Last updated: 19 June 2020
This website and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies with all UK national laws and requirements for user privacy.
If you send us an enquiry via email or via a form on our website, we will respond via email. Our response will be limited to answering that enquiry; we won’t add you to our email list unless you ask us to or have otherwise consented to being added.
The History Quill operates an email newsletter programme. Users can subscribe through an online process where they affirm their consent to receiving our emails.
We use Mailchimp and MailerLite to manage our email list and disseminate emails. As such, when users sign up for our email list, their data is transferred to Mailchimp and MailerLite for this purpose.
Subscriptions are taken in compliance with UK Spam Laws detailed in the Privacy and Electronic Communications Regulations 2003. All personal details relating to subscriptions are held securely and in accordance with the General Data Protection Regulation.
In compliance with UK Spam Laws and the Privacy and Electronic Communications Regulations 2003, subscribers are given the opportunity to unsubscribe at any time through an automated system. This process is detailed at the footer of each email campaign. Users may also unsubscribe by emailing firstname.lastname@example.org with ‘unsubscribe’ in the subject line. If they are on multiple email lists, they should specify which lists they wish to unsubscribe from.
Some client data collected over the course of communications, signing of contracts, and other interactions with clients may be used for purposes that are essential for providing agreed services to clients or for complying with legal regulations or other business requirements. See the section below on sharing/transferring your data.
Some client data may be shared with subcontractors for the purpose of providing agreed services. This may include transfer of data to the United States. Standard contractual clauses are used to ensure compliance when transferring data to the United States in this context. Sub-contractors will only be used with the client’s consent.
Subject Access Request
Under the General Data Protection Regulation, you may request a copy of personal information held about you by us. If you would like a copy of the information held on you please write to the business address at the bottom of this policy or email the email address.
Data storage and retention
Data may be stored and retained until such time as its retention is no longer necessary. After that, it will be deleted. All data is stored securely. All data is kept private except for when its transfer is necessary in line with the cases below.
Sharing/transferring your data
We may transfer your personal data onto the following third parties with the following justifications:
- Google (legitimate interest in use of email services, storage of survey data, client data, and backups)
- Mailchimp (legitimate interest in email list management)
- Siteground (legitimate interest in maintaining website database, including form data storage)
- Microsoft (legitimate interest in using email services)
- Invoice Ninja (legitimate interest in invoicing; necessary to fulfil legal obligations)
- Zapier (legitimate interest in connecting functions such as sales and invoicing)
- Quickbooks/Intuit (legitimate interest in bookkeeping; necessary to fulfil legal obligations)
- ClickUp (legitimate interest in project management)
- Survicate (legitimate interest in collecting and storing survey data and email subscribers)
- Cognito Forms (legitimate interest in collecting and storing form data)
- Formstack (legitimate interest in collecting and storing form data)
- Slack (legitimate interest in communication with freelancers, sharing client data with freelancers, and sharing files with freelancers)
- Sub-contractors who assist us in performing a contract we have with you.
- Legal/accountancy service providers (necessary to fulfil legal obligations regarding the preparation of our accounts and fulfilling tax obligations).
- IT/technical support (legitimate interest in maintaining our services, including but not limited to our website and email services).
- Facebook (legitimate interest in matching email subscriber data to Facebook users in order to create a Facebook ads suppression list. This means we can avoid advertising to existing email subscribers on Facebook when doing so would be superfluous).
- UK government, European Union, and other relevant government entities (necessary to fulfil legal obligations, e.g. tax reporting obligations).
Some of our partners and service providers are located outside the EU, and we may transfer your data to them if necessary. We use appropriate safeguards to protect your data when transferring it outside of the EU, such as EU-approved standard contractual clauses, Binding Corporate Rules, and protection under EU-approved certification mechanisms such as Privacy Shield.
Google, Zapier, Slack, Microsoft, Invoice Ninja, Facebook, Quickbooks/Intuit, ClickUp, Cognito Forms, Formstack, and Mailchimp are based in the United States and we therefore transfer your data to the United States. Google, Microsoft, Slack, Facebook, Invoice Ninja, Zapier, Quickbooks/Intuit, ClickUp, Cognito Forms, Formstack, and Mailchimp operate within the EU-approved Privacy Shield data protection framework. Siteground is based in the EU and is GDPR compliant. However, it may transfer data to its US entities. Such data transfers are covered by standard contractual clauses, making them GDPR compliant.
The right to object and withdraw consent
You have the right to object to the processing of your data where the justification is our legitimate interest. In order to object, email email@example.com explaining which form of processing you wish to object to. You may also withdraw your consent at any time by emailing firstname.lastname@example.org.
The right to lodge a complaint
You have the right to lodge a complaint regarding our data processing with the relevant supervisory authority. The supervisory authority for the United Kingdom is the Information Commissioner’s Office.
Although this website only looks to include quality, safe and relevant external links, users are advised adopt a policy of caution before clicking any external web links mentioned throughout this website.
The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should therefore note they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Social Media Platforms
Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
Shortened Links in Social Media
This website and its owners through their social media platform accounts may share web links to relevant web pages. By default some social media platforms shorten lengthy urls.
Users are advised to take caution and exercise good judgement before clicking any shortened urls published on social media platforms by this website and its owners. Despite the best efforts to ensure only genuine urls are published many social media platforms are prone to spam and hacking and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.
We utilise email analytics tools to optimise email delivery and ensure content is relevant and useful. This data is processed on the basis of legitimate interest.
In the event that The History Quill is merged with or taken over by another company, personal data related to clients, email subscribers, and users of this website may be transferred to the relevant successor entities.
You must be 18 years old or over in order to sign up to our email list and submit personal data to us.
Identity and contact details
The data controller is The History Quill LTD. We are contactable by mail at 13 Howard Road, Dorking, RH4 3HR, United Kingdom and email at email@example.com.