+44 20 7946 0958

Privacy Policy for cantusbritaincor.info

Last updated: October 2023

This Privacy Policy explains how cantusbritaincor.info ("we", "us", "our") collects, uses, discloses, and protects your personal data when you visit our website or use our services. We are committed to ensuring your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Please read this policy carefully to understand our views and practices regarding your personal data.

1. Important Information and Who We Are

1.1 Purpose of this Privacy Policy

This Privacy Policy aims to give you information on how cantusbritaincor.info collects and processes your personal data through your use of this website, including any data you may provide through forms, subscriptions, or interactions. This policy does not apply to third-party websites linked from our site; we encourage you to review their privacy policies separately.

1.2 Controller

cantusbritaincor.info is the data controller and responsible for your personal data. If you have any questions about this policy, including any requests to exercise your legal rights, please contact us using the details below.

1.3 Contact Details

Email: privacy@cantusbritaincor.info
Postal address: [Insert physical address if applicable, otherwise omit]
Data Protection Officer (DPO): [Insert DPO name if appointed, otherwise state "We do not have a statutory requirement to appoint a DPO"]

1.4 Changes to the Privacy Policy

We may update this policy from time to time. We will notify you of any material changes by posting a notice on our website or by email where appropriate. The "Last updated" date at the top indicates when it was last revised. Your continued use after changes constitutes acceptance of the new policy.

2. The Data We Collect About You

We may collect, use, store, and transfer different kinds of personal data about you, which we have grouped as follows:

  • Identity Data: first name, last name, username or similar identifier.
  • Contact Data: email address, telephone numbers, postal address (if provided).
  • Technical Data: internet protocol (IP) address, browser type and version, time zone setting and location, operating system and platform, and other technology on the devices you use to access this website.
  • Usage Data: information about how you use our website, products, and services (e.g., pages viewed, time spent, clickstream data).
  • Marketing and Communications Data: your preferences in receiving marketing from us and your communication preferences.
  • User Generated Content: any content you post voluntarily (e.g., comments, forum posts, feedback).

We do not collect Special Categories of Personal Data (e.g., race, religion, health) without your explicit consent, nor do we collect criminal conviction data unless required by law.

3. How Is Your Personal Data Collected?

We use different methods to collect data from and about you, including:

3.1 Direct Interactions

You may give us your Identity, Contact, and other data by filling in forms, subscribing to newsletters, creating an account, contacting us via email, or using feedback mechanisms. This includes personal data you provide when you:

  • Subscribe to our newsletter or mailing list
  • Request information about our services
  • Participate in surveys or polls
  • Report a problem or submit a query
  • Register for an account (if applicable)

3.2 Automated Technologies or Interactions

As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies, server logs, and other similar technologies. Please see our Cookie Policy (available on our website) for further details.

3.3 Third Parties or Publicly Available Sources

We may receive personal data about you from various third parties and public sources, such as:

  • Analytics providers (e.g., Google Analytics)
  • Advertising networks (if applicable)
  • Publicly available registers (e.g., Companies House) where permitted by law

4. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Consent: Where you have given us explicit consent for processing (e.g., to send newsletters). You have the right to withdraw consent at any time.
  • Contractual necessity: Where we need to perform the contract we are about to enter into or have entered into with you (e.g., providing services).
  • Legal obligation: Where we need to comply with a legal or regulatory obligation.
  • Legitimate interests: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

4.1 Purposes for Which We Will Use Your Personal Data

We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Purpose/Activity Type of Data Lawful Basis for Processing Legitimate Interest (if applicable)
To register you as a new user or subscriber Identity, Contact Performance of a contract with you N/A
To manage our relationship with you (e.g., responding to inquiries, providing customer support) Identity, Contact, User Generated Content (a) Performance of a contract
(b) Necessary for our legitimate interests		 To keep records and resolve any issues effectively
To deliver relevant website content and measure effectiveness Identity, Contact, Technical, Usage Necessary for our legitimate interests To study how customers use our website, to improve user experience
To send you marketing communications (e.g., newsletters, updates) where you have consented Identity, Contact, Marketing Preferences Consent N/A
To use data analytics to improve our website, products, and services Technical, Usage Necessary for our legitimate interests To monitor and improve our platform, and to detect fraud or abuse
To comply with legal obligations (e.g., record-keeping, regulatory requests) Identity, Contact, Transactional (if any) Legal obligation N/A

4.2 Marketing and Opt-Out

We will not send you marketing messages unless you have opted in (where required by law). You can opt out at any time by following the unsubscribe link in any marketing email or by contacting us at privacy@cantusbritaincor.info. Even if you opt out, we may still send you service-related messages (e.g., account updates, security alerts).

5. Cookies and Similar Technologies

Our website uses cookies to distinguish you from other users and to improve your experience. For detailed information on the cookies we use and the purposes for which we use them, see our Cookie Policy. You can manage your cookie preferences through your browser settings or via the cookie consent banner on our site.

6. Disclosures of Your Personal Data

We may share your personal data with the following parties for the purposes set out in this policy:

  • Service providers: Third-party vendors who provide IT, analytics, hosting, marketing, or customer support services (e.g., cloud storage, email delivery).
  • Professional advisors: Lawyers, accountants, auditors, or insurers where necessary.
  • Regulatory bodies: Where required by law or to protect our rights.
  • Third parties in business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new entity.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes unless you have consented.

7. International Transfers

Your personal data may be transferred to, and processed in, countries outside the UK. Where we transfer your data to countries that do not have an adequacy decision by the UK government (e.g., under UK GDPR), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office (ICO) or equivalent mechanisms. Please contact us if you want further information on these safeguards.

8. Data Security

We have implemented appropriate technical and organisational measures to protect your personal data against accidental loss, unauthorised access, alteration, or disclosure. For example, we use encryption (e.g., SSL/TLS for data in transit), firewalls, and access controls. However, no internet transmission is completely secure; you share data at your own risk.

9. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure, and applicable legal requirements. Details of retention periods for different aspects of your personal data are available on request by contacting us.

10. Your Legal Rights Under UK GDPR

Under the UK GDPR and Data Protection Act 2018, you have the following rights in relation to your personal data:

  1. Right to be informed: You have the right to be told how your data is used – this policy provides that information.
  2. Right of access: You can request a copy of your personal data we hold (a subject access request).
  3. Right to rectification: You can ask us to correct inaccurate or incomplete data.
  4. Right to erasure (right to be forgotten): You can request deletion of your data where there is no compelling reason for continued processing.
  5. Right to restrict processing: You can ask us to suspend processing in certain circumstances (e.g., if you contest accuracy).
  6. Right to data portability: You can request a copy of your data in a machine-readable format to transfer to another controller.
  7. Right to object: You can object to processing based on legitimate interests or direct marketing.
  8. Rights related to automated decision-making and profiling: We do not engage in automated decision-making that has legal or significant effects.

If you wish to exercise any of these rights, please contact us at privacy@cantusbritaincor.info. We will respond within one month, unless the request is complex or numerous, in which case we may extend by up to two months. We may need to verify your identity before processing your request.

11. Complaints to the ICO

You have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) if you believe we have not handled your personal data correctly. The ICO is the UK's independent regulator for data protection. Contact details:

Information Commissioner's Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Tel: 0303 123 1113
Website: https://ico.org.uk

12. Third-Party Links

Our website may contain links to third-party websites, plugins, and applications (e.g., social media buttons). Clicking on those links may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy practices. We encourage you to read their privacy policies before providing any personal data.

13. Minors

Our website is not intended for children under 16 years of age. We do not knowingly collect personal data from minors. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately at privacy@cantusbritaincor.info, and we will take steps to delete such information.

14. Automated Decision-Making and Profiling

We do not currently use automated decision-making (including profiling) that produces legal effects concerning you or similarly significant effects. If we introduce such processing in the future, we will inform you and obtain your consent where required.

15. Glossary and Interpretation

Personal Data: Any information relating to an identified or identifiable natural person.
Processing: Any operation performed on personal data (e.g., collection, storage, use).
Consent: Clear, affirmative indication of agreement to processing.
Legitimate Interest: Our business or commercial interest in conducting our operations in a way that does not unduly affect your rights.

This policy is governed by the laws of England and Wales. Any disputes shall be subject to the jurisdiction of the courts of England and Wales.