Privacy Policy
NewDay values your privacy, this section will help you understand how we use your personal information.
Introduction
In this Privacy Notice (referred to throughout as notice), we, our, or us refers to NewDay Ltd, its parent company NewDay Cards Ltd, and any other companies in the group to which they belong (referred as the NewDay Group throughout this notice).You or your refers to anyone whose personal data we process.
This notice explains how we will use and look after your personal information.
This notice covers the following:
Whom should I contact if I have questions about this notice?
What is the legal basis that permits us to use your personal data?
What measures do we have in place to safeguard your personal data?
The table at the end of this notice provides an overview of the personal data that we collect, the purposes for which we use that personal data, the legal basis which permits us to use your personal data, and the rights that you have in relation to your personal data.
Whom should I contact if I have questions about this notice?
Should you wish to contact us about any aspect of this notice, you can contact our Data Protection Officer at dpofficer@newday.co.uk.
NewDay Ltd and NewDay Cards Ltd are registered with the UK Information Commissioner's Office (referred to throughout this notice as ICO). NewDay Ltd's registration number is Z272680X and NewDay Cards Ltd's registration number is Z5599433.
If you are unhappy with the way in which we are processing your personal data, you have the right to raise a complaint directly with the ICO. Their contact details are Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. You can also call them on 0303 123 1113 or email them.
What is personal data?
Personal data is any information that tells us something about you. This could include information such as name, contact details, and employer name.
Where do we obtain your personal data from?
We get personal data about you when you request access to the site.
We obtain personal data related to the IP address, operating system, devices and browser that you use, including the location of any devices used by you.
We collect personal data using analytics tools to track website page content and click/touch, movement, scroll, and keystroke activity.
What personal data do we use and why?
We are a controller of the personal data that we obtain when providing you with access to this site.
We hold and use the following personal data about you:
- Personal data such as your name, contact details, employer
- Identifiers assigned to your computer or other internet connected device {including your Internet Protocol (IP) address}
- Device data (including information about the type of device you use and the specific device ID that is linked to the devices that you use to access our services)
We use this information in order to verify your identity and operate your access to this site and to enable us perform other administrative and operational activities (including the testing of systems, auditing and other compliance related work) to comply with our legal and regulatory obligations.
If you subscribe to individual pages we will use your email address to keep you updated about this page. For each page that you subscribe to you will receive a separate unsubscribe message if you wish to use it.
What is the legal basis that permits us to use your personal data?
We are only permitted to use your personal data, if we have a legal basis for doing so, as set out under data protection legislation. We rely on the following legal bases to use your personal data:
Consent: where we have your consent.
Contractual Performance: where we need information to enter into a contract, or perform the contract we have entered into with you.
Legal Obligation: where we need to comply with a legal or regulatory obligation.
Legitimate Interest: where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
In more limited circumstances we may also rely on the following legal bases:
Vital Interest: where we need to protect your interests (or someone else's interests).
Public Task: where it is needed in the public interest or for official purposes.
The table at the end of this notice provides more details about the personal data that we use, the legal basis that we rely on in each case, and your rights.
What measures do we have in place to safeguard your personal data?
We know how important it is to keep your personal data secure. We protect your personal data when being transferred and when stored in IT systems.
A variety of technologies are employed to protect the systems that are used to store and manage personal data. To protect our systems and networks from attack, we use firewalls, encrypted hard drives, antivirus software, host based intruder detection software, and authenticated access protection solutions. Our security solutions are designed in line with industry standards to protect the personal data we store or transmit.
Access to personal information is strictly controlled. We ensure access to personal data is restricted to individuals on a need to know basis. Training is provided to the individuals (working within the group)who need to access personal data to ensure that personal information is managed securely.
How do I find out about cookies?
We are committed to protecting your personal data that we collect about you online. Our Cookies Notice explains how we use cookies, why, and how this allows us to improve our service. It also tells you how you can manage what cookies are stored on your device. Please read the Cookies Notice to find out more.
What rights do you have in relation to your personal data?
You have a number of rights in relation to your personal data; these include the right to:
Information: Be informed about how we use your personal data.
Access: Obtain access to your personal data that we hold.
Rectification: Request that your personal data is corrected, if you believe it is incorrect or incomplete.
Erasure: You do not have a blanket right to ask for deletion of your data. A request that we erase your personal data is only valid in the following circumstances:
If we are continuing to process personal data beyond the period (when it is necessary) to do so and for the purpose for which it was originally collected.
If we are relying on consent as the legal basis for processing and you withdraw consent.
If we are relying on legitimate interest as the legal basis for processing and you object to this processing, and there is no overriding compelling ground which enables us to continue with the processing.
If the personal data has been processed unlawfully (that is, in breach of the requirements of the data protection legislation).
If it is necessary to delete the personal data to comply with a legal obligation.
Restriction: Ask us to restrict our data processing activities where you consider that:
Personal data is inaccurate.
Our processing of your personal data is unlawful.
Where we no longer need the personal data but you require us to keep it to enable you to establish, exercise or defend a legal claim.
Where you have raised an objection to our use of your personal data.
Portability: Request a copy of certain personal data that you have provided to us in a commonly used electronic format. This right relates to personal data that you have provided to us, which we need in order to perform our agreement with you and personal data where we are relying on consent to process your personal data.
Objection: Object to our processing of your personal data where we are relying on legitimate interests or exercise of a public interest task to make the processing lawful. If you raise an objection, we will carry out an assessment to determine whether we have an overriding legitimate ground, which entitles us to continue to process your personal data. If you object to us using your personal data for marketing purposes, we will always stop such use of your data.
Automated decisions: Not be subjected to automated decisions which produce legal effects or which could have a similarly significant effect on you.
- As part of the processing of your personal data, decisions may be made by automated processes.
We will always tell you about the outcome of a request you have made in relation to the rights discussed above.
If you would like to exercise any of your rights or find out more, please contact our Data Protection Officer at dpofficer@newday.co.uk.
The table provides more details about the personal data that we use, the legal basis that we rely on in each case, and your rights.
Quick check of NewDay's use of your personal data (including processing undertaken where NewDay relies on legitimate interests):
Purpose | Type of Personal Data Used | Legal Basis for Processing | Which Rights Apply? |
---|---|---|---|
Complying with and supporting compliance with legal and regulatory requirements to which NewDay is subject | Details supplied as part of the application to have access to the site | Legal Obligation | The generally applicable rights |
Business analytics including system testing | Details supplied as part of the application to have access to the site | Legitimate Interest | The generally applicable rights plus the right to object |
Information generated by Cookies | Browser data | Consent | The generally applicable rights plus the right to object |
Users asking to subscribe to page updates | Email Address | Consent | The generally applicable rights |
The following generally applicable rights always apply:
- Right to be informed
- Right of access
- Right to rectification
- Right to erasure
- Right to restriction
- Rights in relation to automated decisionmaking.
Please see the What rights do you have in relation to your personal data?. For more details of your rights and how to exercise them or go the Information Commissioner's website.