Your privacy is important to us. This privacy statement explains:
- What personal data is collected by the owner of this web site or provided by you, through our interactions with you and your use of our web sites (https://bluestar.london), apps and any other computer technology
- How your personal data will be used, where it is held, how long it will be kept and your rights.
Definitions And Interpretation
In this privacy, the following definitions are used:
Data controller means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.
Data processor, in relation to personal data, means any person (other than an employee of the data controller) who processes the data on behalf of the data controller.
“You”, “your” or “data subject” means:
- Visitors to our websites;
- Subscribers to any service we offer through our sites;
- Prospective or existing clients corresponding with us by phone, e-mail or otherwise;
- Job applicants.
Data controller, “we”, “us” and “our” means:
Blue Star IT Consulting Limited trading as Blue Star London and its data processors;
Personal data means any information relating to an identified or identifiable natural person (data subject).
An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. The definition incorporates, where applicable, the definitions provided in the General Data Protection Regulation (EU 2016/679).
Sensitive Personal Data
The GDPR refers to sensitive personal data as “special categories of data”. Please see “Special categories of data”.
Special Categories Of Personal Data
Means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
Who We Are (Identity Of The Data Controller)
For the purpose of the General Data Protection Regulation the data controller is Blue Star IT Consulting Limited with company registration number 09908394 and the registered address at 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
PERSONAL DATA WE MAY COLLECT FROM YOU
Most of the personal information we process is provided to us directly by you for the following reasons:
We collect the information provided by you to operate effectively and provide you the best experiences with our websites, products and services. You provide some of this information by filling in the contact forms on our websites, creating an account at our websites, corresponding with us by phone, e-mail or otherwise, subscribing to any service we offer through our site, sending us a query or feedback, signing up for information on events, uploading a document with your enquiry, making a booking on our websites, purchasing services via our websites, participate in discussion boards or other social media functions on our websites, participating in a promotion or a survey, providing your postcode, reporting a problem.
The information you may provide us is Personally Identifiable Information that identifies an individual or may with reasonable efforts cause the identification of an individual, and may include the following data:
First name, surname, e-mail address, phone number, credentials: we collect passwords, password hints and similar security information used for your authentication and account access, services provided, your messages and enquiries which might contain but not limited to: your company name, web site link, IT infrastructure description
We do not sell any products or services for purchase by children. If you are under 16, you may use our websites only with the involvement of your holder of parental responsibility. We do not knowingly collect personal information from children below 16 without the consent of the child’s holder of parental responsibility.
Information You Provide About Others
In providing personal data about other individuals (such as someone in whose name you are registering an account or subscribing to our marketing promotions), you represent that you have notified them of (i) the purposes for which information will be used (ii) the recipients of their personal data and (iii) how they can access and correct the information. You further represent that You have obtained all necessary consents from them.
This technical information might have included:
Device and connectivity information such as IP (Internet Protocol) address, browser type and version, language settings, time zone settings, browser plug-in types and versions, pages you viewed or searched for, full uniform resource locators (URL), methods used to browse away from the page, clickstream to, through and from the site (including date and time), length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), log information, such as error reports, download errors, any problems experienced while accessing our websites.
We do not match information collected automatically through cookies and analytics tools with other personally identifiable information you may have provided to us when you created an account or submitted a form or contacted us in any other way.
A cookie is a small file, typically of letters and numbers, downloaded on to a device when the user accesses certain websites. Cookies allow a website to recognise a user’s device.
We might use the following cookie types to recognise you when you visit our website or use our services:
A session cookie exists only in temporary memory while the user navigates the website.Web browsers normally delete session cookies when the user closes the browser.
A persistent cookie expires at a specific date or after a specific length of time. This means that, for the cookie’s entire lifespan (which can be as long or as short as its creators want), its information will be transmitted to the server every time the user visits the website that it belongs to.
A third-party cookie belongs to a domain different from the one shown in the address bar. This sort of cookie typically appears when web pages feature content from external websites. We may use them for website analytics and advertising purposes.
WHAT CAN YOU DO IF YOU DON’T WANT COOKIES TO BE SET OR WANT THEM TO BE REMOVED
Usually browsers accept cookies automatically, however you can control and/or delete cookies as you wish. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed.
Popular web browsers such as Google Chrome, Mozilla Firefox and Microsoft Edge allow you to:
- See what cookies you’ve got and delete them on an individual basis;
- Block third party cookies;
- Block cookies from particular websites;
- Block all cookies from being set;
- Delete all cookies when you close your browser.
DO NOT TRACK PREFERENCES
Do not track is a function that allows visitors to opt out from being tracked by websites for any purpose including the use of analytics services, advertising networks and social platforms. Do not track options are available in a number of browsers including:
- Google Chrome: https://support.google.com/chrome/answer/95647?hl=en-GB
- Mozilla Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer
For other browsers, please consult the documentation that your browser manufacturer provides.
WE MAY USE THE FOLLOWING TRACKING AND ANALYTICAL TOOLS
Google Analytics collects information anonymously. It reports how website is accessed and used by visitors without identifying individual visitors. You can opt out of Google Analytics without affecting how you visit this site. For more information on Google Analytics, please visit https://support.google.com/analytics/answer/6004245
Facebook Pixel collects information anonymously. It reports how website is accessed and used by visitors without identifying individual visitors.
HubSpot Analytics is using a third-party cookie to track your interaction with our websites and services. This information can be used to enrich HubSpot CRM data about relationship between our business and you as an existing or prospective customer.
Digital Advertising Alliance
You can opt out of interest-based targeting provided by participating ad servers through the Digital Advertising Alliance (http://youradchoices.com). In addition, on your iPhone, iPad or Android, you can change your device settings to control whether you see online interest-based ads.
SOCIAL MEDIA FEATURES AND WIDGETS
Our Website might include certain Social Media features and widgets, such as:
- Facebook share
- Facebook like
- Twitter share
- Twitter subscribe
- VKontakte share
- LinkedIn share
These Social Media features may collect information such as your IP address or which page you are visiting on our Website, and may set a cookie to enable them to function properly. Social Media Features are either hosted by a third party or hosted directly on our website. Please be aware that if you choose to interact or share any Personal Information via such widgets, you are in fact providing it to these third parties and not to us. Your interactions with these third parties are managed by these Social Media policies and not ours. For example, you will not be able to use the “Facebook Like” button if you are not logged in to your Facebook account. Once you use the button this will be associated with your Facebook history, but we will not process this information.
INFORMATION WE MIGHT OBTAIN FROM THIRD PARTIES
We might obtain some non-personally identifiable information from third parties. We protect data obtained from third parties according to the practices described in this statement, plus any additional restrictions imposed by the source of data.
We might insert advertising on our partner websites, social networks or advertisement networks who might categorise website visitors with similar characteristics or interests into non-personally identifiable data segments and offer these segments to their own clients, visitors and subscribers. For example, if a person expresses an interest in cryptocurrency or beauty products, they might see a banner with similar themed advertisement.
We might obtain and record information that an advertisement was requested or shown, how many times, the target geography of the advertisement (which will not include an IP address or specific personally identifiable location and any user interactions with the advertisement or the page where the advertisement appears. This information is used for analysis, reporting and troubleshooting.
Trusted Partners (Data Processors) Who Work On Our Behalf Under Confidentiality Agreements And Might Store, Maintain Or Process Your Data:
We have partnered with a number of authorised service providers (data processors), whose services and solutions complement, facilitate and enhance our own under written confidentiality agreements that guarantees that the requirements of the GDPR will be met and the rights of data subjects are protected. Data processors only act on behalf of our documented instructions. They have direct responsibilities under the GDPR and may be subject to fines or other sanctions if they don’t comply.
These might include:
Hosting providers, Information technology service providers, data and cyber security services, web analytics, e-mail distribution and monitoring services, marketing services, content delivery networks (CDNs), our legal and financial advisers, accountants, insurance brokers and companies, delivery services
Such data processors may receive or otherwise have access to your identifiable or non-identifiable personal data, in its entirety or in part – depending on each of their particular roles and purposes in facilitating and enhancing our Services and business, and may only use it for such purposes. Under no circumstances may data processors will use the data for their own purposes.
Your personal data might be maintained, stored and processed at a destination inside the European Economic Area.
Once this contract is concluded, data processor will return data to us or transmit to another processor appointed by us, and erase any copy in its possession. However, the processor may keep the data locked to address possible administrative or jurisdictional responsibilities.
We will keep your personal data during the performance of an oral or written contract between you and us or during the communication process related to the steps prior to entering a prospective verbal or written contract.
We may continue to retain such Personal Information even after the contract between parties terminates, as reasonably necessary to comply with our legal obligations or to protect our legitimate interests if applicable (Please see paragraph “Lawful basis and the purposes of the processing (Uses made of your personal information)”). We will use reasonable endeavours to ensure your data is up-to-date. As a data subject you have rights related to maintenance, storage and processing of your personal data. Please see paragraph “Your rights”.
Unless otherwise specified, where you have indicated to us that you are happy for us to send you the information about goods and services we offer and we feel may interest you or similar to those that you have already purchased or enquired about do so, we assume you are happy for us to keep your collected personal data. We may retain your Personal Information (contact details) for as long as your User Account is active or as otherwise needed to provide you with information about our services. As the data subject you have rights related to processing of your personal data and the option of withdrawing your consent to receive promotions at any time. Please see paragraph “Your rights”.
LAWFUL BASIS AND THE USES MADE OF YOUR PERSONAL INFORMATION
We process all personal data lawfully, fairly and in a transparent manner. We use the data we collect for the following basic purposes, described in more detail below:
1. To take steps at the request of the data subject prior to entering into a business relationship (oral or written contract):
1.1 By contacting us by means specified in paragraph “Personal Data you provide us voluntarily”,we assume that processing is necessary for the performance of a business relationship (oral or written contract) or in order to take steps prior to entering into a business relationship (oral or written contract), and therefore the lawful basis is Contract and our Legitimate interests.
1.2 We will use the provided information to operate effectively and do our best to respond to your enquiry. Once you enter into a business relationship (oral or written contract) with us, we will invoice our services and offer you post-sales service and loyalty if required.
2. We might hold your information for as long as is necessary to comply with our and legal obligations and in accordance with our legitimate interests as a data controller after the contractual relationship between you and us elapses. The lawful basis for such retention is Legitimate interests and Legal obligation. As the data subject you have rights related to maintenance, storage and processing of your personal data. Please see paragraph “Your rights”.
3. To send you communications, including promotional communications and advertising with your explicit consent or allow you to participate in interactive features of our service, when you choose to do so. The lawful basis for such processing is Consent.
3.1 If you wish not to receive such promotional e-mails, you may withdraw your consent at any time by contacting us as described in paragraph “Your rights” or follow the “unsubscribe” or instructions contained in the promotional communications you receive.
4. Website improvement
We might use your automatically collected data such as IP address and browser data for our Website improvement, such as:
4.1 To administer our site and for internal operations, including data security, troubleshooting, testing, statistical and survey purposes;
4.2 To ensure that content from our site is presented in the most effective manner for you and for your device. The lawful basis for such processing is Legitimate interests.
DISCLOSURE OF INFORMATION TO THIRD PARTIES
We do not rent, sell, or share personal information about you with other people or non-affiliated companies without your consent except to provide products or services you’ve requested, when we have your permission, or under the following circumstances:
- We provide the information to trusted partners who provide us services under confidentiality agreements, specified in Paragraph “Trusted partners (data processors) who work on our behalf under confidentiality agreements and might store, maintain or process your data. These companies do not have any independent right to share this information.
- We may disclose your information to third parties when we reasonably believe we are obligated to do so by law, and in order to investigate, prevent, or take action regarding suspected or actual prohibited activities, including but not limited to, fraud and situations involving potential threats to the physical safety of any person.
You can find detailed information related to data location in paragraphs “Where Do We Store Your Information?” and “Trusted partners (data processors) who work on our behalf under confidentiality agreements and might store, maintain or process your data”
Law Enforcement, Legal Requests And Duties
We may disclose or otherwise allow others access to your Personal Information pursuant to a legal request, such as a subpoena, legal proceedings, search warrant or court order, or in compliance with applicable laws, if we have a good faith belief that the law requires us to do so, with or without notice to you. Your details may also be disclosed to the police and law enforcement agencies for the purpose of fraud detection, crime prevention and national security.
You have the following rights in accordance with the General Data Protection Regulation
1. THE RIGHT TO BE INFORMED. In this privacy statement we supply you detailed information related to your personal data storage, maintenance and processing.
2. THE RIGHT TO ACCESS INFORMATION HELD ABOUT YOU.
3. THE RIGHT TO RECTIFY YOUR PERSONAL DATA if it is inaccurate, incomplete or out-of-date.
4. THE RIGHT TO ERASURE (DELETE OR REMOVE) YOUR PERSONAL DATA.
5. THE RIGHT TO RESTRICT (BLOCK) PROCESSING. When processing is restricted, we will store your personal data, but not further process it.
6. THE RIGHT TO DATA PORTABILITY is your right to receive the personal data which you have given to us, in a structured, commonly used and machine-readable format and the right to transmit that data to another controller from the current controller applicable if: The processing is based on consent or on a contract, and the processing is carried out by automated means.
7. RIGHTS RELATED TO AUTOMATED DECISION MAKING INCLUDING PROFILING.
8. THE RIGHT TO WITHDRAW YOUR CONSENT OR OBJECT TO DIRECT MARKETING AND OTHER TYPES OF PROCESSING IF APPLICABLE.
You can exercise your rights by contacting us at firstname.lastname@example.org
THE RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY
You have The right to lodge a complaint with a supervisory authority if you have a concern about our information rights practices.