Your Personal Data:
What we need
Nick Bearman trading as Geospatial Training Solutions will be what’s known as the ‘Controller’ of the personal data you provide to us. We only collect basic personal data about you which does not include any special types of information or location based information. This does however include name, email, organization and contact number etc.
Why we need it
We need to know your basic personal data in order to provide you with notice, writing, analysis and training services. We will not collect any personal data from you we do not need in order to provide and oversee this service to you.
What we do with it
All the personal data we process is processed by our staff in the UK, however for the purposes of IT hosting and maintenance this information is located on servers within the USA as well as the UK. No 3rd parties have access to your personal data unless the law allows them to do so.
Like many small business we use a range of tools to help run our business, where your personal details may be stored.
Email & Contact Information
Any contact with me via email (email@example.com) is through a Gmail account. I also use Google Contacts to store your contact information. Google are certified under the EU – U.S. Privacy Shield framework (https://cloud.google.com/security/gdpr/).
This website has a contact form and your contact will be emailed to me in an unencrypted form and stored in a GMail account. If you wish to contact me using a secure method, you can contact me on WhatsApps (email me for my mobile number) or I also use OpenPGP using FlowCrypt (https://flowcrypt.com/) or Mailvelope (https://www.mailvelope.com/en), both of which work well with Gmail, my public key is at http://www.geospatialtrainingsolutions.co.uk/pgp.asc. All messages sent using the above encrypted methods will be stored encrypted and never stored decrypted.
I also run a mailing list through MailChimp (https://mailchimp.com/) (sign up at https://www.geospatialtrainingsolutions.co.uk/mailing-list) who’s servers are based in the United States (https://mailchimp.com/help/gdpr-faq/). MailChimp are certified under the EU – U.S. Privacy Shield framework (https://mailchimp.com/help/about-mailchimp-the-eu-swiss-privacy-shield-and-the-gdpr/). I require opt-in consent to join the mailing list, in line with GDPR best practice. If you wish to be removed from the list, please email me at firstname.lastname@example.org.
Our invoicing is done through QuickFile (https://www.quickfile.co.uk/), who store account information in London, UK and document information on AWS (Amazon Web Services) in Ireland.
Files related to projects I am working on (including details related to your project, if you hire me!) are stored on Dropbox. Dropbox data are stored in the US (https://www.dropbox.com/help/security/physical-location-data-storage) and Dropbox comply with GDPR, under the EU – U.S. Privacy Shield framework (https://www.dropbox.com/security/GDPR). I also take the precaution of encrypting some files with TrueCrypt (https://www.grc.com/misc/truecrypt/truecrypt.htm) which can also be arranged for your project if required.
How long we keep it
We are required under UK tax law to keep your basic personal data (name, address, contact details) for a minimum of 6 years. Your information we use for marketing purposes will be kept with us until you notify us that you no longer wish to receive this information.
What we would also like to do with it
We would however like to use your name and email address to inform you of our future offers, training courses and similar products. This information is not shared with third purposes and you can unsubscribe at any time via phone, email or our website. Please indicate below if this is something you would like to sign up to.
What are your rights?
If at any point you believe the information we process on you is incorrect you request to see this information and even have it corrected or deleted. If you wish to raise a complaint on how we have handled your personal data, you can contact our Data Protection Officer who will investigate the matter.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).
Our Data Protection Officer is Nick Bearman and you can contact him at email@example.com.