Digging Into Digital logo

About our privacy policy

Our privacy policy outlines your relationship with us and explains in detail how we use the information that you provide us with.

About Digging Into Digital

Digging Into Digital is a not-for-profit organisation, providing training, consultations and resources for churches and Christian faith organisations. Our data controller is Vernette John-Joiles and we encourage you to get in touch with any questions you may have about Digging Into Digital. You can reach us by: Email: hello@digginginto.digital Website: https://digginginto.digital Digging Into Digital takes your privacy seriously. That is why we will only use your personal information to provide you with the products and services you have requested, as well as to administer your account. We will never use your personal data for any reason other than the reasons described within this policy.

How we work

Digging Into Digital is committed to upholding and maintaining your personal rights. We operate in line with the European Union’s General Data Protection Regulations and observe your rights to change or withdraw your opt-in options at any time. As part of our ongoing commitment to uphold your rights, Digging Into Digital will also extend advice on how you can issue formal complaints to relevant authorities, such as the Information Commissioner’s Office.

Sensitive data

Digging Into Digital does not collect any sensitive data about you. Sensitive data refers to (but is not limited to) information about your race or ethnic background, religious or political affiliations, trade union affiliations, sexual orientation, criminal background or health background.

Who our privacy policy applies to

This privacy policy has been developed to inform users of the Digging Into Digital website how we use their data. Digging Into Digital is a not-for-profit organisation and we need to process the data of individuals to offer our products and/or services. Bearing that in mind, our privacy policy applies to any and all individuals registered with us as a user, customer, administrator or in any other capacity.

What information this policy applies to

There is a lawful basis for processing your data, and this section of our privacy policy outlines how this applies to the personal information you provide us with or allow us to collect. The information this policy applies to includes information that you: • Provide as part of any registration process • Provide as part of any campaign creation activity • Provide in the form of numerical data, metadata or communications • Give us as part of our ongoing relationship This policy also applies to information that we: • Collect relating to how you interact with our website • Must process to complete purchases and other transactions

Consent

Please note that when you submit personal data on our website or via email, you are giving Digging Into Digital your explicit consent that we can use that data in line with our privacy policy.

Opting out

After giving Digging Into Digital your consent, you are free to amend your consent or withdraw your consent at any time. You have the right to object to the processing of your data. To opt out, change your preferences or revoke your consent, simply contact us by emailing hello@digginginto.digital

Data processing and storage

Digging Into Digital collects and stores data in the UK. We will store your data for a period of 6 years after your last recorded login attempt unless otherwise noted and explicitly stated.

Digging Into Digital stores data relating to transactions, payments and orders for a period of up to seven years. This period may be extended under certain circumstances as part of our ongoing commitment to comply with UK and international law.
We use carefully selected and recognised third-parties to help us take payments, provide commerce services and manage company accounts. Some of these third-parties may operate outside the European Union.
Digging Into Digital may process your data based on more than one legal ground. Circumstances under which we may be required to process your data under more than one legal ground may include:

Reason: Customer registration
Data type: identity and contact information
Legal basis: To carry out a contract we’ve made with you

Reason: Processing and/or delivering your order
Data type: Identity, contact information, financial information, financial and transactional data
Legal basis: To carry out a contract we’ve made with you and to exercise our legitimate interests to recover debts owed

Reason: To manage our customer relationship with you
Data type: Identity, contact information, marketing and communications preferences
Legal basis: To carry out a contract we’ve made with you, to comply with legal obligations and to exercise our legitimate interests to keep our records updated.

Digging Into Digital only uses personal data for the reasons in which we have collected. We will only ever use your personal data for another reason if we reasonably consider another purpose in which to use that data which is compatible with the original reason in which the data was collected. If we are required to make such a decision, we will always notify you. We may also at times be required by law to process your personal data without your knowledge.

To find out more about the reasoning behind any decision Digging Into Digital has made to process your data for a new purpose, get in touch.

Sensitive data

Digging Into Digital does not collect any sensitive data about you. Sensitive data refers to (but is not limited to) information about your race or ethnic background, religious or political affiliations, trade union affiliations, sexual orientation, criminal background or health background.

Marketing and communications

Digging Into Digital may send you marketing communications if you have given us your contact details and opted-in to marketing communications. You may receive marketing communications from Digging Into Digital if you have: • Requested information from us • Purchased goods or services from us • Provided us with explicit consent for us to send you marketing communications • Not opted out of receiving marketing communications Please note that if you opt out of receiving marketing communications from Digging Into Digital, your personal data may still be retained as it relates to the provision or purchase of a product and/or service, warranty registration or other transactions. You can opt out of these marketing communications and manage your preferences at any time by using the relevant links provided in any marketing communication, or by emailing hello@digginginto.digital

Our company obligations

As a data controller, Digging Into Digital is legally responsible for the data you provide us with. In honouring that responsibility, we pledge to uphold our commitments under GDPR and the Data Protection Act 2018. We will only ever use your data: • In ways that are both fair and legal • As described within this policy • In ways that are necessary for the purposes described In addition, Digging Into Digital processes the personal data you submit to us or we collect as a data processor. As part of this role, Digging Into Digital takes all necessary precautions to secure the personal data we collect, process and store. We may occasionally use the data you provide us with for marketing, relationship management or account management activities. These activities are designed to ensure you have adequate information about other products and/or services we offer, that we have reason to believe you may be interested in. You have the right to opt out of these activities at any time.

Third Parties

Digging Into Digital may be required to share your personal data with carefully selected third parties for the identified processing purposes. These third parties may include: A. IT or system administration services providers B. Marketing and communications service providers All third parties to which we transfer data are required to respect your personal data, keep it secure and process it only for the specified purposes for which it has been collected. Third parties will only ever receive or process your data with our explicit permission. Data transfer may take place outside of the EU for the purpose of storage with third-party service providers. In which case, Digging Into Digital has undergone due diligence to select such service providers that give information to show GDPR compliance.

Our security

Digging Into Digital has implemented a series of security measures to make sure that your personal data is protected from accidental loss, unauthorised access, alteration or disclosure. Digging Into Digital limits access to your data only to those employees, agents, contractors or other third parties with a legitimate reason to access that information. Those individuals or organisations will only ever process or access your personal data upon our explicit instructions. They are subject to a duty of confidentiality. As part of our ongoing commitment to GDPR, Digging Into Digital will report any security breaches or attempted breaches to the relevant authorities within 24 hours. We will subsequently contact all those affected by the breach within 72 hours of its occurrence.

Legitimate interests

As part of the Data Protection Act 2018, Digging Into Digital observes the right to share selected information with third parties that use data for non-marketing purposes. This could include (but is not limited to) organisations that provide credit assessments, identification services and fraud prevention activities.

Contact us

Digging Into Digital is committed to upholding your rights. If you have any questions, comments or concerns about this privacy policy or wish to exercise your rights in relation to your personal data, please contact Vernette John-Joiles at hello@digginginto.digital We will process any request within 30 days. Subject access requests are normally performed free of charge, but we may need to charge individuals for excessive or unreasonable data requests.

Complaints

If you are not happy with how your personal data has been processed, you should contact Vernette John-Joiles in the first instance by using the contact details listed above. If Vernette John-Joiles is unable to satisfy your concerns, you have the right to apply to the Information Commissioner’s Office for a resolution. You can contact the Information Commissioner’s Office at the following address: Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF www.ico.org.uk