FileAlchemy Policies

GDPR Compliance Policy

Last updated: 19/09/2024

1. Introduction

FileAlchemy is committed to protecting the privacy and security of your personal data. This GDPR Compliance Policy outlines how we collect, use, store, and process personal data in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679.

2. Data Controller

For the purposes of the GDPR, FileAlchemy acts as a data controller for the personal data we collect and process. Our contact details are:

[Insert Company Name and Address]
Email: gdpr@filealchemy.com

3. Data Protection Officer

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this policy, including any requests to exercise your legal rights, please contact the DPO using the details set out below:

[Insert DPO Name]
Email: dpo@filealchemy.com

4. Personal Data We Collect

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data: includes first name, last name, username or similar identifier
  • Contact Data: includes email address and telephone numbers
  • Technical Data: includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website
  • Usage Data: includes information about how you use our website, products and services
  • Marketing and Communications Data: includes your preferences in receiving marketing from us and our third parties and your communication preferences

5. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
  • Where we need to comply with a legal obligation

6. Data Subject Rights

Under the GDPR, you have the following rights:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling

To exercise any of these rights, please contact our DPO using the contact details provided above.

7. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

8. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

9. International Transfers

We may transfer your personal data outside the European Economic Area (EEA). Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
  • Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
  • Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.

10. Cookies

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information. For more information about our use of cookies, please refer to our Cookie Policy.

11. Changes to This Policy

We may update this GDPR Compliance Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date at the top of this policy.

12. Contact Us

If you have any questions about this GDPR Compliance Policy, please contact us:

By email: admin@filealchemy.co.uk
By visiting this page on our website: https://filealchemy.co.uk/contact
By phone number: [Insert phone number]
By mail: [Insert postal address]