Truly Gifts (www.trulygiftsuk.com) is a site operated by Karen Dodge (“We”).
We are committed to protecting the privacy of everyone we deal with. This page outlines how our business complies with the new European General Data Protection Regulation (GDPR).
1. Obtaining and processing information fairly
We obtain information about our enquirers and clients by asking them to provide the minimum amount of private details that we will need to deal with their enquiries, maintain contact and to conduct business with them.
This means we ask for their:
- Email address.
- Mailing address.
- Telephone number.
2. Keeping information only for one or more specified, explicit and lawful purposes
We keep the personal information provided by our clients solely for the purposes of maintaining contact and conducting business with them on defined projects. We later remove them from our files, as described in point 6 below.
3. Using and disclosing information only in ways compatible with these purposes
We use the information provided by our clients solely for purposes of maintaining contact and conducting business with them on defined projects. We do not engage in direct sales or marketing.
We respect the confidentiality of our clients and do not disclose their information to anyone else, for any reason, except with their prior written consent.
4. Keeping information safe and secure
General security: when working on a project with a client, various documents are generated. These can include:
We take all reasonable steps to protect the security of clients’ personal information and documents on our computers and devices by:
- Working from a secure office premises.
- Working on a computers and laptops that have secure password and never leave the building.
- Running up-to-date software, including anti-virus and malware protection software.
- Backing up our monthly weekly on an external hard drive.
- Erasing all information from all old devices before disposing of them.
Also, please note that our website links to other websites, which will have their own privacy policies.
5. Ensuring that information is adequate, relevant and not excessive
As noted in points 1 and 4, we obtain and keep the minimum amount of personal details about our clients to enable us to conduct business with them, ie contact details and documents relevant to the completion of defined projects.
6. Retaining information for no longer than is necessary for the purpose or purposes
We keep all documents relating to our clients’ business (see first bullet list in point 4) for at least three years. This is because we may need them for reference purposes (in case I undertake further work for them), or in case a dispute should arise over a completed project. After this period, we delete such documents.
We are obliged by HMRC to keep relevant records of business transactions (invoices, receipts, etc.) for six years, during which time I could be audited. If we do not conduct any further business with clients beyond this time frame, we will delete all emails and other documents relating to our work together.
7. Giving a copy of their personal data to individuals, on request
It is the right of our clients to know what information we hold about them in our general records and / or to request a copy of that information. All such requests will be dealt with promptly and in accordance with the current European Data Protection Legislation. If you wish to see the information we have on you, please contact us
* We do not use your email address for marketing purposes.
Privacy page last updated on 1 January 2022