Last updated October 2022
At Human Story (“us”, “our” or “we”), we know how important it is for you to understand how we use your data.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed. Please read the following carefully as it will help you to understand our practices regarding your personal data and how we will treat it.
By visiting the website, services, and applications of Human Story through any media, platform, technology, or device (collectively referred to as “our site” and/or “our service”) and/or engaging with us in other related ways including sales, marketing or events, you are accepting and consenting to the practices described in this policy.
For the purposes of the General Data Protection Regulation (GDPR), the data controller of your personal data is Human Story Limited of 7 Bell Yard, London, WC2A 2JR
You can contact us by the methods set out at the bottom of this privacy policy.
WHAT PERSONAL DATA DO WE COLLECT?
Personal data is any information that could be used to identify you in some way. The personal data that we collect from or about you may include the following:
- your name
- your gender
- your address
- your email address
- your contact telephone number
- your location country (if you have selected a country view)
- information you voluntarily give us when you contact our customer services team, including any phone number used to call out customer service number
- information about your visit to our website, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), information or events you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page.
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, browser plug-in types and versions, and operating system and platform.
- information collected from our websites and elsewhere across the internet through cookies, web beacons, pixel tags, device identifiers and other technologies including information about your shopping habits and preferences.
We do not process any sensitive personal information.
WHEN DO WE COLLECT PERSONAL DATA?
We may collect personal data in a variety of ways including:
Information you give us. This is information about you that you give us by filling in forms on our site or by corresponding with us by phone, e-mail or otherwise. It includes information that you provide when you register for an account, sign up for marketing alerts, subscribe to our newsletter, contact our customer services team, or get in touch with us on social media.
Information we collect automatically when you use our service. With regard to each of your visits to our site we may, independently or through third-party data analytics tools or services such as Google Analytics, automatically collect information as you use our services.
Information gathered through cookies and other similar technology to distinguish you from other users of our site. This helps us to provide you with a good experience when you browse our site and allows us to improve our site.
Information we receive from other sources. We work closely with third parties, for example, our event or business partners who may provide us with information about you.
Social Media. You can control the information you allow us to have access to through your privacy settings on your social media profiles.
All personal information that you provide to us must be complete, accurate and true. You must inform us of any changes to such personal information.
HOW DO WE USE PERSONAL DATA AND WHAT IS OUR JUSTIFICATION FOR DOING SO?
We process your personal data to provide, improve and administer our services, communicate with you, for fraud and security prevention and comply with the law. From a legal perspective, there are various justifications for doing so and we have set out an explanation of this below.
For purposes related to the provision of the services that we offer to you:
- To give you access to and use of our service.
- Communicating with you in connection with business services and providing you with customer services support.
- To measure customer satisfaction.
- To notify you about changes to our service.
We use your data in this way either because we have a contract with you or because it is in our legitimate interests to do so (for example, it is in our interests to measure customer satisfaction and “troubleshoot” customer issues) but we will always ensure that your rights are protected.
For advertising and marketing purposes:
- To send you marketing alerts via e-mail. We’ll send you marketing emails (including newsletters) about insights and content you might be interested in. You can opt to stop receiving marketing information by clicking on the unsubscribe link in any email, or by contacting us by the methods set out at the bottom of this policy.
- To measure or understand the effectiveness of any advertising we serve to you and others.
- To send you information or offers on behalf of our event partners.
Where you have registered your account from the United Kingdom, the European Union, Australia, New Zealand or Canada, we will rely on your consent to contact you. Where you have registered your account from the United States, or in other scenarios (for example, measuring the effectiveness of our marketing), we will rely on our legitimate interests as a business, always ensuring that your rights are protected.
For the purposes of tailoring our services to you to enhance your user experience:
We may combine the personal data we collect from third parties, with personal data you give to us and the personal data we collect about you to improve the relevancy of the Human Story service and to make suggestions and recommendations to you about Human Story goods or services that may interest you.
For administrative and internal business purposes:
- To ensure that content from our site is presented in the most effective manner for you and your device;
- To administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- To allow you to participate in interactive features of our services when you choose to do so.
It is in our legitimate interests as a business to use your data in this way. For example, we have a clear interest in ensuring that our site works properly and that our services are high quality and efficient. We will always ensure that your rights are protected.
For security, fraud prevention and legal and compliance purposes:
- To keep our website and app safe and secure.
- To protect our rights or property (or the rights or property of others) and to enforce our rights and pursue available remedies.
- In some cases, we will need to use your personal data to fulfil a legal obligation (for example, if we receive a legitimate request from law enforcement agencies), and in other cases (such as the detection of fraud or ensuring the security of the site) this processing may be for the purpose of preventing and detecting crime which we believe to be necessary or appropriate in each case in order to comply with laws or legal process (including laws of legal process in other countries). We will also rely on our legitimate interests in ensuring the integrity of our services and in enforcing our terms and conditions to use your data in this way.
PRIVACY OF MINORS
Human Story does not knowingly collect personal information from children under 18 years of age without parental consent.
By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such a minor dependent’s use of the Services.
WHEN DO WE SHARE YOUR PERSONAL DATA?
We may share your personal data:
- With any member of our corporate group, which means our subsidiaries, our ultimate holding company and its subsidiaries in order to fulfil our contractual obligations to you, or because it is in our legitimate interests to do so (for example where we share processes or operations with another group company)
- With selected third parties who provide services to us for specific functions. In each case, we will ensure that these third parties are only allowed to use your personal data in order to provide the relevant services to us. It is in our legitimate interests as a business to work with these third parties since we may not have the capabilities to provide these services ourselves
- With our event partners in order to fulfil our contractual obligations to you, or because it is in our (and their) legitimate interests to do so (for example our event partners need to do this to ensure they uphold health and safety, and security standards)
- With analytics and search engine providers that assist us in the improvement and optimisation of our site. For these purposes your personal data will be aggregated and looked at on a statistical basis
- With third parties if we propose to sell or buy any business or assets, in which case we will disclose your personal data to the prospective buyer or seller of such business or assets. Similarly, if there are changes to our group structure, or if our ownership changes, we may need to disclose your personal data to the new owners or operators as one of the transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation. This includes exchanging information with other companies and organisations (including law enforcement agencies where appropriate)
TRANSFERRING YOUR PERSONAL DATA OUTSIDE OF THE EUROPEAN ECONOMIC AREA (THE “EEA”)
Some of the processes involved in our use of your personal data may require your data to be stored or processed in countries outside of the EEA; for example, if one of our service providers is based outside of the EEA.
These countries may not have the same data protection laws as the UK and the EEA and so your personal data may not be subject to the same protections. However, in such cases, we will make sure that any transfer of your personal data to countries outside of the EEA is subject to appropriate safeguards as if it were being processed inside of the EEA and under the guiding principles set out in this privacy notice.
KEEPING YOUR PERSONAL DATA SAFE
We take the security of your personal data very seriously and have put in place technical and organisational measures to help keep it safe from unauthorised access or disclosure as required by law and in accordance with good industry practice.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. You should only access the services within a secure environment.
RETENTION OF YOUR PERSONAL DATA
We’ll only retain your personal data for as long as is necessary for the purpose described in this policy unless otherwise required or permitted by law. This means that retention periods will vary according to the type of data we have in the first place.
THIRD-PARTY WEBSITES
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers, and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
YOUR RIGHTS
You may exercise any of the following rights in the following section regarding your personal data:
Right to request the correction of inaccurate personal data
You may request the correction of inaccurate personal data.
Right to ask us not to use your personal data for direct marketing purposes
This can be done by clicking the “unsubscribe” link on marketing communication or contacting us directly at [email protected]
Right to access
You may request of copy of the personal data we hold about you (and in some circumstances, you can ask us to provide a copy to a third party).
Right to be forgotten
You may ask us to either permanently delete or temporarily stop using the personal data we hold about you. Please note that we will do all we can to respect your right to have your personal data deleted where there is no good reason for us to continue to process it but there may be some circumstances where we will need to retain some personal data in accordance with applicable laws.
Right to data portability
You can ask us to have the personal data that you’ve provided to us provided to you in a structured and commonly used electronic format.
Right not to be subject to decisions made solely on the basis of “automatic processing”
You may object to automated decision making which produces legal effects concerning you or similarly significantly affects you.
Right to complain to your local regulator
Residents of the European Union and certain other countries have the right to complain about our use of your personal data. Contact details follow.
- EEA or UK https://ec.europa.eu/newsroom/article29/items/612080
- In Switzerland, you can contact the Federal Data Protection and Information Commissioner via their website: https://www.edoeb.admin.ch
- In Australia, you can contact the Office of the Australian Information Commissioner (OAIC) via their website: https://www.oaic.gov.au/
- In New Zealand, you can contact the Privacy Commissioner via their website: https://www.privacy.org.nz/
- In Canada, you can contact the Office of the Privacy Commissioner of Canada via their website: https://www.priv.gc.ca/
CHANGES TO OUR PRIVACY POLICY
Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.
This policy was last updated 10/2022
CONTACT
Questions, comments, and requests regarding this privacy policy can be raised by post at 7 Bell Yard, London, WC2A 2JR – addressing your letter to Data Protection Officer or by emailing us at [email protected]