PRIVACY POLICY
1.0 OUR VIEW ON PRIVACY AND DATA PROTECTION
- We have a responsibility to only collect the data we absolutely need.
- We have a duty to ensure that the data we collect is protected to the best of our ability using methods such as encryption.
- Data collected should only be used for the express purpose that it was collected for. If the scope of use increases, consent should be obtained first.
- We will never share, sell or distribute your data.
2.0 RELEVANT LEGISLATION
Our data protection, data processing and user privacy policies are designed to comply with the following legislation:
3.0 DATA THIS WEBSITE COLLECTS AND WHY WE COLLECT IT
This website collects and transmits various data, some of which is classed as personally identifiable information (PII). A full breakdown of the data collected by this website is as follows
3.1 Analytics and visitor tracking
We use website analytics to allow us to understand how visitors use our website. We do this so that we can improve our service to offer a better experience to our visitors. For this purpose we use two third party companies:
- Google Analytics
- Hotjar
More information on these companies can be found in section 7.
3.2 Contact forms and email links
When you contact us using our contact page or an email link the information you submit is sent directly to us by email to iain@lomi.design . This data is never stored on the website itself. The personally identifiable information we collect through our contact form and why we need it is as follows:
- Full name – So we know who is making the enquiry
- Email – So we can reply to the enquiry
More information on how the information sent via email is stored can be found in section 5.
3.3 Live Chat
We provide a live chat facility on the website for visitor convenience, which will appear as a contact form when no-one is available to chat. More information can be found in section 7.
4.0 LAWFUL BASIS FOR PROCESSING DATA
The legal bases for us collecting data are:
- Consent
We have received clear consent from the data subject to use their data only in the ways made clear to them. - Contract
We need to process the data to fulfil a contract entered into with the data subject, such as a project or web hosting. - Legitimate Interest
Where we need to record information for reference purposes to recall later, for example an incoming email enquiry, or notes made during a telephone call. For example, it can be useful to refer to keep a history of interactions with a client to provide historical data to aid in dealing with future enquiries.
5.0 HOW WE STORE YOUR PERSONAL INFORMATION
This website does not store any of the personally identifiable information submitted through forms or email links. Instead, the information is sent to us by email, and is stored within our email system. Our email service is provided by Google, who we consider to be a data processor. Emails are retained for reference until consent is withdrawn, which can be done by emailing info@lomi.design. All data stored within Google, including email, is SSL encrypted during transit, and is encrypted at rest. See for more information see Google’s Privacy Policy. Any personal data that we store on our internal computers is encrypted at rest. We do not use automated decision-making software to profile your data.
6.0 ABOUT OUR WEB HOSTING SERVERS
Both this website, along with some other websites we host, are stored on a VPS (Virtual Private Server) provided and maintained by eUKhost, and stored in a Node4 data center. Some of the more notable security features of the data centre are as follows:
- ISO27001 accredited
- 24 x 7 on-site security strict access policy
- Photo ID & zonal swipe card entry & anti-tailgating technology
- External and internal CCTV centrally monitored
- Perimeter fencing with controlled gate access
- Reinforced walls
- See full list…
All traffic (transferral of files) between this website and your browser is encrypted and delivered over HTTPS.
7.0 OUR THIRD-PARTY DATA PROCESSORS
We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out in section 2. All of the USA-based companies we use to process data are EU-U.S Privacy Shield compliant.
Our third party data processors for information obtained via the website are as follows:
- Google (Privacy policy)
Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. We consider Google to be a third party data processor (see section 7 below).GA makes use of cookies, details of which can be found on Google’s developer guides.Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website. - Hotjar (Privacy policy)
We also use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices (in particular device’s IP address (captured and stored only in anonymized form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website). Hotjar stores this information in a pseudonymized user profile. Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user. For further details, please see Hotjar’s privacy policy.You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of our site and Hotjar’s use of tracking cookies on other websites by following this link. - Tawk.to (Data Protection Policy)
Our live chat service is provided Tawk.to. We consider Tawk.to to be a third party data processor. Data transmitted to or from Tawk.to is sent via an SSL encrypted connection, and the data is encrypted while at rest. Tawk.to do not share the information, nor do they engage in any data mining for advertising purposes and have a strict NO AD policy. You can find out more in the Tawk.to Data Protection Policy. - Mailgun ( Privacy Policy, GDPR Compliance Statement )
We use a service called Mailgun to send emails from some of our websites and bespoke software. Mailgun is a premium email provider that specialise in highly reliable delivery for automated emails sent from web based software. In cases where emails sent from a website or web software are important and cannot afford to end up in spam, or bounce in any way, Mailgun is our go-to solution for ensuring those important emails are guaranteed to be delivered.
8.0 COOKIES
A cookie is a small text file stored by the browser, which can be read back by the browser later. Cookies are used to help a website remember information, and without them many websites would be severely impaired and unable to offer many basic functions. The cookies on our website can be divided into two types:
- Essential cookies – vital for core website functionality
These cookies are necessary for functions such as remembering if a user is logged in or not, their location, their preferred language as well as preferences such as whether cookies are allowed or not. Turning off these kinds of cookies will severely impact the usability of the website. - Optional cookies – not vital
These cookies include those used for tracking visitor behaviour so we can establish which pages are the most popular, which pages aren’t working, what kind of device (eg. Desktop, MacBook, iPhone) our visitors use. All of this helps us to optimise our website so we are catering for the correct audience, showing relevant content and that our website works well across the most popular devices. Other similar cookies include those used by the live chat service. Turning off these types of cookies will mean we can’t tell when you’ve visited our website, what you did while you were there, and that some services such as live chat won’t appear as they rely on cookies for their basic operation. More info on our third party cookies providers Google, Hotjar and Tawk.to can be found in section 7.
To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.
9.0 DATA BREACHES
We will report any unlawful data breach of this website or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
10.0 DATA REQUESTS
If you would like to amend, delete or request access to any data we hold on you, or to discuss anything else about how we process your data you can contact us by one of the following methods:
- Telephone: 01792 809138
- Email: info@lomi.design
- Via our contact page
11.0 DATA CONTROLLER
The data controller of this website is:
Iain Horne
Proprietor / Director
01792 809138
iain@lomi.design
12.0 DATA PROTECTION OFFICER
Mr Iain Horne
Proprietor / Director
01792 68 71 72
iain@lomi.design
13.0 CHANGES TO OUR PRIVACY POLICY
We may update this privacy policy from time to time, and suggest that you check back regularly to keep up to date with any changes. Any major changes will be made clear in a change log format when applicable.