Privacy Policy

The Shortlisted™ | EU GDPR Privacy Policy

This is the Privacy Policy for the-shortlisted.co.uk and other related applications (“our sites”). This Cookie Policy has been last updated in January 2020 to comply with the European General Data Protection Regulation (also known as “EU GDPR”).

1. Privacy Policy statement and purpose

1.1. This Privacy Policy governs the privacy of its users who choose to use this website (“the-shortlisted.co.uk”), which is indicated as an independent digital magazine run with WordPress and hosted by GoDaddy, using a CDN (Content Delivery Network) provided by Cloudflare. The Data Controller for this website is the founder and editor who can be reached at [email protected] for any questions or information about this Privacy Policy.

1.2. This website is in no way affiliated with any brands or companies, and all brand names and logos are the exclusive property of each respective owner. By using this website and its official social media channels, sales channels, newsletters and related services, you agree to all the indicated terms. We are committed to preserving and safeguarding the privacy of its visitors and to making every effort to ensure the confidentiality and privacy of information sent to it by customers but does not undertake any responsibility for the privacy or security of that information in any way whatever, other than that demanded under the EU General Data Protection Regulation 2018. In particular, the principles related to the processing of personal data are: 1) lawfulness, fairness and transparency, 2) purpose limitation, 3) data minimisation, 4) accuracy and security, 5) storage limitation, 6) integrity and confidentiality, 7) not transferred to countries without adequate protection.

1.3. This Privacy Policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the users, the website and website owners. Furthermore, the way this website processes, stores and protects user data and information will also be detailed within this policy.  This website and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies to UK and EU laws and requirements for user privacy.

1.4. The Shortlisted™ is bound to protect personal information and to handle it according to rigorous guidelines. This website is opposed to spam and will never sell personal data to anyone; however, The Shortlisted™ does not undertake any responsibility for maintaining the security and privacy of that information, other than that demanded under the EU General Data Protection Regulation 2018 – also known as EU GDPR. This website’s managers and webmasters will use their best endeavours to protect the security and privacy of personal information. Should a user not wish The Shortlisted™ to store information, it will be deleted upon the specific instruction of a customer by email; however, this does not imply in any way that The Shortlisted™ undertakes any responsibility for that information.

1.5. All the content on The Shortlisted™ is totally an expression of personal opinions and ideas of contributors, and statements should not be considered as facts until they’re publicly and universally known as facts, having been proved as true or false. Anything that hasn’t been publicly proven as a fact opposed to work or fiction or opinion, is automatically and perpetually intended as either a work of fiction or a personal opinion that cannot be proved true or false: opinions and observations are statements that can’t be proven true or false no matter of the viewpoint.

1.6. In order to protect third parts’ privacy and until and if facts aren’t publicly proven as being facts and not opinions or mere works of fictions, all the content on The Shortlisted™ is to be considered as opinion-based. Names, characters, businesses, places, events, locales, and incidents are either the products of the authors’ imagination or used in a fictitious manner to protect all the involved parties’ privacy. Any resemblance to actual persons, living or dead, or actual events is purely coincidental. In order to maintain their anonymity in some instances, names of individuals and places may have been changed or omitted. The same applies to feature characteristics and details such as physical properties, occupations and places of residence. We do not knowingly collect or store personal information about children under the age of 16.

1.7. We respect our visitors’ privacy and do our very best to protect readers’ and customers’ privacy bu using technology and security and appropriately and ensure appropriate security and password-protected measures to protect sensitive information. If we make use of another organisation to store data, we ensure they observe appropriate security measures, although we cannot hold any responsibility for third-parties’ actions or system breakdowns.

1.8. We collect individual user details only if we have users’ permission or have a lawful basis for doing so, such as collecting enough information to manage newsletter and other services subscriptions. We collect data to provide personalised services to individual users, to help us, monitor, check and improve the services we offer, to sell carefully chosen advertising spaces on the site and, only if we have permission from the user – to market products and services to them. We may also collect data during live events, on authorised social media channels, and such data will be treated according to the standard procedures outlined in this text. We also reserve the right to take live photographs, videos and other media.

1.9. We are clear in what kind of information we use and why. Subscribed users will only receive emails only from us and, if they agree, from other organisations we have carefully chosen. We will use personal information only for the purposes for which it was originally allowed and we’ll make sure we delete it securely if we are asked to do so and if we or our service providers transfer any user information outside of the European Economic Area (EEA), it will be done with the relevant protection (stated under the UK law) being in place. This website is accessible via the internet, and people all around the world who access our website can see what users may post on the website, for example, comments about an article. There may be additional privacy policies that apply to certain services we provide. Please read these when you register or subscribe for these services on these sites.

2. Information collected from users and how it is used

2.1. We collect information when users become members or subscribers, when they use the website, through cookies, if users choose to reveal information in postings and when users enter sales promotions and competitions. This website also obtains information about users when they use the website, sends emails, use Facebook, Twitter, LinkedIn, Pinterest and Instagram and/or opt-in forms, subscribe to the MailChimp newsletter; the only personal information we collect about users is the one users provide themselves through standard forms, other correspondence and any technical information gathered automatically when users use the website.

2.2. We ask the minimum information possible to take payments, if applicable, as well as the information required to contact customers, and details are securely stored by PayPal and Stripe (member). In case of a credit or debit card purchase from this website, users’ card information is not held by the website, it is collected by our third-party payment processor Stripe, that specialises in the secure online capture and processing of credit/debit card transactions and is fully PCI-DSS compliant. We do not use this information for any other purpose other than to contact customers periodically with information relevant to their support of the organisation.

2.3. The personal information collected might include names, surnames, addresses, email addresses, IP addresses, and information regarding what web pages are accessed and when. Users’ personal information providers by them may be used to reply to inquiries, notify of changes to services, publish comments that have been submitted on the magazine, send communications which the users have requested and that may be of interest to them. We will not contact users for marketing purposes unless they have given prior consent (see 1.8.).

2.4. This website may also use non-personal information about users such as IP address, device type or geographical location in order to monitor activity to better understand how the website is being used, and what countries the visitors come from. This data is tracked by Google Analytics and their partners: for further information, see the Google Analytics privacy policies. However, this website does not match users’ IP address to any other information that would identify them as unique individual persons. For more information, see 4.4. of our Cookie Policy.

2.5. The retention periods for personal information are reviewed on a regular basis. The personal information is held on internal systems for as long as is necessary for the relevant activity, or until such time as users request that we delete users’ information, which we immediately will do upon request. We may contact users periodically to check that they are still happy to hear from us. The email service provider managing the website’s official email address is Outlook, managed by Microsoft. Their Privacy Policy can be found here; the website owner – or owners – deny any responsibility regarding this.

3. Third-party links and access to personal information and rights

3.1 We will not sell or rent information to third parties, nor will share information with third parties for marketing purposes unless you have given us your explicit permission, and if we have your explicit permission, we will share your information only with selected partners. We guarantee to never to sell email address to anyone or to spam people. Only and solely with users’ permission, The Shortlisted™ may distribute details to carefully selected partners, providers, agents, subcontractors and other associated organisations for the purposes of completing tasks or providing services on our behalf (for example to send the email newsletter).

3.2. We may make other organisations’ services and products available, through our sites, even if we are not necessarily operating these sites. We process any information which we collect when you access a service provided by another organisation under this privacy policy. The information these other organisations collect is governed by their own privacy policies and we hold no responsibility towards them, even though we may independently audit these service providers to make sure that they meet our standards. We may use providers to help us run such sites or services available on the sites, and some of whom may be based outside the EEA. We can also access and release personal information to respond to relevant laws and government requests, to operate our systems properly and to protect our systems and users.

3.3. When third-party services providers are used, this website discloses only the personal information that is necessary to deliver the service and there is a contract in place that requires them to keep information secure and not to use it for their own direct marketing purposes. We can provide information on which services have access to personal data as Data Controller for The Shortlisted™ upon request.

3.4. Concerning any links provided on this website to third parties, this doesn’t mean that The Shortlisted™ endorses or approves those sites’ policy towards privacy. Prior to sending them any personal data, users should still review such websites’ and providers’ privacy policy. Although this website strives to only include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website.

4.3. We cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should, therefore, note they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.

5. Security precautions

5.1. We strive to ensure the integrity, security and privacy of personal information submitted by customers, and reviews and updates its security measures in light of current technologies. The Shortlisted™ follows generally accepted standards to protect the personal information submitted by customers, both during transmission and once the website receives it.

5.2. Unfortunately, no data transmission over the Internet can be guaranteed to be completely secure. Therefore, The Shortlisted™ cannot guarantee its absolute security. However, we will endeavour to take all reasonable steps to protect the personal information users may transmit. Once The Shortlisted™ receives users’ transmission, it will also make the best possible efforts to ensure its security on systems.

5.3. For users’ safety and protection, The Shortlisted™ never stores credit and debit card numbers on its servers. Where necessary, credit and debit card numbers are stored by a carefully selected payment gateway provider (“Stripe”) providing the use of encryption during transmission. When users enter sensitive information (such as a credit and debit card number) on the website order forms, The Shortlisted™ encrypts the transmission of that information using secure socket layer technology (SSL).

6. How users can access and update their information

6.1. If users change email address or any of the other information the website hold is inaccurate or out of date, they can get in touch via email to request that we update it, or they can use the link included at the bottom of our email newsletter. Users have the right to ask for a copy of the information that we hold about them. Users have the right to access, operate rectification, being informed, erasure, restrict processing, object and data portability, as well as the right not to be subject to automated decision-making, including profiling. Users also have the right to request that we delete the information that we hold about them by getting in touch via email.

6.2. To access to or request a copy of all the personal information we hold about you, or to request a correction, or to pose any questions about how we use data, or even to make a complaint, please contact the Data Controller at [email protected] Requests will be answered within 30 days.

7. Transferring personal information outside of Europe

7.1. As part of the services offered to the users through this website, the information which they provide to the server may be transferred to countries outside the European Union (“EU”). By way of example, this may happen if any of our data processors’ servers are located in a country outside of the EU. These countries may not have similar data protection laws to the UK or Europe. By submitting their personal data, users are agreeing to this transfer, storing or processing.

7.2. If the website transfers personal information outside of the EU, it will take steps to ensure that appropriate security measures are taken with the aim of ensuring that users’ privacy rights continue to be protected as outlined in this Policy. If users access the website while outside the EU, their information may be transferred outside the EU in order to provide them with those services.

8. User-generated comments on the blog

8.1 Users have the ability to add a comment to the blog, in which case the name and email address they enter with the comment will be saved to this website’s database, along with their computer’s IP address and the time and date that they submitted the comment. User-generated comments and associated personal data will remain on this site until such time that we either (a) remove the comment or (b) remove the blog post. If they wish to have their comments and data removed, they may request that we do so at any time by email.

8.2. Such information is only used in order to identify the user as the comment author, and will not be used for any other purpose, nor is it transmitted to any third party or data processor. Only users’ names will be shown on the public-facing website, though if the supplied email address is linked to a Squarespace account, users’ Squarespace profile avatar may also be shown. Users can read Squarespace’s Privacy Policy here.

9. MailChimp newsletter

9.1. This website operates an email newsletter, used to inform subscribers about news and services supplied by it. Users can subscribe through an online automated process should they wish to do so, but do so at their own discretion. Subscrib9.ers are given the opportunity to unsubscribe and/or manage their email preferences at any time through the MailChimp system. This process is detailed at the footer of each email campaign.

9.2. Subscriptions are taken in compliance with all relevant privacy laws; this website will not subscribe users to any marketing lists or send users information without users prior consent. All personal details relating to subscriptions are held securely within the MailChimp system. No personal details are passed on to third parties nor shared with companies/people outside of the company that operates this website. MailChimp privacy policy can be read here.

9.3. Email marketing campaigns published by this website or its owner may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database for future analysis and evaluation. Such tracked activity may include; the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity [this is by no far a comprehensive list]. This information is used to refine future email campaigns and supply the user with more relevant content based on their activity. To find out more about the types of tracking associated with our email campaigns, read the MailChimp privacy policy.

10. Social media platforms

10.1 Communication, engagement and actions taken through external social media platforms that this website and its owner participate on are custom to the terms and conditions as well as the privacy policies held with each and every social media platform respectively used.

11.1 Users are advised to use social media platforms wisely and communicate/engage upon them with due care and caution in regard to their own privacy and personal details. We will never ask for sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.

11.2. This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save the request to share a web page respectively through users’ social media platform account.

11.3. Some of our webpages use plug-ins from other organisations and brands  – such as social media platforms – that may use information about your visit to our websites on their pages. If you browse these pages while still also logged in to your account with us, the information they collect may be connected to your account on their site. For more information on how these organisations use information, please read these organisations and brands’ privacy policies. If, for example, users log-in to our comments using a Facebook log-in (when applicable), they are granting permission to Facebook to share their user details with us. This will include name, email address, date of birth and location. This may also allow us and Facebook to share your networks, user ID and any other information you choose to share according to your Facebook account settings.

12. Shortened links on social media

12.1. This website and its owners through their social media platform accounts may share web links to relevant web pages. By default, some social media platforms shorten lengthy URLs [web addresses]. Users are advised to take caution and good judgement before clicking any shortened URLs published on social media platforms by this website and its owners. Despite the best efforts to ensure only genuine URLs are published, many social media platforms are prone to spam and hacking and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.

13. Regarding our advertising, sponsorships and partnerships

13.1 Our sites contain links to other websites from which we may – or may have not – have earned revenue. Our pieces of content are never influenced by advertisers politicians or affiliates, nor are they written for the purpose of promoting services or products.

13.2. In order to deliver The Shortlisted™ as an accessible publication at no cost for readers, we need to make use of advertising to cover costs, so may use statistical behaviour research of our visitors to identify the most valid advertising options. Such behavioural analysis we may perform is totally anonymous and records content appreciation preferences, not identities. We might also share anonymised behavioural data with our carefully chosen advertising partners; this might sometimes mean that when users visit websites, they will be shown advertising based on their behaviour on our website, and we may also show users advertising on The Shortlisted™ based on users’ behaviour on other websites.

13. Cookie Policy

13.1. Click here to read the full The Shortlisted™ Cookie Policy.

14. Privacy Policy review

14.1. This Privacy Policy is being kept under regular review. 

Last updated: January 2020