In order to use some of the paid and free services provided by this site, it is necessary to collect personal data such as email addresses. This data will be used to send out newsletters when requested, provide a means of responding to enquiries by site users, provide further information as requested via a contact form, or for other specific purposes, such as entering a competition or give-away.
English with Kirsty has never engaged in passive data collection for mailing lists, which means that email addresses were only added to mailing lists when users of the site specifically ticked the box to request them. In practice this means that no email addresses were added to mailing lists as a result of being sent other free materials and this continues to be the case.
The General Data Protection Regulations describe how Kirsty Major, and anyone working for her, must collect, handle and store personal information on behalf of English with Kirsty. To comply with the law, personal information must be:
- collected and used fairly, stored safely and not disclosed unlawfully.
- obtained only for specific, lawful purposes
- adequate, relevant, and not excessive
- accurate and kept up to date
- deleted if no longer necessary
- protected appropriately.
The primary person responsible for the safe and legal handling of the data covered by this policy is Kirsty Major as the website and business owner. Anyone working for English with Kirsty with access to data will be given training to ensure that they understand their responsibilities in relation to accessing, using, and storing the data.
Data storage, use and retrieval
- At English with Kirsty, all data is stored electronically and never printed out, thus eliminating risks caused by paper documentation.
- data should be reviewed regularly and any data that is found to be out of date should be deleted or the central record should be updated as appropriate. This means that any data gathered for one-off purposes will not be stored after it is no longer needed, and data belonging to any site user, which cannot be reached using the information they originally gave, will be deleted.
- Data should not be disclosed to unauthorised recipients.
- When data is stored electronically, it must be protected from unauthorised access, accidental deletion and malicious hacking attempts.
- > If data is stored on removable media (such as a removable storage drive), this should be kept locked away securely when not being used.
- Data should only be stored on designated drives and servers.
- Data should be backed up frequently. Those backups should be tested.
- All servers and computers containing data should be protected by security software and a firewall.
Subject access requests
All individuals who are the subject of personal data held by English with Kirsty are entitled to ask what information English with Kirsty holds about them and why.
If an individual contacts English with Kirsty requesting this information, this is called a subject access request.
Subject access requests from individuals should be made by email. A subject access request form can be made available on request, but it is not necessary for a request to be made using the subject access request form.
It is English with Kirsty’s intention that all such requests are dealt with within 14 days.
Reasonable checks will be made to verify the identity of anyone making a subject access request before handing over any information.
Disclosing data for other reasons
In certain circumstances, the Data Protection Act allows personal data to be disclosed to law enforcement agencies without the consent of the data subject.
Under these circumstances, English with Kirsty will disclose requested data. However, reasonable checks will be made to ensure the legitimacy of the request.
More from English with Kirsty
If you have any questions or you would like to receive English with Kirsty News, please use the contact form on this page: