Last updated Wednesday 17th October 2018 at 21:38.
Ben Mobbs t/a BJUM (“us”, “we”, or “our”) operates the BJUM website (the “service(s)”).
Here at BJUM we are serious about your privacy and security and aim to handle your data with the utmost sensitivity and care. This page informs you of our policies regarding the collection, use and disclosure of personal information when you use our services.
Information Collection & Use
While using our services, we may ask you to provide us with certain personally identifiable information that can be used to contact you to fulfil any service(s) you have requested or to provide information about those services you have enquired about. Personally identifiable information usually includes, but is not limited to:
- Email address
- Telephone number (optional)
- Other information that could conceivably be used to identify you that you have chosen to provide in, for example, a message to us.
For other uses, please see below.
We collect information that your browser sends whenever you visit our website (“log data”), as is standard in the operation of any website stored and access on a web server or host. This data may include information such as your computer’s Internet Protocol (“IP”) address provided by your Internet Service Provider (ISP), browser type, browser version, the pages of our website that you visit, the time and date of your visit, the time spent on those pages and other statistics. This information is necessary in the normal course of offering a website to provide information on our services, and is collected automatically by virtually all websites on the Internet, to aid in the detection of errors.
Cookies are files that store a very small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your computer’s hard drive.
We may employ third party organisations to facilitate our services, to provide the services on our behalf, or to assist us in analysing how our services are used.
These third parties may, in only very specific circumstances that will however possible be made aware to you, be provided with information we have collected or received from you only to perform these tasks on our behalf, and are not admitted to disclose or use this information for any other purpose.
We use Google Analytics and Hotjar to analyse how visitors use our website, in order to make improvements to its usability and helpfulness, to provide the best customer experience possible. This information is totally anonymous and cannot be used to identify any individual alone. This includes data such as:
- Coarse geographical information, limited to country only
- Device and browser information
- Referring page (if you visited via clicking a link on another website)
- Pages visited, and in what sequence
- Mouse movements
- Items clicked/touched
- Mouse “scrolling” activity inc. touch
- “Hotspots” that indicate the greatest amount of mouse or touch activity
For example, we may move an element on the website that includes important information that is often missed, in response to these observations. For more information on how this information is stored and processed, please visit the links above to access those organisation’s respective privacy policies and learn more about them.
You can opt-out by enabling the Do Not Track functionality of your browser, which we honour, and specifically from Hotjar by clicking here: Opt Out of Hotjar Analytics.We do not collect or store the following information:
- Keystrokes (keyboard input)
- Passwords, date of birth, card/payment details
If we receive sensitive information such as passwords or card/payment details in error, for example it is sent to us with our contact form or by email, we will destroy it for your protection.
We never sell, provide or redistribute your information to third parties for the purposes of marketing, targeted advertising or other promotional activity and we do not conduct unsolicited marketing communications of our own. We will always first receive your permission to send you, for example, a newsletter or product/service updates, and then only to the e-mail address you provide. If you do receive e-mail updates from us that you no longer wish to receive, you can easily unsubscribe from all future e-mails by clicking the “Unsubscribe” link at the bottom of the e-mail.
The security of your personal information is of utmost importance to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use more than commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
When you contact BJUM, all communications are immediately encrypted by 256-bit TLS (Transport Layer Security) and stored in a secure database within the EU (Ireland), on servers passing the SSAE16 audit, protected by two-factor authentication and strong passwords that are hashed and salted. Wherever data is stored on our premises, it is kept physically secure (i.e. lock and key) and password-protected, typically on Linux, Unix and MacOS systems.
Our website is hosted by one of the UK’s largest web hosting infrastructures, Tsohost, whose data centres are protected by a three-metre-tall perimeter fence, more than 25 CCTV cameras, electronic access control systems and 24/7 personnel.
We fully comply with the UK Data Protection Act (2018) to store your information securely and only as necessary for the efficient delivery of our services to you, the customer. Internally, all passwords are stored in encrypted databases or memorised, never in plain text or “memos”, and so are virtually impossible to access without authorisation. You can be sure your data is as safe as possible with BJUM.
You may make payments to us via our secure online invoices that are powered by leading industry cloud accounting provider Xero, via digital documents delivered to the e-mail account you provide. Our payments are processed by Braintree, a PayPal company, for which we have passed a security audit and been deemed “low risk”. We do not store any card or payment information, which is processed in accordance with Level 1 PCI-DSS (“Payment Card Industry Data Security Standard”) by Braintree and/or PayPal, relevant Data Protection law and protected by the strongest available 256-bit SSL (Secure Socket Layer) encryption. Braintree’s payment processing security is recognised by both VISA and Mastercard. We perform additional checks on all card transactions, such as CVV and AVS to prevent fraudulent payments for our services. For more information on Braintree’s security standards, please click here: Braintree Data Security.
Our services does not solicit anyone under the age of 18 (“Children”). We do not knowingly collect personally identifiable information from children under 18. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us. If we discover that a child under 18 has provided us with personal information, we will delete such information from our server/records immediately.
We will disclose your personal information where required to do so by law as governed by the Courts of England, United Kingdom.