About Us
This site is owned operated by Doctor-IT Limited.
What PERSONAL DATA we collect and why we collect it
PERSONAL DATA
This site is designed to facilitate business to business and business to consumer interactions. Information held about businesses will not usually be PERSONAL DATA within the meaning of the applicable data protection regulations, however we will apply the same rigorous standard of care to Business Data as we do to PERSONAL DATA.
Mailing Lists
We invite users to sign-up to mailing lists to learn more about Support My Local and its vendors. We are the data controller for data in Support My Local specific mailing lists. We are joint and several data controllers with the vendor for email addresses in vendor specific mailing lists. Vendors may also transfer to us data for which they are the data controller and in this case in mailing you we are acting for them under a data processing agreement. In all cases we will apply the same rigourous standard of care to your data.
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you may wish to avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Contact forms
Information that you enter into forms will be used to generate emails and may be stored on this server.
Site Cookies
This site uses cookies to authenticate users, give them permissions and to store session data.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Google Analytics Cookies
This site uses Google Analytics to provide statistical information on how users interact with the site. We cannot track individuals’ interactions.
Facebook Pixel
This site use Facebook Analytics to provide statistical information on how users interact with the site. We cannot track individuals’ interactions.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.
Who we share your data with
Other data controllers
When you purchase from a vendor on this site we share your information with them. They are data controllers in their own right. For example, if you buy from Meat Jon we will pass your information to them and they are responsible for using it appropriately.
3rd party data processors
We only share your data with 3rd parties where it is necessary for the provision of a service and the 3rd party has contract with us that protects your privacy. For example, we share your data with Stripe which is the credit card processing company that we use.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Traffic to and from our servers and systems may travel outside the EU.
Additional information
How we protect your data
This site is built using WordPress and managed using best security practices. Security procedures include without limitation, using a reputable hosting company, promptly applying security patches to WordPress and plugins, minimising the number of administrative accounts, using strong administrative passwords and preventing brute force attacks.
What data breach procedures we have in place
We have conducted a data privacy risk assessment and have written breach procedures.
What third parties we receive data from
We collect reviews from members of the public. Where relevant we may incorporate data from 3rd parties including without limitation the Financial Conduct Authority of the United Kingdom.
What automated decision making and/or profiling we do with user data
When a user queries our database of suppliers the order in which suppliers are returned is affected by several factors including the average review score.
Industry regulatory disclosure requirements
We will disclose information to compliance authorities in the United Kingdom. We may at our absolute discretion disclose information to compliance authorities from other jurisdictions.
Notification of Amendments to this Policy
We will amend this policy from time-to-time and when we do so we may use information that we store about you to inform you of the change.