In this policy we want to tell you who we are, what data we process about you, why we collect it, what we use it for and how we store and protect it.
To make this policy more user friendly we use “we”, “us”, “our” etc. to describe our brand “The Camelot Institute of Human Interactions”® in behalf of the founder Giulia De Bellis.
When we refer to “you” we mean you as a visitor and/or user of our website, e.g. when you request an assessment, ask to be contacted, sign up for our newsletters, sign up for our service, register yourself as a business user in our product etc.
We yearly pay the ICO's fee: ICO is the UK's indipendent body set up to uphold information rights. You can read more about what that means on the ICO portal.
We are the data controller for the personal data we process about you in accordance with this policy. You can read more about what that means on the EU’s GDPR portal.
What type of information do we collect?
We receive, collect and store any information you enter on our website or provide us in any other way. The data we collect about you fits into these different categories: personal data, business data and log data.
When you request an assessment or sign up for our newsletters, events, seminars, courses etc., we collect the following data about you: your name, e-mail, address, mobile and/or phone number, payment details including card information. We also collect your comments, feedback, service reviews, recommendations etc.
When you sign up for our service or register yourself as a business user in our product, we collect the following information about you: your name, email, what company you work for, the company domain, your telephone/mobile number, your title, address, country, payment information (related to your company’s subscription with us). We collect information about how you use our product and what services you and your company are subscribing to. We also collect the information you provide us when you contact us for support.
When you visit our website, our servers may automatically log the standard data provided by your web browser. It includes your computer’s Internet Protocol (IP) address, your browser type and version, your user agent, the pages you visit, the time and date of your visit, the time spent on each page, and other details. We use your log data for these purposes:
Identify you as a user when you log into our product and log and save the actions you take when you use our product,
Improve or modifying our website, our services, including our widgets, and products to you,
Respond to your questions and provide you with customer service and support, including sending service related messages to you,
Send you newsletters, give you a free assessment, provide you with offers and send you different types of marketing material,
Comply with legal obligations and requirements, requests from public and governmental authorities, relevant industry standards and our internal policies and protect our operations and our rights,
Engage in various internal business purposes, i.e. data analysis, audits, developing new products and services, identifying usage trends, determining the effectiveness of our promotional campaigns and operating and expanding our business activities,
We may also use your data in other ways, but we will inform you about these purposes when we collect your data.
We do not sell or rent your data to marketers or third parties.
What legal basis is used to process your data?
We process your data based on the following legal grounds:
To perform our contract with you (see Article 6.1.b of the GDPR)
Comply with our legal obligations (see Article 6.1.c of the GDPR)
To pursue legitimate business interests of our own related to operating our website and providing our services to you, or to pursue the legitimate interests of third parties as long as your interests and fundamental rights do not override those interests (see Article 6.1.f of the GDPR).
For the establishment, exercise or defence of legal claims, where necessary (see Article 9.2.f of the GDPR)
Some of these grounds for processing your data overlap, so there may be several reasons which justify us processing your data.
When you have expressly given your consent to us to process your data (see Article 6.1.a of the GDPR), e.g. when subscribing to our newsletters, you are free to withdraw your consent at any time. If you withdraw your consent, we might still have the right to process your information if it is required or justified by the legal grounds above.
How do we collect information?
When you conduct a transaction on our website, as part of the process, we collect personal information you give us such as your name, address and email address. Your personal information will be used for the specific reasons stated above only. We collect such Information for the following purposes:
1) To provide and operate the Services;
2) To provide our Users with ongoing customer assistance and technical support;
3) To be able to contact our Visitors and Users with general or personalized service-related notices and promotional messages;
4) To create aggregated statistical data and other aggregated and/or inferred Non-personal Information, which we or our business partners may use to provide and improve our respective services;
5) To comply with any applicable laws and regulations.
How do we store, use, share and disclose our site visitors' and users’ personal information?
We use a range of organizational, technical and administrative measures to protect your data within our company. Unfortunately, the internet is not a 100% secure environment and that means we cannot guarantee the security of the data you transmit to us. Emails sent via the internet may not be encrypted, and we therefore advise you not to include any confidential information in your emails to us.
Our Data Protection Officer is our founder Giulia De Bellis.
Our website is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall. All direct payment gateways offered by Wix.com and used by us adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
How long do we keep your data?
The length of time we keep your data depends on the type of data we are processing and why we are processing it.
Newsletters, email marketing etc.:
We keep your data for as long as you are subscribing to our newsletters, email marketing etc. If you ask us to unsubscribe you, we will keep your data for two years after your request so we can show that we have honoured your request and to make sure that you aren’t receiving email marketing and newsletters. If we have collected publicly accessible information about you for the purpose of being able to carry out marketing activities, we will keep such data for as long as the relevant activity is ongoing and for two years after that.
Events, seminars, courses, consulting etc.:
We will keep your personal data as long as they are necessary for the purposes of the course, the event or seminar in question and for evaluating them.
Sign up for our service and registration as a business user in our systems:
We will keep your data up to 5 years after so that we can fulfil our legal obligations. If you are employed by one of our customers, we will keep your data as long as we have a business relationship with that customer.
We will keep your data for as long as they are necessary for the purposes for which they are being processed. As a general rule, data will be kept for as long as you use our product plus 5 years following the conclusion of your customer relationship with us. Special circumstances or legal requirements may entail that such periods may be shorter or longer, including for the purpose of complying with legal requirements for the erasure or keeping of data.
How do we communicate with our site visitors and users?
We may contact you to notify you regarding your account, to troubleshoot problems with your account, to resolve a dispute, to collect fees or monies owed, to poll your opinions through surveys or questionnaires, to send updates about us, or as otherwise necessary to contact you to enforce our User Agreement, applicable national laws, and any agreement we may have with you. For these purposes we may contact you via email, telephone, text messages, and email.
You can read more about the cookies we use on our website here.
Your rights and how to unsubscribe to email marketing material?
You have rights we want to make you aware of. Your rights will depend on our reason for processing your data.
Your right of access
You always have the right to ask us for copies of your personal data. There are some exemptions, which means you may not always receive all the information we process but as a main rule you can always contact us and ask for your information.
Your right to rectification
You can always ask us to rectify information you think is inaccurate and you can also ask us to complete information you think is incomplete.
Your right to erasure
You can also ask us to erase your personal information in certain circumstances.
Your right to restriction of processing and object to processing
You have the right to ask us to restrict the processing of your information in certain circumstances and a similar right to object to processing.
Your right to data portability
This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another or give it to you. The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated.
The easiest way to exercise your right is to email us at firstname.lastname@example.org .
The law gives us one month to respond to you, and we will try to respond sooner.
You can always lodge a complaint with a data protection authority.
Who are we and how can you contact us?
Here is our information:
The Camelot Institute of Human Interactions®
5 Regatta House
32 Twickenham Road
This policy is effective from 6th April 2020.