Shh PR

Privacy Policy

What is the purpose of this notice?

This notice, together with any other documents referred to in it, sets out the basis on which any personal data that we collect from you, or that you provide to us, will be processed by us in accordance with the General Data Protection Regulation (GDPR). Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

By visiting this website, you are accepting and consenting to the practices described in this policy.

For the purposes of the Data Protection Act 1998 and General Data Protection Regulation, the data controller is Shh! PR Limited, a company registered in England and Wales under company number 14936507, with its registered office at Unit 1a, The Old Malthouse, Springfield Road, Grantham, England, NG31 7BG.

Our nominated representative for the purpose of this policy is Amie-Leigh Minshull.

Information we collect and receive from you

Shh! PR will be what’s known as the “Controller” of the personal data you provide to us. We only collect basic personal data about you which does not include any special categories of personal information about you (known as Special Category Data). This does however include name, address, e-mail, telephone number, company name, position and financial information (payment information when paying invoices etc). This is information that you give us by filling in forms on the website (Site), interacting with the Site or by corresponding with us by phone, e-mail or otherwise. It includes information you provide when you sign up to our newsletter service or make an enquiry about our services.

We collect information automatically about your visit during your time on the Site. It typically involves technical information and is often collected using small data files called ‘cookies.’ This information helps us to provide you with a good experience when you browse the Site and also to indicate where the Site requires improvement. More information on how cookies work, what cookies we use and why can be found in our Cookie Policy.

To manage the cookies and similar technologies used (tracking pixels, web beacons, etc.) and related consents, we use the consent tool “Real Cookie Banner”. Details on how “Real Cookie Banner” works can be found at https://devowl.io/rcb/data-processing/.

The legal basis for the processing of personal data in this context are Art. 6 (1) (c) GDPR and Art. 6 (1) (f) GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.

The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we will not be able to manage your consents.

We may receive information about you if you use any other websites we operate. In this case we will have informed you when we collected that data if we intend to share the data internally. We will also have told you for what purpose we will share your data. This includes information that we receive from third parties, such as business partners, sub-contractors in technical services, advertising networks, analytics providers and so on. We will notify you when we receive information about you from them and the purposes for which we intend to use that information.

Social media platforms

We operate social media platforms. These platforms are, in most cases, operated outside of the EU and do not comply with the current Data Protection Act and subsequent GDPR provision, although they may conform to the US Privacy Shiel protocol. It is our process and protocol that any personally identifiable data gathered on these platforms is only in response to users interacting out of their own volition with our marketing pages. The contact is deemed as a legitimate business enquiry. The personal contact data is removed from the site once the enquiry is processed or the user has requested so.

Analytics

Our website uses Google Analytics to collect information about how visitors use our website. We anonymise this data at the point of collection and automatically delete user and event data that is older than two years.

Why we need it

We need to know your basic personal data in order to provide services to you, provide you with marketing, tell you about our products and services. We will not collect any personal data from you we do not need to provide and oversee this service to you.

What we do with it

We only ever use your personal data with your consent, or where it is necessary:

  • to enter into, or perform, a contract with you
  • to comply with a legal duty
  • to protect your vital interests
  • for our own (or a third party’s) lawful interests, provided your rights don’t override these.

In any event, we’ll only use your information for the purpose or purposes it was collected for (or for closely related purposes).

We may process personal information for certain legitimate business purposes, which include some or all of the following:

  • where the processing enables us to enhance, modify, personalise or otherwise improve our services/communications for the benefit of our customers
  • to identify and prevent fraud
  • to enhance the security of our network and information systems
  • to better understand how people interact with our websites
  • to provide postal communications which we think will be of interest to you
  • to determine the effectiveness of promotional campaigns and advertising.

Whenever we process data for these purposes, we will ensure that we always keep your personal data rights in high regard and take account of these rights at all times. 

When we process your personal data for our legitimate interests, we will make sure that we consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. Our legitimate business interests do not automatically override your interests – we will not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You have the right to object to this processing if you wish, and if you wish to do so please click here (add link). Please bear in mind that if you object this may affect our ability to carry out tasks above for your benefit.

Where we keep it

We are based in the UK and we store our data within the EU. Some organisations which provide services to us may transfer personal data outside of the EU, but we will only allow them to do if your data is adequately protected. For example, some of our systems use Microsoft products. As a US company, it may be that using their products result in personal data being transferred to or accessible from the US. However, we will allow this as we are certain personal data will still be adequately protected (as Microsoft is certified under the USA’s Privacy Shield scheme).

How long we keep it

We will only use and store information for so long as it is required for the purposes it was collected for. How long information will be stored depends on the information in question and what it is being used for. For example, if you ask us not to send you marketing e-mails, we will stop storing your e-mails for marketing purposes (though we’ll keep a record of your preference not to be e-mailed).

We continually review what information we hold and delete what is no longer required. We never store payment card information. We will not retain your data for any longer than necessary and the longest time that we will hold your data will be six years. 

What are your rights?

We want to ensure that you remain in control of your personal data. Part of this is making sure you understand your legal rights, which are as follows:   

  • the right to confirmation as to whether we have your personal data and, if we do, to obtain a copy of the personal information we hold (this is known as a data subject access request)
  • the right to have your data erased (though this will not apply where it is necessary for us to continue to use the data for a lawful reason)
  • the right to have inaccurate data rectified
  • the right to object to your data being used for marketing or profiling; and
  • where technically feasible, you have the right to personal data you have provided to us which we process automatically based on your consent or the performance of a contract. This information will be provided in a common electronic format.

Please keep in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so.

If you wish to raise a complaint on how we have handled your personal data, you can contact Amie-Leigh Minshull at hello@shhpr.co.uk who will investigate the matter.

If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office, the UK supervisory authority for data protection issues.

Scroll to Top