Privacy Policy

Effective date: 7th Feb, 2019

In accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 introduced in 2018, users of personal data have to protect your data to a high standard and advise why they need the data, and for how long they store it for. You also have a right to be forgotten and have your data erased. This section will advise you on our policies to abide by this regulation.

MediaSkyscraper is committed to respect and uphold everybody’s right to privacy, to process personal data securely and to comply with legislation prevailing in the UK. This policy describes what we do to achieve this.

Definition of terms used in this policy

‘We’, ‘Us’ and ‘Our’ refer to MediaSkyscraper

‘You’ and ‘Your’ refer to a client of MediaSkyscraper. You may be a customer or member of our emailing list.

‘Processing’ means collecting and storing data, and using it to contact you if consent is given.

‘Our website’ means https://mediaskyscraper.com.

‘Device’ means any computer, tablet, smartphone or other equipment equipped with a web browser and connected to the internet.

‘GDPR’ means the General Data Protection Regulation.

‘PCI-DSS’ means Payment Card Industry Data Security Standard.

‘HMRC’ means Her Majesty’s Revenue and Customs, the UK tax authority.

‘Full card details’ means the card number, expiry date, name of account holder and CVC number of any debit, credit or charge card.

‘Information’ and ‘Data’ are used interchangeably.

Website security

mediaskyscraper.com is a secure website protected by Secure Socket Layer (SSL), as indicated by the padlock symbol in your browser. SSL protects data by encrypting it as it travels over the internet between your web browser and the server.

Information collection and use

We collect several different types of information for various purposes to provide and improve our service for you.

Types of data collected:

Personal data

While using our service, we may ask you to provide us with certain personally identifiable information that can be used to provide you our service, contact or identify you (“Personal Data"). Personally identifiable information may include, but is not limited to:

Email address

First name and last name

Phone number

Address, State, Province, ZIP/Postal code, City

Cookies and Usage Data

Usage data

We may also collect information about how the service is accessed and used (“Usage Data"). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

WordPress specific related data:

-Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

-Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

-Embedded content from other websites, that are used on the WordPress platform, that our website uses, and has therefore added

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Cookies

Like most websites, ours uses ‘cookies’ to make various features work. Cookies are small text files, some of which contain anonymous data, such as the contents in your shopping cart, that our website places on your device. They also help us deliver targeted MediaSkyscraper adverts to you (via cookies installed when you visit our site) when you browse the internet. If you do not wish to give consent for cookies to be received you can set your web browser to block them, but this will prevent the website working correctly and you will not be able to use the shopping basket or checkout. For a full explanation of the cookies we use, see our Cookie Policy

Why do we process personal data?

We need to collect and store your personal information so that we can fulfil your order, contact you, and identify you.

Our legal basis under Article 6 of the GDPR for processing personal data in any given instance is one or more of:

6.b) Processing is necessary for the performance of a contract to which you are party, specifically the supply of online services by MediaSkyscraper.

6.c) Processing is necessary for compliance with a legal obligation to which we are subject, in particular, the retention of records for a specified time for tax purposes (see below).

6.f) Processing is necessary for the purposes of legitimate interests pursued by the data controller, specifically the collection of statistical data to assist in improving our offer and website to the mutual benefit of you and us.

What data do we process?

The personal information we collect and store is limited to that shown on our order confirmations and invoices, as follows:

– Your name and address

– Your telephone number

– Your email address

– Your payment reference or method

– The services you purchased from us

Disclosure of data

MediaSkyscraper may disclose your Personal Data in the good faith belief that such action is necessary to:

-To comply with a legal obligation

-To protect and defend the rights or property of MediaSkyscraper

-To prevent or investigate possible wrongdoing in connection with the service

-To protect the personal safety of users of the service or the public

-To protect against legal liability

Security of data

The security of your data is of vital importance to us. You must be aware that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

Visitors comments may be checked through an automated spam detection service.

Online payments and financial data

Online payments are made through the secure website of our Payment Service Provider (PSP) Stripe. Our PSP (Stripe) is PCI-DSS compliant to the highest level, ensuring that your card details are secure. We (MediaSkyscraper) never see your full card details because you enter them directly through the PSP website. The only payment information we see and store is either the last 4 digits of the card number and the expiry date, details may be shown on our invoices for your reference.

Service providers

We may employ third party companies and individuals to facilitate our Service (“Service Providers"), to provide the service on our behalf, to perform service-related services or to assist us in analysing how our service is used.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Emails

Providing you have entered your email address on our website, you are likely to receive emails from us for marketing, service fulfilment, and informational reasons. You can unsubscribe at any time using the “unsubscribe" link at the bottom of every email we send to you. Apart from when we are sending emails to deliver on our contract with you. In this case, you can write to our email address listed at the bottom of this document to have your account terminated but this will make fulfilment of our contract with you impossible and therefore nullify our said contract obligations.

Analytics

We may use third-party Service Providers to monitor and analyse the use of our service.

-Google Analytics

Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our service. This data is shared with other Google services. Google may use the collected data to contextualise and personalise the ads of its own advertising network.

You can opt-out of having made your activity on the service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity.

For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en

Links to other sites

Our service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility or liability for the content, privacy policies or practices of any third party sites or services.

Children’s privacy

Our service does not knowingly address anyone under the age of 18 (“Children").

We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

How is personal information stored?

Personal information is stored electronically and is encrypted to prevent unauthorised access.

Your right to rectification

In accordance with article 16 of the GDPR, if you notice that we have stored any of your personal data incorrectly, please contact us via email and we will correct it straight away.

How long do we keep your data for?

HMRC rules require us to keep records for at least 6 years after the January tax return submission date. To make sure we comply, we keep sales and purchase invoices for 7 years before deleting or destroying them.

If you have opted into our emailing list you may request that your email address is removed from the list at any time. If we have not had any contact with you for 6 years, all your personal data will automatically be deleted including your entry in our emailing list.

All old computer equipment will have the hard drives removed, and destroyed. We never dispose of old computers with the hard drives fitted.

-Wordpress specific related data retention periods

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

Your ‘right to be forgotten’

In accordance with article 17 of the GDPR, your personal data will be deleted when:

  1. a) The information is no longer necessary for the purposes for which it was collected, or
  2. b) You withdraw consent and there is no other legal ground for processing under Article 6 (see ‘Why do we process personal data?’ above).

Can we supply a copy of the data we hold?

Yes, send a self-addressed envelope with postage attached and we will be able to forward you any information that we hold. The self-addressed envelope must be to the name and address that we have on file so that we are not sending to the wrong person.

If you have moved, then please contact us as we may need proof of name and address to ensure we are sending to the correct person.

Although we are happy to send you the data we hold, this is typically only the following information:

Name

Address

Delivery name

Delivery address

Email address

Telephone number

Method of payment (but not payment data such as card numbers)

GDPR compliant partners

We will never share your personal data knowingly with third parties, except where necessary in order to process your orders, limited data may be passed to carefully selected partners with the view of fulfilling your order.

Our payment partner who will process your payments on our behalf;

Stripe (PSP)

We may also share your personal information for the purposes of law enforcement if requested by the Police, or if a chargeback occurs which needs to be investigated.

Data breach

In the unlikely event of a data breach, we will contact the UK supervising authority (Information Commissioner’s Office) and yourself in accordance with articles 33 and 34 of the GDPR.

Changes to this privacy policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our service, prior to the change becoming effective and update the “effective date" at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact us

If you have any questions about this Privacy Policy, please contact us by email or post:

By email: support@mediaskyscraper.com

By post: MediaSkyscraper

27 Old Gloucester Street

London

WC1N 3AX

United Kingdom

This policy was updated and effective from 7th Feb 2019.