• Website terms & conditions of use

    Welcome to our website, in using it you are deemed to have read and agreed to the following terms and conditions.

    The following terminology applies to these Terms and Conditions, Privacy Statement and any disclaimer Notice and any or all Agreements: “Client”, “You” and “Your” refers to you, the person accessing this website and accepting the Company’s terms and conditions. “The Company”, “Ourselves”, “We” and “Us”, refers to our Company, Resolution Design Ltd with registered offices at 17 Market Place, Devizes, SN10 1HT, Co reg: 6510726. “Party”, “Parties”, or “Us”, refers to both the Client and ourselves, or either the Client or ourselves. All terms refer to the offer, acceptance and consideration of payment necessary to undertake the process of our assistance to the Client in the most appropriate manner, whether by formal meetings of a fixed duration, or any other means, for the express purpose of meeting the Client’s needs in respect of provision of the Company’s stated services/products, in accordance with and subject to, prevailing English Law. Any use of the above terminology or other words in the singular, plural, capitalisation and/or he/she or they, are taken as interchangeable and therefore as referring to same.

    Privacy

    We are committed to protecting your privacy. Authorised employees within the company on a need to know basis only use any information collected from individual Clients. We constantly review our systems and data to ensure the best possible service to our Clients. There are specific offences for unauthorised actions against computer systems and data. We will investigate any such actions with a view to prosecuting and/or taking civil proceedings to recover damages against those responsible. For more details

    Any information concerning the Client and their respective Client Records may be passed to third parties. However, Client records are regarded as confidential and therefore will not be divulged to any third party, other than our employees and if legally required to do so to the appropriate authorities. Clients have the right to request sight of, and copies of any and all Client Records we keep, on the proviso that we are given reasonable notice of such a request. Clients are requested to retain copies of any literature issued in relation to the provision of our services. Where appropriate, we shall issue Clients with appropriate written information, handouts or copies of records as part of an agreed contract, for the benefit of both parties.

    We will not sell, share, or rent your personal information to any third party or use your e-mail address for unsolicited mail.

    For more specific details about our use of your data please see our Privacy Notice.

    Disclaimer
    Exclusions and Limitations

    The information on this web site is provided on an “as is” basis. To the fullest extent permitted by law, this Company:

    > excludes all representations and warranties relating to this website and its contents or which is or may be provided by any affiliates or any other third party, including in relation to any inaccuracies or omissions in this website and/or the Company’s literature; and

    > excludes all liability for damages arising out of or in connection with your use of this website. This includes, without limitation, direct loss, loss of business or profits (whether or not the loss of such profits was foreseeable, arose in the normal course of things or you have advised this Company of the possibility of such potential loss), damage caused to your computer, computer software, systems and programs and the data thereon or any other direct or indirect, consequential and incidental damages.

    This Company does not, however, exclude liability for death or personal injury caused by its negligence. The above exclusions and limitations apply only to the extent permitted by law. None of your statutory rights as a consumer are affected.

    Availability

    You are solely responsible for evaluating the fitness for a particular purpose of any downloads, programs and text available through this site. Redistribution or republication of any part of this site or its content is prohibited, including such by framing or other similar or any other means, without the express written consent of the Company. The Company does not warrant that the service from this site will be uninterrupted, timely or error free, although it is provided to the best ability. By using this service you thereby indemnify this Company, its employees, agents and affiliates against any loss or damage, in whatever manner, howsoever caused.

    Log Files

    Via Google Analytics we use IP addresses to analyse trends, administer the site, track user’s movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information. Additionally, for systems administration, detecting usage patterns and troubleshooting purposes, our web servers automatically log standard access information including browser type, access times/open mail, URL requested, and referral URL. This information is not shared with third parties and is used only within this Company on a need-to-know basis. Any individually identifiable information related to this data will never be used in any way different to that stated above without your explicit permission.

    Links to this website

    You may not create a link to any page of this website without our prior written consent. If you do create a link to a page of this website you do so at your own risk and the exclusions and limitations set out above will apply to your use of this website by linking to it.

    Links from this website

    We do not monitor or review the content of other party’s websites which are linked to from this website. Opinions expressed or material appearing on such websites are not necessarily shared or endorsed by us and should not be regarded as the publisher of such opinions or material. Please be aware that we are not responsible for the privacy practices, or content, of these sites. We encourage our users to be aware when they leave our site & to read the privacy statements of these sites. You should evaluate the security and trustworthiness of any other site connected to this site or accessed through this site yourself, before disclosing any personal information to them. This Company will not accept any responsibility for any loss or damage in whatever manner, howsoever caused, resulting from your disclosure to third parties of personal information.

    Copyright and Trademark

    Copyright and other relevant intellectual property rights exist on all text relating to the Company’s services and the full content of this website.

    Communication

    This company is registered in England and Wales, Number 6510726, registered office 17 Market Place, Devizes, SN10 1BA.

    Force Majeure

    Neither party shall be liable to the other for any failure to perform any obligation under any Agreement which is due to an event beyond the control of such party including but not limited to any Act of God, terrorism, war, Political insurgence, insurrection, riot, civil unrest, act of civil or military authority, uprising, earthquake, flood or any other natural or man-made eventuality outside of our control, which causes the termination of an agreement or contract entered into, nor which could have been reasonably foreseen. Any Party affected by such event shall forthwith inform the other Party of the same and shall use all reasonable endeavours to comply with the terms and conditions of any Agreement contained herein.

    Waiver

    Failure of either Party to insist upon strict performance of any provision of this or any Agreement or the failure of either Party to exercise any right or remedy to which it, he or they are entitled hereunder shall not constitute a waiver thereof and shall not cause a diminution of the obligations under this or any Agreement. No waiver of any of the provisions of this or any Agreement shall be effective unless it is expressly stated to be such and signed by both Parties.

    General

    The laws of England and Wales govern these terms and conditions. By accessing this website [and using our services/buying our products] you consent to these terms and conditions and to the exclusive jurisdiction of the English courts in all disputes arising out of such access. If any of these terms are deemed invalid or unenforceable for any reason (including, but not limited to the exclusions and limitations set out above), then the invalid or unenforceable provision will be severed from these terms and the remaining terms will continue to apply. Failure of the Company to enforce any of the provisions set out in these Terms and Conditions and any Agreement, or failure to exercise any option to terminate, shall not be construed as waiver of such provisions and shall not affect the validity of these Terms and Conditions or of any Agreement or any part thereof, or the right thereafter to enforce each and every provision. These Terms and Conditions shall not be amended, modified, varied or supplemented except in writing and signed by duly authorised representatives of the Company.

    Notification of Changes

    The Company reserves the right to change these conditions from time to time as it sees fit and your continued use of the site will signify your acceptance of any adjustment to these terms.

  • Privacy notice

    Your privacy is important to us. This Privacy Notice explains what personal data we collect from you, through our interactions with you and through our services, together with how we use and store that data and the processes we have in place to keep your data secure.

    What personal data do we collect?

    When you interact with us, for example by making an enquiry, submitting a support ticket or registering to receive our e-news, we collect the personal data you submit, such as your name, address and email address.

    We also have Google Analytics integrated into our website which uses cookies to collect anonymised data about how you arrived at our website and how you use it, as well as your computer’s IP address if available. (You can disable cookies on this site and on others. The most effective way to do this is via the preferences in your web browser).

    We may also collect information from you for the administration and delivery of our business services.

    How do we use your personal data?

    Personal information you submit through our contact forms will only be used to answer your specific enquiry, administer your account and to provide the products or services you have requested from us.

    If you register for our email newsletters or have agreed to receive marketing information from us in another way which complies with GDPR consent rules, you will receive occasional emails to let you know about hints, tips, news and offers. You will have the ability to unsubscribe from these emails at any time using the opt-out link at the bottom of the emails.

    If you register to use our support centre we use your information to keep you up to date with our progress in resolving your issue.

    We use the information collected via Google Analytics to help us understand the effectiveness of our website in our marketing and to inform decisions about how we improve it.

    Other information we collect is used to enable the delivery of our business services, which includes the use of third-party partners.

    We may also send out information by email if it complies with legitimate interest rules. Whereby we send information to clients who have not opted in to receive email marketing, but who need to be kept up to date with important news about the products and services they have with us.

    What third-party partners do we use?

    We use a number of third-party partners, who are all committed to GDPR compliance.

    For our Hosting Services we use 3 hosting partners, listed below, whose servers are all UK based

    > Professional WordPress Hosting
    > Cloud Hosting & Managed VPS Servers
    > Shared Hosting & POP/IMAP email accounts
    > To deliver Resolution Email Marketing we use a leading US-based email marketing provider as an Agency Partner. They comply with the US-EU agreement, Privacy Shield.

    For our Business Hosted Exchange Emails, we use a UK based cloud services partner.

    For our Support Centre ticketing system we use a US-based partner.

    How do we store your information?

    For our business purposes, we have our own cloud-based Resolution CRM system, the client personal data we store on this system is hosted by our UK based Cloud Hosting partner.

    Data for our various other services are hosted by our 3rd party partners.

    What processes do we have to keep your data secure?

    We have access to client personal data via Resolution CRM and, as a professional reseller of our services, we have access to manage our clients’ accounts via our third-party partners control panels. We take the security and privacy of our clients’ data very seriously and can confirm that our internal processes are GDPR compliant, including:

    > never sharing any personal data with any other third parties (other than the minimum data required to deliver our services via our partners)

    > ensuring all admin and partner control panel passwords are strong and limiting access to only those personnel who need it, using a secure password management system

    > never accessing or interacting with any client personal data accessible via partner control panels unless we have prior consent, or access is required to deliver agreed work.

    We also ensure that all personal data that is transferred between our computer browsers and any of our partners’ web servers use SSL, which is the standard security technology for establishing an encrypted link.

    Your rights

    Under GDPR you have rights relating to any personal data that is being stored by us, these are:

    The right of access;
    The right to rectification;
    The right to erasure (also known as the ‘right to be forgotten’);
    The right to restrict processing;
    The right to data portability;
    The right to object;

    Rights with respect to automated decision-making and profiling.

    If you’d like to know more about these rights please see our Data Protection Policy. If you’d like to exercise any of your rights please contact Matt Groom.

    Updating of this notice

    Our Privacy Notice may be updated from time to time.

  • Email marketing terms of use

    We, Resolution Design Ltd, give access, as an Authorised Agency Partner, to a web-based service that enables organisations to upload, store and manage customer and member lists, create and send email campaigns to those lists, and track and archive the results of those campaigns (“Email Marketing Service”). The Email Marketing Service is provided to you, the “Customer”, by a third-party US Company that owns and operates the Email Marketing Service. Your use of the Email Marketing Services shall be pursuant to the terms and conditions set forth in these terms of use (the “Agreement”). For the purposes of this Agreement, we will refer to ourselves as “Resolution Design”, the third-party provider as the “Email marketing service provider” and to you as the “Customer.” Any use of the pronoun “you” in this Agreement refers to you as Customer, and any uses of the pronouns “we” or “us” refer to, well, us.

    By opening an Email Marketing account, and using the Email Marketing Service, you agree to abide by the terms set forth in this Agreement. You covenant that (a) you are at least eighteen years of age, (b) you are able to sign legally binding contracts on behalf of your cmpany, and (c) you are representing yourself and your company honestly to your email recipients and to us. You also agree to maintain current information about yourself and your company and to update that information as it changes.

    You, us and ownership

    Your use of the Email Marketing Service confers no title or ownership to the Email Marketing Service. With permission of the Email Marketing Service Provider we are granting you temporary, non-exclusive access to Email Marketing Service that will endure as long as (a) the Agreement is not terminated in accordance with the terms of this Agreement, (b) you continue to provide payment for the Email Marketing Service in a timely manner, and (c) you continue to abide by the terms of this Agreement. Further, You shall not transfer your right to use the Email Marketing Service to another party or person, any such transfer or attempted transfer will result in immediate termination of the Agreement.

    The Email Marketing Service provider owns all logos, graphics, software, algorithms, functionality, content (other than content owned by ourselves, you or any third party), pages, features and processes that comprise the Email Marketing Service. You agree not to copy, modify, re-package, reverse-engineer, disassemble, modify or otherwise use the Email Marketing Service or its components in ways not explicitly allowed by this Agreement, without prior written consent from us. You also agree not to remove any proprietary notices or labels from the Email Marketing Service.

    Following the rules of permission marketing

    The Email Marketing Service is a permission marketing and communication service, designed to facilitate email communication and interaction between your organisation and people who have expressed interest in receiving email correspondence from you. Your use of the Email Marketing Service carries a necessarily high standard of ethics and strict set of rules in order for both you and the Email Marketing Service provider to be compliant with UK, European and International laws – as well as all pertinent guidelines and industry best practices – pertaining to use of email as a marketing and communication tool.

    With that in mind, you agree to send emails using the Email Marketing Service only to those recipients who have a clear relationship with you and/or your organisation or who have expressly indicated their desire to receive emails from you.

    To receive emails from you, a recipient must meet the consent criteria set out in the EU General Data Protection Regulations (GDPR) including one of the following criteria:

    > He or she has opted in to receive your emails, using a form that clearly indicates that by submitting his or her email address he or she will receive emails from you;
    > He or she has a clear relationship with you, as (a) a member who pays dues to belong to your organisation, (b) a subscriber who pays a subscription fee to gain access to your organisation’s services, or (c) a customer who has purchased a good or service from you within the past eighteen months, in the course of which you have obtained that customer’s email address.

    If any recipient, regardless of his or her prior opt-in status or relationship to you, has indicated a desire not to receive emails from you – either during or prior to your use of Email Marketing Service – you may not use the Email Marketing Service to email that recipient.

    Evidence of permission

    By using the Email Marketing Service to send emails to a recipient, you are representing to us that you have obtained direct permission to email that recipient. You must be able to provide evidence as to the origin of any email address with respect to how it was acquired and how permission was obtained. You agree to fulfill any requests for permission evidence by us to the best of your ability and in a timely manner, and you understand that any addresses for which you are unable to provide adequate information in a timely manner will be disallowed, along with the rest of the list(s) in which that address resides, should we deem it necessary and appropriate to disallow the entire list.

    No rented/purchased or harvested addresses allowed

    You may not use the Email Marketing Service in conjunction with email lists or addresses that have been purchased, rented or otherwise obtained from a third party, or which have been collected using a script or other harvesting method, or which have been obtained without the email address owner’s knowledge. Sending emails to any address or list obtained using one or more of these methods will result in the termination of your Email Marketing account, immediately and without notice. We may also restrict access to your account, immediately and without notice, should we have reason to suspect that email addresses being added or imported into your Email Marketing account fail to meet the permission criteria set forth in this Agreement.

    Should any mailing sent through your Email Marketing account receive an unreasonable number of complaints from Internet Service Providers or email watchdog groups (with the Email Marketing Service provider having the right to determine what qualifies as unreasonable), we reserve the right to suspend or terminate your account immediately. Furthermore, you will be responsible for paying all charges for use of the Service and any fines incurred by either us, or the Email Marketing Service provider as a direct result of one of your mailings, in cases where clear and direct evidence is presented to us or the Email Marketing Service provider by the fining organisation.

    Clearly identifying the origin of your email, and its content

    You also agree to ensure that email messages sent through your Email Marketing account are truthful and accurately identify the source of the message. In all emails, you agree to use subject lines that are in no way false or misleading as to the identity of the sending organisation or the nature of the content contained in the email. You also agree to include your organisation’s physical address in all campaigns.

    Using the opt-out process

    Allowing recipients of your emails to choose to stop receiving those emails is required by law. In order to ensure strict compliance, we require that you use the opt-out link and process provided with your email account and templates. You will in no way attempt to circumvent the opt-out process. Furthermore, you understand that some recipients may choose to ask you to opt them out instead of using the opt-out link provided. In such cases, you agree to unsubscribe any such recipient manually, by changing the member’s mailing status to “opt-out” using the tools provided inside your Email Marketing account, and to make sure any such subscriber has been opted out prior to your next mailing being sent, and within the amount of time as required by law.

    Responsibility for account use and content

    You are responsible for everything that happens in your Email Marketing account, including the email addresses that are added, imported and stored, as well as the content published, distributed or linked to from your email campaigns. You agree to take full responsibility for any and all content distributed through your Email Marketing account, and to abide by all pertinent copyright laws. Should we find reason to believe you have violated any laws in the course of your use of the Email Marketing Service, or plan to violate any law using the Email Marketing Service, we may suspend or cancel your account immediately and without warning.

    Protecting your data and your privacy

    We and the Email Marketing Service Provider agree to hold your account information, lists and data in strict confidence, and never to rent or sell your email addresses to any third party. The Email Marketing Service’s software is intended for use with directory information and not for use with any personally identifiable details beyond an email address. All data stored and collected is shared only with trusted 3rd party service providers who, like the Email Marketing Service providers, are listed on the U.S. Department of Commerce’s Privacy Shield List, and then only for the purpose of providing service or support to you as a customer (e.g. cloud infrastructure, CRM, secure billing). It is not shared, rented or sold to any 3rd party for their own use. The only other time we, or the Email Marketing Service provider will ever share ANY information related to your Email Marketing account with an outside organisation is if (a) the outside organisation is an agency empowered to require them to divulge your personal or account information pursuant to lawfully issued court order or other lawful process/requirement, (b) examples of your templates, campaigns or case studies are being highlighted and your permission has been obtained prior to the divulging of such information, or (c) reporting on the overall customer base and activity, in which case only general, aggregate (non-personally identifiable) information will be divulged.

    In creating your Email Marketing account, you will create a username and a password that controls access to your account and all of the data stored within that account. The Email Marketing Service stores an encrypted version of your password for added security, but you understand and acknowledge that you are ultimately responsible for maintaining control of that username and password and ensuring its proper use by authorised personnel only.

    Adhering to the EU-US and Swiss-US Privacy Shield Frameworks

    The Email Marketing Service provider adheres to the EU-US and Swiss-US Privacy Shield Frameworks, designed by the U.S. Department of Commerce, and the European Commission and Swiss Administration, respectively, to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce. The Email Marketing Service provider is listed in the United States Department of Commerce’s Privacy Shield directory of self-certifying companies and commits to the Privacy Shield principles. Please contact us if you’d like further information.

    Things you may not do

    The following list outlines many things, in addition to those already mentioned in this Agreement, which you may not do while using the Email Marketing Service. Doing any one of these things may result in the suspension or termination of your Email Marketing account, immediately and without warning.

    By using the Email Marketing Service Service, you explicitly agree not to:

    > use the Email Marketing Service to break any UK, European or other International laws or regulations, including but not limited to those related to spamming, e-commerce, obscenity, defamation or privacy;
    > use the Email Marketing Service to encourage or facilitate any illegal activities;
    > use the Email Marketing Service to harass, threaten or embarrass any person or organisation;
    > use the Email Marketing Service to promote MLM (multi-level marketing) or Ponzi schemes;
    > use the Email Marketing Service to distribute illegal, pornographic or potentially harmful or offensive information, photos, software or materials, or include links to Web pages containing any such items (We reserve the right to use our own judgment in determining what is offensive); or
    > use the Email Marketing Service in conjunction with email addresses or lists that have been obtained in any way other than those outlined as permissible in this Agreement.

    Your data and its storage
    Your Email Marketing account includes certain data storage – for lists, email campaigns and content, and response tracking information. We may choose to set limits on how much information may be stored, and may change those limits at any time. Should we impose any such limits, we will provide you with reasonable advance notice of such limits, and, when possible, offer you the option to either obtain more storage at an additional cost or maintain a lower level of storage without incurring additional costs.

    We not responsible for the loss of any data in the event that you fail to request either more storage space or a transfer of existing data to another location and data is lost due to a change in limits or by your exceeding the existing limits.

    Email Marketing Service’s API

    Email Marketing Service provides API Calls (“Calls”) to facilitate certain account activities without relying on the Email Marketing Service application interface. These Calls are governed by the same policies set forth herein. The Customer shall not use the API to circumvent Email Marketing Service’s efforts to facilitate permission-based, commercial bulk email in the application. It is our sole discretion to determine the permissible use of the API and Calls. Any improper use of the API, as solely determined by us, will be grounds for immediate termination of Customer’s account.

    Payment for services

    Like most commercial subscription services, we ask that you, the Customer, pay us for your use of the Email Marketing Service in a timely manner. Monthly activity, design fees, services and images are invoiced monthly and due not more than 30 days from the invoice date. All fees and prices are in UK pounds. We reserve the right to suspend your account in the event you fail to pay the appropriate account fees on time until such time as proper payment is received. In the event that your account is frozen for improper usage or non-payment, we may continue to charge Customer for the usage of the account, such usage includes storage of information, monthly activities and automatic updates that occur inside the account.

    Right to inspect

    For the purposes of providing you service and support, and to ensure that the terms of this Agreement are being followed, we reserve the right to inspect and monitor your account and data at any time, without notice, and to limit access to your account at any time should we have reason to believe that you have already, or may at some point in the future, violate any terms set forth in this Agreement.

    Cancellation or Termination

    Cancellation requests should be in writing, via email to contact@resolutiondesign.co.uk or by phone at 01380 728 898. Inactivity does not constitute cancellation, and unless cancelled pursuant to this clause, the Customer will continue to be charged for the subscription to the Services. Any request by the Customer to cancel will take effect at the end of the month in which such request was made, and you will be responsible for payment for any services rendered up through to the cancellation date. We will not prorate charges to the date of cancellation and the Customer will not receive a credit for any unused Services. If you have paid in advance for a certain period of time for the Email Marketing Service or any portion thereof and cancel prior to the completion of that period, that payment is non-refundable.

    We may terminate this Agreement at any time by notifying the Customer by email. Should we be forced to terminate your account or you cancel your account, we will work with you to help retrieve email addresses and other appropriate data from your account within 30 days of termination of your account. After such 30 days, Resolution Design makes no guarantees regarding the availability of your data, and Resolution Design shall not be liable for the availability of your data for more than thirty days following the date of termination by either party.

    Disputing Charges

    Any dispute to a charge on your invoice must be made within 60 days of the date of the invoice that initially contained the disputed charge. Disputes can only be made in writing, via email to contact@resolutiondesign.co.uk or by phone at 01380 728898.

    Modifications to this Agreement

    We may, from time to time, edit, append or otherwise modify the terms of this Agreement. Any changes will require notice from Resolution Design to Customer. Your continued use of the Email Marketing Service after such changes indicates your acceptance of those changes and agreement to abide by them.

    WARRANTIES AND DISCLAIMERS

    THE EMAIL MARKETING SERVICE AND ITS RELATED SERVICES ARE PROVIDED “AS IS,” AND WE EXPRESSLY DISCLAIM ALL WARRANTIES OR CONDITIONS OF ANY KIND (EXPRESS, IMPLIED OR STATUTORY), INCLUDING WITHOUT LIMITATION THE IMPLIED WARRANTIES OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. WE WILL NOT BE LIABLE FOR ANY LOST PROFITS OR SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF OR IN CONNECTION WITH THE EMAIL MARKETING SERVICES OR THIS AGREEMENT.

    IN SHORT, WE CANNOT AND DO NOT GUARANTEE THAT THE EMAIL MARKETING SERVICE WILL WORK IN ANY PARTICULAR WAY, NOR CAN WE GUARANTEE THAT IT WILL PROVIDE YOU WITH ANY PARTICULAR RESULT, LIKE MAKING YOU MORE MONEY OR INCREASING YOUR CUSTOMER BASE. YOU AGREE NOT TO HOLD US LIABLE, FINANCIALLY OR OTHERWISE, SHOULD THE EMAIL MARKETING SERVICE FAIL TO PERFORM THESE THINGS THAT WE CANNOT GUARANTEE IN THE FIRST PLACE. IN NO EVENT SHALL WE BE LIABLE TO YOU FOR ANY AMOUNT GREATER THAN THE FEES YOU HAVE PAID TO US FOR YOUR USE OF THE EMAIL MARKETING SERVICE OVER THE PREVIOUS TWELVE (12) MONTHS.

    TO REITERATE: YOU, THE CUSTOMER, AGREE TO INDEMNIFY AND HOLD HARMLESS RESOLUTION DESIGN LTD, ITS OFFICERS, EMPLOYEES AND BUSINESS PARTNERS, FROM ANY CLAIMS ARISING FROM YOUR USE OF THE EMAIL MARKETING SERVICE OR ITS RELATED SERVICES.

    Headers

    The headers in this Agreement are provided as visual aids only and are not to be considered legally binding in any way.

    Miscellaneous

    This Agreement says everything there is to be said about the relationship between Resolution Design Ltd and you and your use of the Email Marketing Service and, therefore, it supersedes any other agreement about those topics, unless mutually agreed to in writing by both parties. You cannot, without prior our written consent, transfer any of your rights or responsibilities under this Agreement. We can transfer any of our rights and responsibilities under this Agreement, with prior notice to Customer.

  • Hosting terms of use

    All Website hosting services provided by Resolution Design Ltd to the client are subject to the following terms of use.

    Definitions:

    The Client: The company or individual requesting the services of Resolution Design Ltd.
    Resolution Design Ltd: Primary designer/developer & employees or affiliates.

    Website Content

    All services provided by Resolution Design Ltd may be used for lawful purposes only. Transmission, storage, or presentation of any information, data or material in violation of any United Kingdom, United States Federal, State or City, or any International laws is prohibited. This includes, but is not limited to: Copyrighted material, Material we judge to be threatening or obscene, Material protected by trade secret and other statute. The subscriber agrees to indemnify and hold harmless Resolution Design Ltd from any claims resulting from the use of the service, which damages the subscriber or any other party.

    Also prohibited are sites that promote any illegal activity or present content that may be damaging to our servers or any other server on the internet. Links to such materials are also prohibited. Examples of unacceptable content or links: pirated software, pornography, violations of copyrights, hacker programs or archives, Warez sites and hate propaganda. Resolution Design Ltd will be the sole arbiter as to what constitutes a violation of this provision.

    Data Transfer

    Web hosting accounts are prohibited from hosting file distribution websites (including but not limited to music, video and software), adult content orientated websites, hosting banners, graphics or CGI scripts for other websites, storing pages, files or data as a repository for other websites or personal computers, giving away web space under a domain, sub domain or directory.

    Web space Usage

    Web space is available for genuine web site content; content must be linked into web pages. Clients are prohibited from using the server as a file/backup repository. Clients are expected to employ good housekeeping when maintaining their account.

    Server Usage

    Should your account use more than 5% of the servers processing power and as a result have a detrimental effect on other Clients we will discuss with you alternative solutions for your hosting requirements.

    Acceptable Use Policy

    The website and use of the Services may be used for lawful purposes only and the Client may not submit, publish or display any content that breaches any law, statute or regulation. In particular, the Client agrees not to:

    > Use the Services or the website in any way to send unsolicited commercial email or “spam”, or any similar abuse of the Services.
    > Send email or any type of electronic message with the intention or result of affecting the performance of any computer facilities.
    > Publish, post, distribute or disseminate defamatory, obscene, indecent or other unlawful material or information, or any material or information which infringes any intellectual property rights (for the avoidance of doubt this includes licensed software distributed as Warez), via the Services or on the Website.
    > Threaten, abuse, disrupt or otherwise violate the rights (including rights of privacy and publicity) of others.
    > Engage in illegal or unlawful activities through the Services or via the Website. – Make available or upload files to the website or to the Services that the Client knows to contain a virus, worm, trojan or corrupt data.
    > Obtain or attempt to obtain access, through whatever means, to areas of Resolution Design Ltd network or the Services which are identified as restricted or confidential. This includes leaving your home directory whilst using SSH access to servers.
    > Operate or attempt to operate IRC bots or other permanent server processes.

    The Client has full responsibility for the content of the Website. For the avoidance of doubt, Resolution Design Ltd is not obliged to monitor and will have no liability for, the content of any communications transmitted by virtue of the Services. If the Client fails to comply with the Acceptable Use Policy outlined in Clause 6 Resolution Design Ltd shall be entitled to withdraw the Services and terminate the Client’s account without notice.

    Resources

    When a website is found to be exceeding the resources agreed Resolution Design Ltd reserves the right to suspend that site immediately. This policy is only implemented in extreme circumstances. Clients may be offered an option whereby Resolution Design Ltd continues hosting the website for an additional fee.

    Data Backup

    The Client is responsible for undertaking any data back up programs, database, web files or other digital material.

    Payment

    All accounts are set up on a prepay basis. Although Resolution Design Ltd reserves the right to change prices of accounts or services at any time all pricing is guaranteed for the period of prepayment. Payment is due each anniversary year following the date the account was established. Resolution Design Ltd reserves the right to suspend this and other services until any outstanding debt is cleared. Resolution Design Ltd will not be responsible for any data lost due to non-payment closure of an account. The Client is responsible for all money owed on the account from the time it was established to the time that the Client sends a written cancellation request. Reinstatement of an account is at Resolution Design Ltd’s discretion. Resolution Design Ltd reserves the right to charge a reinstatement fee of 50 (fifty) pounds per account.

    Cancellations and Refunds

    All fees charged on a prepay basis are non-refundable.

    Indemnification

    The Client agrees that it shall defend, indemnify, save and hold Resolution Design Ltd harmless from any and all demands, liabilities, losses, costs and claims, including reasonable attorney’s fees asserted against Resolution Design Ltd, its agents, its Clients, officers and employees, that may arise or result from any service provided or performed or agreed to be performed or any product sold by Client, its agents, employees or assigns. Client agrees to defend, indemnify and hold harmless Resolution Design Ltd against liabilities arising out of; (1) any injury to person or property caused by any products sold or otherwise distributed in connection with Resolution Design Ltd’ server; (2) any material supplied by Client infringing or allegedly infringing on the proprietary rights of a third party; (3) copyright infringement and (4) any defective products sold to Client from Resolution Design Ltd’s server.

    Disclaimer

    Resolution Design Ltd will not be responsible for any damages your business may suffer. Resolution Design Ltd makes no warranties of any kind, expressed or implied for services we provide. Resolution Design Ltd disclaims any warranty or merchantability or fitness for a particular purpose. The includes loss of data resulting from delays, nondeliveries, wrong delivery, and any and all service interruptions caused by Resolution Design Ltd and its employees. Resolution Design Ltd reserves the right to revise its policies at any time.

    Severability

    In the event any one or more of the provisions of this Agreement shall be held to be invalid, illegal or unenforceable, the remaining provisions of this Agreement shall be unimpaired and the Agreement shall not be void for this reason alone. Such invalid, illegal or unenforceable provision shall be replaced by a mutually acceptable valid, legal and enforceable provision, which comes closest to the intention of the parties underlying the invalid, illegal or unenforceable provision.

    This agreement shall be construed in accordance with the laws of England.

  • General terms & conditions of sale

    All Website hosting services provided by Resolution Design Ltd to the client are subject to the following terms of use.

    Definitions:

    The Client: The company or individual requesting the services of Resolution Design Ltd.
    Resolution Design Ltd: Primary designer/developer & employees or affiliates.

    Website Content

    All services provided by Resolution Design Ltd may be used for lawful purposes only. Transmission, storage, or presentation of any information, data or material in violation of any United Kingdom, United States Federal, State or City, or any International laws is prohibited. This includes, but is not limited to: Copyrighted material, Material we judge to be threatening or obscene, Material protected by trade secret and other statute. The subscriber agrees to indemnify and hold harmless Resolution Design Ltd from any claims resulting from the use of the service, which damages the subscriber or any other party.

    Also prohibited are sites that promote any illegal activity or present content that may be damaging to our servers or any other server on the internet. Links to such materials are also prohibited. Examples of unacceptable content or links: pirated software, pornography, violations of copyrights, hacker programs or archives, Warez sites and hate propaganda. Resolution Design Ltd will be the sole arbiter as to what constitutes a violation of this provision.

    Data Transfer

    Web hosting accounts are prohibited from hosting file distribution websites (including but not limited to music, video and software), adult content orientated websites, hosting banners, graphics or CGI scripts for other websites, storing pages, files or data as a repository for other websites or personal computers, giving away web space under a domain, sub domain or directory.

    Web space Usage

    Web space is available for genuine web site content; content must be linked into web pages. Clients are prohibited from using the server as a file/backup repository. Clients are expected to employ good housekeeping when maintaining their account.

    Server Usage

    Should your account use more than 5% of the servers processing power and as a result have a detrimental effect on other Clients we will discuss with you alternative solutions for your hosting requirements.

    Acceptable Use Policy

    The website and use of the Services may be used for lawful purposes only and the Client may not submit, publish or display any content that breaches any law, statute or regulation. In particular, the Client agrees not to:

    > Use the Services or the website in any way to send unsolicited commercial email or “spam”, or any similar abuse of the Services.
    > Send email or any type of electronic message with the intention or result of affecting the performance of any computer facilities.
    > Publish, post, distribute or disseminate defamatory, obscene, indecent or other unlawful material or information, or any material or information which infringes any intellectual property rights (for the avoidance of doubt this includes licensed software distributed as Warez), via the Services or on the Website.
    > Threaten, abuse, disrupt or otherwise violate the rights (including rights of privacy and publicity) of others.
    > Engage in illegal or unlawful activities through the Services or via the Website. – Make available or upload files to the website or to the Services that the Client knows to contain a virus, worm, trojan or corrupt data.
    > Obtain or attempt to obtain access, through whatever means, to areas of Resolution Design Ltd network or the Services which are identified as restricted or confidential. This includes leaving your home directory whilst using SSH access to servers.
    > Operate or attempt to operate IRC bots or other permanent server processes.

    The Client has full responsibility for the content of the Website. For the avoidance of doubt, Resolution Design Ltd is not obliged to monitor and will have no liability for, the content of any communications transmitted by virtue of the Services. If the Client fails to comply with the Acceptable Use Policy outlined in Clause 6 Resolution Design Ltd shall be entitled to withdraw the Services and terminate the Client’s account without notice.

    Resources

    When a website is found to be exceeding the resources agreed Resolution Design Ltd reserves the right to suspend that site immediately. This policy is only implemented in extreme circumstances. Clients may be offered an option whereby Resolution Design Ltd continues hosting the website for an additional fee.

    Data Backup

    The Client is responsible for undertaking any data back up programs, database, web files or other digital material.

    Payment

    All accounts are set up on a prepay basis. Although Resolution Design Ltd reserves the right to change prices of accounts or services at any time all pricing is guaranteed for the period of prepayment. Payment is due each anniversary year following the date the account was established. Resolution Design Ltd reserves the right to suspend this and other services until any outstanding debt is cleared. Resolution Design Ltd will not be responsible for any data lost due to non-payment closure of an account. The Client is responsible for all money owed on the account from the time it was established to the time that the Client sends a written cancellation request. Reinstatement of an account is at Resolution Design Ltd’s discretion. Resolution Design Ltd reserves the right to charge a reinstatement fee of 50 (fifty) pounds per account.

    Cancellations and Refunds

    All fees charged on a prepay basis are non-refundable.

    Indemnification

    The Client agrees that it shall defend, indemnify, save and hold Resolution Design Ltd harmless from any and all demands, liabilities, losses, costs and claims, including reasonable attorney’s fees asserted against Resolution Design Ltd, its agents, its Clients, officers and employees, that may arise or result from any service provided or performed or agreed to be performed or any product sold by Client, its agents, employees or assigns. Client agrees to defend, indemnify and hold harmless Resolution Design Ltd against liabilities arising out of; (1) any injury to person or property caused by any products sold or otherwise distributed in connection with Resolution Design Ltd’ server; (2) any material supplied by Client infringing or allegedly infringing on the proprietary rights of a third party; (3) copyright infringement and (4) any defective products sold to Client from Resolution Design Ltd’s server.

    Disclaimer

    Resolution Design Ltd will not be responsible for any damages your business may suffer. Resolution Design Ltd makes no warranties of any kind, expressed or implied for services we provide. Resolution Design Ltd disclaims any warranty or merchantability or fitness for a particular purpose. The includes loss of data resulting from delays, nondeliveries, wrong delivery, and any and all service interruptions caused by Resolution Design Ltd and its employees. Resolution Design Ltd reserves the right to revise its policies at any time.

    Severability

    In the event any one or more of the provisions of this Agreement shall be held to be invalid, illegal or unenforceable, the remaining provisions of this Agreement shall be unimpaired and the Agreement shall not be void for this reason alone. Such invalid, illegal or unenforceable provision shall be replaced by a mutually acceptable valid, legal and enforceable provision, which comes closest to the intention of the parties underlying the invalid, illegal or unenforceable provision.

    This agreement shall be construed in accordance with the laws of England.

  • Digital development terms & conditions

    All digital design & development services provided by Resolution Design Ltd to the client are subject to the following supplementary terms and conditions.

    The Client: The company or individual requesting the services of Resolution Design Ltd.Resolution Design Ltd: Primary designer/developer & employees or affiliates.

    Whilst every endeavour will be made to ensure that the website and any scripts or programs are free of errors, Resolution Design Ltd cannot accept responsibility for any losses incurred due to malfunction, the website or any part of it.

    The website, graphics and any programming code remain the property of Resolution Design Ltd until all outstanding accounts are paid in full.

    Any scripts, CGI applications, PHP scripts, databases or software (unless specifically agreed) written by Resolution Design Ltd remain the copyright of Resolution Design Ltd may be used in future Resolution Design Ltd projects as required and may only be commercially reproduced or resold with the permission of Resolution Design Ltd.

    Any additions to briefs provided will be carried out at the discretion of Resolution Design Ltd and where no charge is made by Resolution Design Ltd for such additions, Resolution Design Ltd accept no responsibility to ensure such additions are error free and reserve the right to charge an according amount for any correction to these or further additions.

    The client agrees to make available all materials required to complete the site to the agreed standard as soon as is reasonably possible and within the set deadlines.

    Resolution Design Ltd will not be liable for costs incurred, compensation or loss of earnings due to the failure to meet agreed deadlines.

    Resolution Design Ltd will not be liable or become involved in any disputes between the site owner and their clients and cannot be held responsible for any wrongdoing on the part of a site owner. eg. Any disputes re content/images that have been provided to us for inclusion on the site.

    Resolution Design Ltd will not be liable for any costs incurred, compensation or loss of earnings due to the work carried out on behalf of the client or any of the clients appointed agents.

    Resolution Design Ltd will not be liable for any costs incurred, compensation or loss of earnings due to the unavailability of the site, its servers, software or any material provided by its agents.

    Resolution Design Ltd does not guarantee that any scripts, CGI applications, PHP scripts, databases or software will be immune from hacking or malicious tampering. Resolution Design Ltd will not be liable for any costs incurred, compensation or loss of earnings caused as a result of hacking.

    Resolution Design Ltd cannot take responsibility for any losses incurred by the use of any software created for the client. Whilst every care has been taken to ensure products are problem free and accurate, the ultimate responsibility lies with the client in ensuring that all software is functioning correctly before use.

    Where applications or sites are developed on servers not recommended by Resolution Design Ltd, the client is expected to provide or seek any information, additional software, support or co-operation pertaining to the server required in order for the application to be correctly developed. Where large applications are to be developed, it is the client’s responsibility to provide a suitable testing environment which is identical to the final production environment.

    The client is expected to check and approve any application or programming relating to a site developed by Resolution Design Ltd before being made generally available for use. Where “bugs”, errors or other issues are found after the site is live, provided they are reported within 30 days of launch, Resolution Design Ltd will correct these issues to meet the standards of function outlined in the brief.

    Resolution Design Ltd will endeavour to ensure that any developed/designed site or application will function correctly on the server it is initially installed in. Resolution Design Ltd can offer no guarantees of correct function with all browser software.

    This agreement shall be construed in accordance with the laws of England.

  • Data protection policy

    Section A: Overview

    The reason for this policy

    You have legal rights with regard to the way your personal data is handled. In the course of our business activities we collect, store and process personal data about our customers, suppliers and other third parties, and therefore in order to comply with the law and to maintain confidence in our business, we acknowledge the importance of correct and lawful treatment of this data. All people working in or with our business are obliged to comply with this policy when processing personal data.

    Introduction

    This policy and any other documents referred to in it sets out the basis on which we will process any personal data we collect from data subjects, for example, customers and business contacts, or that is provided to us by data subjects or other sources. It also sets out our obligations in relation to data protection under the General Data Protection Regulation (“the Regulation”). This policy sets out rules on data protection and the legal conditions that must be satisfied when we obtain, handle, process, transfer and store personal data. The procedures and principles set out herein must be followed at all times by us and our employees, agents, contractors, or other parties working on behalf of the Company. We aim to ensure the correct, lawful, and fair handling of your personal data and to respect your legal rights.

    The meaning of key Data Protection terms

    Data is information which is stored electronically, on a computer, or in certain paper-based filing systems. Data subjects for the purpose of this policy include all living individuals about whom we hold personal data. A data subject need not be a UK national or resident. All data subjects have legal rights in relation to their personal information. Personal data means data relating to a living individual who can be identified from that data (or from that data and other information in our possession). Personal data can be factual (for example, a name, address or date of birth) or it can be an opinion about that person, their actions and behaviour.

    Data controllers are the people who, or organisations which, determine the purposes and the manner in which any personal data is processed. They are responsible for establishing practices and policies in line with the Act. We are the data controller of all personal data used in our business for our own commercial purposes.

    Processing is any activity that involves use of the data. It includes obtaining, recording or holding the data, or carrying out any operation or set of operations on the data including organising, amending, retrieving, using, disclosing, erasing or destroying it. Processing also includes transferring personal data to third parties.

    Summary of the Data Protection Principles

    This Policy aims to ensure compliance with the Regulation. The Regulation sets out the following principles with which any party handling personal data must comply. All personal data must be:

    (Processed fairly and lawfully) processed lawfully, fairly, and in a transparent manner in relation to the data subject;
    (Processed for limited purposes and in an appropriate way) collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
    (Adequate, relevant and not excessive for the purpose) adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed;
    (Accurate) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that is inaccurate, having regard to the purposes for which they are processed, is erased or rectified without delay;
    (Not kept longer than necessary for the purpose) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the Regulation in order to safeguard the rights and freedoms of the data subject;
    (Processing in line with data subject’s rights) personal data must be processed in line with data subjects’ rights, in particular your right to:
    request access to any data held about them by a Data Controller.
    prevent the processing of their data for direct-marketing purposes.
    ask to have inaccurate data amended.
    prevent processing that is likely to cause damage or distress to themselves or anyone else.
    (Security) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
    (Transfers outside EEA) not transferred to people or organisations situated in countries without adequate protection.

    Our use of personal data and our purpose

    We collect, hold, and process the personal data referred to in Schedule 1 (and the purpose for which we process that personal data is also set out in Schedule 1).

    Our data protection measures

    When we are working with personal data we take the measures set out in Schedule 2.

    Section B: Data Protection Principles

    Lawful, Fair, and Transparent Data Processing

    The Regulation is not intended to prevent the processing of personal data, but to ensure that it is done fairly and without adversely affecting the rights of the data subject. The processing of personal data is lawful if one (or more) of the following applies:

    (consent) the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
    (contract) processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract;
    (legal obligation) processing is necessary for compliance with a legal obligation to which the Data Controller is subject
    (protection) processing is necessary to protect the vital interests of the data subject or of another natural person;
    (public interest) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller;
    (legitimate interests) processing is necessary for the purposes of the legitimate interests pursued by the Data Controller or by a third party, except where such interests are overridden by the fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

    Processed for Specified, Explicit and Legitimate Purposes

    The Company collects and processes the personal data set out in Schedule 1 of this Policy. This may include personal data received directly from data subjects (for example, contact details used when a data subject communicates with us) and can include data received from third parties.
    The Company only processes personal data for the specific purposes set out in Schedule 1 of this Policy (or for other purposes expressly permitted by the Regulation). The purposes for which we process personal data will be informed to data subjects at the time that their personal data is collected, where it is collected directly from them, or as soon as possible (not more than one calendar month) after collection where it is obtained from a third party.

    Adequate, Relevant and Limited Data Processing

    The Company will only collect and process personal data for and to the extent necessary for the specific purpose(s) informed to data subjects as under Part 5, above.

    The accuracy of Data and Keeping Data Up To Date

    The Company shall ensure that all personal data collected and processed is kept accurate and up-to-date. The accuracy of data shall be checked when it is collected and at regular intervals thereafter. Where any inaccurate or out-of-date data is found, all reasonable steps will be taken without delay to amend or erase that data, as appropriate.

    Timely Processing

    The Company shall not keep personal data for any longer than is necessary in light of the purposes for which that data was originally collected and processed. When the data is no longer required, all reasonable steps will be taken to erase it without delay.

    Secure Processing

    The Company shall ensure that all personal data collected and processed is kept secure and protected against unauthorised or unlawful processing and against accidental loss, destruction or damage. Further details of the data protection and organisational measures which shall be taken are provided in Parts 22 and 23 of this Policy.

    An assessment of the risks posed to individual data subjects; and
    Details of the measures in place to minimise and handle risks including safeguards, data security, and other measures and mechanisms to ensure the protection of personal data, sufficient to demonstrate compliance with the Regulation.

    Section C: Data Subject Rights

    The Rights of Data Subjects

    The Regulation sets out the following rights applicable to data subjects: The right to be informed;

    The right of access;
    The right to rectification;
    The right to erasure (also known as the ‘right to be forgotten’);
    The right to restrict processing;
    The right to data portability;
    The right to object;
    Rights with respect to automated decision-making and profiling.

    Keeping Data Subjects Informed

    The Company shall ensure that the following information is provided to every data subject when personal data is collected:
    Details of the Company including, but not limited to, the identity of its Data Protection Officer;
    The purpose(s) for which the personal data is being collected and will be processed (as detailed in Schedule 1 of this Policy) and the legal basis justifying that collection and processing;
    Where applicable, the legitimate interests upon which the Company is justifying its collection and processing of the personal data;
    Where the personal data is not obtained directly from the data subject, the categories of personal data collected and processed;
    Where the personal data is to be transferred to one or more third parties, details of those parties;
    Where the personal data is to be transferred to a third party that is located outside of the European Economic Area (the “EEA”), details of that transfer, including but not limited to the safeguards in place (see Part 26 of this Policy for further details concerning such third country data transfers);
    Details of the length of time the personal data will be held by the Company (or, where there is no predetermined period, details of how that length of time will be determined);
    Details of the data subject’s rights under the Regulation;
    Details of the data subject’s right to withdraw their consent to the Company’s processing of their personal data at any time;
    Details of the data subject’s right to complain to the Information Commissioner’s Office (the ‘supervisory authority’ under the Regulation);
    Where applicable, details of any legal or contractual requirement or obligation necessitating the collection and processing of the personal data and details of any consequences of failing to provide it;
    Details of any automated decision-making that will take place using the personal data (including but not limited to profiling), including information on how decisions will be made, the significance of those decisions and any consequences.
    The information set out above in Part 14.1 shall be provided to the data subject at the following applicable time:
    Where the personal data is obtained from the data subject directly, at the time of collection;
    Where the personal data is not obtained from the data subject directly (i.e. from another party):
    If the personal data is used to communicate with the data subject, at the time of the first communication; or
    If the personal data is to be disclosed to another party, before the personal data is disclosed; or
    In any event, not more than one month after the time at which the Company obtains the personal data.

    Data Subject Access

    A data subject may make a subject access request (“SAR”) at any time to find out more about the personal data which the Company holds about them. The Company is normally required to respond to SARs within one month of receipt (this can be extended by up to two months in the case of complex and/or numerous requests, and in such cases the data subject shall be informed of the need for the extension).
    All subject access requests received must be forwarded to the Company’s data protection officer.
    The Company does not charge a fee for the handling of normal SARs. The Company reserves the right to charge reasonable fees for additional copies of information that has already been supplied to a data subject, and for requests that are manifestly unfounded or excessive, particularly where such requests are repetitive.

    Rectification of Personal Data

    If a data subject informs the Company that personal data held by the Company is inaccurate or incomplete, requesting that it be rectified, the personal data in question shall be rectified, and the data subject informed of that rectification, within one month of receipt the data subject’s notice (this can be extended by up to two months in the case of complex requests, and in such cases the data subject shall be informed of the need for the extension).
    In the event that any affected personal data has been disclosed to third parties, those parties shall be informed of any rectification of that personal data.

    Erasure of Personal Data

    Data subjects may request that the Company erases the personal data it holds about them in the following circumstances:
    It is no longer necessary for the Company to hold that personal data with respect to the purpose for which it was originally collected or processed;
    The data subject wishes to withdraw their consent to the Company holding and processing their personal data;
    The data subject objects to the Company holding and processing their personal data (and there is no overriding legitimate interest to allow the Company to continue doing so) (see Part 20 of this Policy for further details concerning data subjects’ rights to object);
    The personal data has been processed unlawfully;
    The personal data needs to be erased in order for the Company to comply with a particular legal obligation
    Unless the Company has reasonable grounds to refuse to erase personal data, all requests for erasure shall be complied with, and the data subject informed of the erasure, within one month of receipt of the data subject’s request (this can be extended by up to two months in the case of complex requests, and in such cases the data subject shall be informed of the need for the extension).
    In the event that any personal data that is to be erased in response to a data subject request has been disclosed to third parties, those parties shall be informed of the erasure (unless it is impossible or would require disproportionate effort to do so).

    Restriction of Personal Data Processing

    Data subjects may request that the Company ceases processing the personal data it holds about them. If a data subject makes such a request, the Company shall retain only the amount of personal data pertaining to that data subject that is necessary to ensure that no further processing of their personal data takes place.
    In the event that any affected personal data has been disclosed to third parties, those parties shall be informed of the applicable restrictions on processing it (unless it is impossible or would require disproportionate effort to do so).

    Data Portability

    Where data subjects have given their consent to the Company to process their personal data in such a manner or the processing is otherwise required for the performance of a contract between the Company and the data subject, data subjects have the legal right under the Regulation to receive a copy of their personal data and to use it for other purposes (namely transmitting it to other Data Controllers, e.g. other organisations).
    To facilitate the right of data portability, the Company shall make available all applicable personal data to data subjects in simple text file or CSV.
    Where technically feasible, if requested by a data subject, personal data shall be sent directly to another Data Controller.
    All requests for copies of personal data shall be complied with within one month of the data subject’s request (this can be extended by up to two months in the case of complex requests in the case of complex or numerous requests, and in such cases the data subject shall be informed of the need for the extension).

    Objections to Personal Data Processing

    Data subjects have the right to object to the Company processing their personal data based on legitimate interests (including profiling), direct marketing (including profiling).
    Where a data subject objects to the Company processing their personal data based on its legitimate interests, the Company shall cease such processing forthwith, unless it can be demonstrated that the Company’s legitimate grounds for such processing override the data subject’s interests, rights and freedoms; or the processing is necessary for the conduct of legal claims.
    Where a data subject objects to the Company processing their personal data for direct marketing purposes, the Company shall cease such processing forthwith.
    Where a data subject objects to the Company processing their personal data for scientific and/or historical research and statistics purposes, the data subject must, under the Regulation, ‘demonstrate grounds relating to his or her particular situation’. The Company is not required to comply if the research is necessary for the performance of a task carried out for reasons of public interest.

    Automated Decision-Making

    In the event that the Company uses personal data for the purposes of automated decision-making and those decisions have a legal (or similarly significant effect) on data subjects, data subjects have the right to challenge such decisions under the Regulation, requesting human intervention, expressing their own point of view, and obtaining an explanation of the decision from the Company.
    The right described in Part 1 above does not apply in the following circumstances:
    The decision is necessary for the entry into, or performance of, a contract between the Company and the data subject;
    The decision is authorised by law; or
    The data subject has given their explicit consent.

    Profiling

    Where the Company uses personal data for profiling purposes, the following shall apply:

    Clear information explaining the profiling will be provided, including its significance and the likely consequences;
    Appropriate mathematical or statistical procedures will be used;
    Technical and organisational measures necessary to minimise the risk of errors and to enable such errors to be easily corrected shall be implemented; and
    All personal data processed for profiling purposes shall be secured in order to prevent discriminatory effects arising out of profiling.
    Section D: Our Other Obligations
    Accountability
    The Company’s data protection officer is Matt Groom, matt@resolutiondesign.co.uk
    The Company shall keep written internal records of all personal data collection, holding, and processing, which shall incorporate the following information:
    The name and details of the Company, its data protection officer, and any applicable third party Data Controllers;
    The purposes for which the Company processes personal data;
    Details of the categories of personal data collected, held, and processed by the Company; and the categories of data subject to which that personal data relates;
    Details (and categories) of any third parties that will receive personal data from the Company;
    Details of any transfers of personal data to non-EEA countries including all mechanisms and security safeguards;
    Details of how long personal data will be retained by the Company; and
    Detailed descriptions of all technical and organisational measures taken by the Company to ensure the security of personal data.

    Privacy impact assessments

    The Company shall carry out Privacy Impact Assessments when and as required under the Regulation. Privacy Impact Assessments shall be overseen by the Company’s data protection officer and shall address the following areas of importance:

    The purpose(s) for which personal data is being processed and the processing operations to be carried out on that data;
    Details of the legitimate interests being pursued by the Company;
    An assessment of the necessity and proportionality of the data processing with respect to the purpose(s) for which it is being processed.

    Organisational measures

    The Company shall ensure that the following measures are taken with respect to the collection, holding, and processing of personal data:

    All employees, agents, contractors, or other parties working on behalf of the Company shall be made fully aware of both their individual responsibilities and the Company’s responsibilities under the Regulation and under this Policy, and shall be provided with a copy of this Policy;
    Only employees, agents, sub-contractors, or other parties working on behalf of the Company that need access to, and use of, personal data in order to carry out their assigned duties correctly shall have access to personal data held by the Company;
    All employees, agents, contractors, or other parties working on behalf of the Company handling personal data will be appropriately trained to do so;
    All employees, agents, contractors, or other parties working on behalf of the Company handling personal data will be appropriately supervised;
    Methods of collecting, holding and processing personal data shall be regularly evaluated and reviewed;
    The performance of those employees, agents, contractors, or other parties working on behalf of the Company handling personal data shall be regularly evaluated and reviewed;
    All employees, agents, contractors, or other parties working on behalf of the Company handling personal data will be bound to do so in accordance with the principles of the Regulation and this Policy by contract;
    All agents, contractors, or other parties working on behalf of the Company handling personal data must ensure that any and all of their employees who are involved in the processing of personal data are held to the same conditions as those relevant employees of the Company arising out of this Policy and the Regulation;
    Where any agent, contractor or other party working on behalf of the Company handling personal data fails in their obligations under this Policy that party shall indemnify and hold harmless the Company against any costs, liability, damages, loss, claims or proceedings which may arise out of that failure.

    Transferring Personal Data to a Country Outside the EEA

    The Company may from time to time transfer (‘transfer’ includes making available remotely) personal data to countries outside of the EEA.
    The transfer of personal data to a country outside of the EEA shall take place only if one or more of the following applies:
    The transfer is to a country, territory, or one or more specific sectors in that country (or an international organisation), that the European Commission has determined ensures an adequate level of protection for personal data;
    The transfer is to a country (or international organisation) which provides appropriate safeguards in the form of a legally binding agreement between public authorities or bodies; binding corporate rules; standard data protection clauses adopted by the European Commission; compliance with an approved code of conduct approved by a supervisory authority (e.g. the Information Commissioner’s Office); certification under an approved certification mechanism (as provided for in the Regulation); contractual clauses agreed and authorised by the competent supervisory authority; or provisions inserted into administrative arrangements between public authorities or bodies authorised by the competent supervisory authority;
    The transfer is made with the informed consent of the relevant data subject(s);
    The transfer is necessary for the performance of a contract between the data subject and the Company (or for pre-contractual steps taken at the request of the data subject);
    The transfer is necessary for important public interest reasons;
    The transfer is necessary for the conduct of legal claims;
    The transfer is necessary to protect the vital interests of the data subject or other individuals where the data subject is physically or legally unable to give their consent; or
    The transfer is made from a register that, under UK or EU law, is intended to provide information to the public and which is open for access by the public in general or otherwise to those who are able to show a legitimate interest in accessing the register.

    Data Breach Notification

    All personal data breaches must be reported immediately to the Company’s data protection officer.
    If a personal data breach occurs and that breach is likely to result in a risk to the rights and freedoms of data subjects (e.g. financial loss, breach of confidentiality, discrimination, reputational damage, or other significant social or economic damage), the data protection officer must ensure that the Information Commissioner’s Office is informed of the breach without delay, and in any event, within 72 hours after having become aware of it.
    In the event that a personal data breach is likely to result in a high risk (that is, a higher risk than that described under Part 27.2) to the rights and freedoms of data subjects, the data protection officer must ensure that all affected data subjects are informed of the breach directly and without undue delay.
    Data breach notifications shall include the following information:
    The categories and approximate number of data subjects concerned;
    The categories and approximate number of personal data records concerned;
    The name and contact details of the Company’s data protection officer (or other contact point where more information can be obtained);
    The likely consequences of the breach;
    Details of the measures taken, or proposed to be taken, by the Company to address the breach including, where appropriate, measures to mitigate its possible adverse effects.

    Implementation of Policy

    This Policy shall be deemed effective as of 1st May 2018. No part of this Policy shall have retroactive effect and shall thus apply only to matters occurring on or after this date.

    Schedule 1: Our Use Of Personal Data And Our Purpose
    The following personal data may be collected, held, and processed by the Company:

    Name, email, telephone number, other business contact details and company information in order for the Company to carry out it’s business activities
    Schedule 2: Our Specific Data Protection Measures
    These are the measures we take when working with personal data:

    All emails containing personal data must be encrypted using SSL.
    Where any personal data is to be erased or otherwise disposed of for any reason (including where copies have been made and are no longer needed), it should be securely deleted and disposed of. Hardcopies should be shredded, and electronic copies should be deleted securely.
    Personal data may be transmitted over secure networks only; transmission over unsecured networks is not permitted in any circumstances;
    Personal data may not be transmitted over a wireless network if there is a wired alternative that is reasonably practicable;
    Personal data contained in the body of an email, whether sent or received, should be copied from the body of that email and stored securely. The email itself should be deleted. All temporary files associated therewith should also be deleted;
    Where Personal data is to be sent by facsimile transmission the recipient should be informed in advance of the transmission and should be waiting by the fax machine to receive the data;
    Where Personal data is to be transferred in hardcopy form it should be passed directly to the recipient or sent using secure, signed for postal service.
    No personal data may be shared informally and if an employee, agent, sub-contractor, or other party working on behalf of the Company requires access to any personal data that they do not already have access to, such access should be formally requested from a Director of the Company.
    All hardcopies of personal data, along with any electronic copies stored on physical, removable media should be stored securely in a locked box, drawer, cabinet or similar;
    No personal data may be transferred to any employees, agents, contractors, or other parties, whether such parties are working on behalf of the Company or not, without the authorisation of a Director of the Company
    Personal data must be handled with care at all times and should not be left unattended or on view to unauthorised employees, agents, sub-contractors or other parties at any time;
    If personal data is being viewed on a computer screen and the computer in question is to be left unattended for any period of time, the user must lock the computer and screen before leaving it;
    No personal data should be stored on any mobile device (including, but not limited to, laptops, tablets and smartphones), whether such device belongs to the Company or otherwise without the formal written approval of a Director of the Company and, in the event of such approval, strictly in accordance with all instructions and limitations described at the time the approval is given, and for no longer than is absolutely necessary.
    No personal data should be transferred to any device personally belonging to an employee and personal data may only be transferred to devices belonging to agents, contractors, or other parties working on behalf of the Company where the party in question has agreed to comply fully with the letter and spirit of this Policy and of the Regulation (which may include demonstrating to the Company that all suitable technical and organisational measures have been taken);
    All personal data stored electronically should be backed up daily with backups stored onsite AND/OR offsite. All backups should be encrypted;
    All electronic copies of personal data should be stored securely using secure password protection;
    All passwords used to protect personal data should be changed regularly and should not use words or phrases that can be easily guessed or otherwise compromised. Passwords should be managed using secure password management software;
    Under no circumstances should any passwords be written down or shared between any employees, agents, contractors, or other parties working on behalf of the Company, irrespective of seniority or department. If a password is forgotten, it must be reset using the applicable method;
    Where personal data held by the Company is used for marketing purposes, it shall be the responsibility of the Directors of the Company to ensure that no data subjects have added their details to any marketing preference databases including, but not limited to, the Telephone Preference Service, the Mail Preference Service, the Email Preference Service, and the Fax Preference Service