 14 months. When data reaches the end of the retention period, it is deleted automatically on a monthly basis. However, if a user initiates a new session every month, then that user’s identifier is refreshed every month and never reaches the 14-month expiry. If the user doesn’t initiate a new session before the retention period expires, then that user’s data is deleted.

Use of cookies

Our Website uses cookies. We use different classes of cookies to gather information about your computer for our services and to provide statistical information regarding the use of our Website. Such information will not identify you personally - it is statistical data about our visitors and their use of our Website. This statistical data does not identify any personal details whatsoever. We may also gather information about your general Internet use by using a cookie file. Where used, these cookies are downloaded to your computer automatically. This cookie file is stored on the hard drive of your computer, as cookies contain information that is transferred to your computer's hard drive. They help us to improve our Website and the service that we provide to you. All computers have the ability to decline cookies. This can be done by activating the setting on your browser which enables you to decline the cookies. Please note that should you choose to decline cookies, you may be unable to access particular parts of our Website. 

Necessary:

  • CookieConsent – stores the user’s cookie consent state for the current domain

Statistics:

  • _ga – registers a unique ID that is used to generate statistical data on how the visitor uses the website
  • _gid - registers a unique ID that is used to generate statistical data on how the visitor uses the website
  • _gat – used by Google Analytics to throttle request rate
  • p.gif

Marketing:

  • collect – used to send data to Google Analytics about the visitor's device and behaviour. Tracks the visitor across devices and marketing channels
  • VISITO_INFO1-LIVE - tries to estimate the users' bandwidth on pages with integrated YouTube videos
  • PREF - registers a unique ID that is used by Google to keep statistics of how the visitor uses YouTube videos across different websites
  • YSC - registers a unique ID to keep statistics of what videos from YouTube the user has seen

Unclassified:

  • test
  • crumb
  • ss_cvr
  • ss_cvt
  • ss_cid
  • ss_cvisit
  • ss_cpvisit

Your rights

The DPA and GDPR give you the right to access information held about you by us. Please write to us or contact us by email if you wish to request confirmation of what personal information we hold relating to you. You can write to us at the address detailed above, or by email to rob@branddna.uk. There is no charge for requesting that we provide you with details of the personal data that we hold. We will provide this information within one month of your requesting the data.

You have the right to change the permissions that you have given us in relation to how we may use your data. You also have the right to request that we cease using your data or that we delete all personal data records that we hold relating to you. You can exercise these rights at any time by writing to us at the address detailed above, or by email to rob@branddna.uk.

Changes to this policy
We may modify this Privacy Policy from time to time, and will post the most current version on the Website. We welcome any queries, comments or requests you may have regarding this Privacy Policy. Please do not hesitate to contact us at 1 Drummond House, Balmoral Gardens, Windsor, Berkshire, SL4 3SG or rob@branddna.uk.