WHO WE ARE

The Site is operated by The Good Web Guide Ltd, a company registered in England and Wales. Our company registration number is 03858681. Our registered office is at Rubine House, Manor Road, Haverhill, Suffolk, CB9 0EP.

When this Privacy Policy mentions “The GoodWebGuide,” “we,” “us,” “our,” or “Data Controller” it refers to the The GoodWebGuide..

We are registered with the Information Commissioner’s Office as a data controller under number Z5402811.

This Privacy Policy sets out how we collect, process and protect any information (including personal data) that you give when you use this website, or communicate with us in any way.

This Privacy Policy applies to all users of our website and service.

Use of this website is in accordance with our Terms of Use. By using our site you indicate that you agree to our Terms of Use and this Privacy Policy.

You must be over 18 years old to use our site. By using our site you confirm that you are over 18 years of age.

If you have any questions about your personal data and this Privacy Policy you can contact us for more information any time by emailing privacy@thegoodwebguide.co.uk or calling 020 7402 6412.

OUR PRIVACY PROMISE

We promise to keep your personal data safe and private, not to sell your personal data, and to give you a simple way to view and manage your marketing and communication choices at any time.

THIS POLICY AND THE GDPR

GDPR stands for the General Data Protection Regulation, a European privacy law approved by the European Commission in 2016. The GDPR will replace a prior European Union privacy directive known as Directive 95/46/EC (the “Directive”), which has been the basis of European data protection law since 1995.

The GDPR is an attempt to strengthen, harmonise, and modernise EU data protection law and enhance individual rights and freedoms, consistent with the European understanding of privacy as a fundamental human right. The GDPR regulates, among other things, how individuals and organisations may obtain, use, store, and eliminate personal data. It applies to any organisation processing personal data of EU citizens.

Personal data will now include not only data that is commonly considered to be personal in nature (e.g. names, physical addresses, email addresses), but also data such as IP addresses, behavioral data, location data, financial information, and more.

The GDPR was adopted in April 2016, but will officially be enforceable on 25th May 2018.

This Privacy Policy has been designed to comply with these new regulations. It will inform you about what kind of information we may collect, how we collect it, why we collect it, the legal basis for collecting it and your rights under the GDPR.

CHANGES TO THIS POLICY

We may change this Privacy Policy from time to time by updating this page. Any changes will be effective immediately upon notice which we may give by any means, including updating this page. You should revisit this page regularly to stay informed of the most up-to-date Privacy Policy.

This Privacy Policy was last updated 2nd May 2018.

INFORMATION WE COLLECT

There are three categories of information we collect:

1. Information you give to us

a) Information necessary for use of the site.
We ask for this information when you use the site as it is required for proper performance of our contract with you.
i) Email information – when you submit your email address to us to join our mailing list
ii) Competition information - When you enter a competition with us such as first name, last name and email address.
ii) Payment information - Payments are processed using our account at Paypal or WorldPay. on their secure platform and will include the method, date and time, amount, card expiry date, billing postcode, your address and other related information. This information is required and necessary for performance of our contract with you. We do not have sight of the card number or CVV code at any time, but this will be held securely by Paypal or Worldpay Inc who are audited and certified as a PCI Service Provider Level 1.
iv) Awards information - If you enter our Website of the Year Awards such as first name, last name and email address, company name and purpose
v) Peoples’ Choice – When you vote for a website in the Peoples Choice element of the Website of the Year awards

b) Information you choose to give us.
You can choose to give us additional information that is not essential for use of the site but will enhance your experience and help us provide a better service to you. This information is processed based on your consent.
i) If you contact us outside of the site via email or other method

2. Information we automatically collect from your use of the website
When you use the website we automatically collect information, including personal data. This information is necessary for the performance of the contract between you and us, as well a given our legitimate interest to improve the functionality of the site and provide you with a good service.

i) Site Usage Information - We collect information about pages you visit and your searches
ii) Geolocation information - We collect information that includes your IP address and this can be used to determine your approximate location.
iii) Log data and device information - We collect log data and device information for when you use the site, even if you are not logged in or registered for an account with us. This information is vital to us for to prevent fraudulent or malicious use of the site.
iv) Cookies - We use cookies and similar tracking technologies on the site and in our emails, such as pixels and web beacons, to analyze trends and movements around the site, serve targeted advertisements, gather demographic information about our user base as a whole, and to tell us when emails we send have been delivered or viewed and links in them clicked. We also partner with third parties to display advertising on our website or to manage and serve our advertising on other sites. You can control the use of cookies on your browser, including disabling use of cookies, but please note that since uniform standards for “Do Not Track” or “DNT” signals have not been adopted, our website do not currently process or respond to “DNT” signals. Our third party partners may use cookies or similar tracking technologies in order to provide you advertising or other content based upon your browsing activities and interests. If you wish to opt out of interest-based advertising click youronlinechoices.eu. For more information about the cookies we use please see our Cookies page.
v) Payment information (for advertisers and award entries) - We collect information related to your payments for services provided including the method, date and time, amount, card expiry date, billing postcode, bank account information (IBAN, SWIFTcode, etc), your address and other related information. This information is required and necessary for performance of our contract with you. Card payments are processed securely using our account at PayPal or Worldpay. and will include the method, date and time, amount, card expiry date, card number, CVV code and billing postcode. It may also include your address and other related information. This information is required and necessary for performance of our contract with you. We do not have site, of the card number or CVV code at any time, but this will be held securely by PayPal or Worldpay who are audited and certified as a PCI Service Provider Level 1.

HOW WE USE THIS INFORMATION

We may use and disclose personal data only for the following purposes:

1. To communicate with site visitors, competition entrants, award entrants and peoples’ choice submitters to provide support.
2. To send you information and promotional material to you by email. You will only receive this information if you have positively opted in and you can stop receiving this content at any time.
3. To send you alerts and notifications by email based on transactions you make on the site - such as entering a competition, Awards entry or Peoples’ Choice submission. These are essential for the performance of our contract and you cannot opt out of receiving these messages, but you will only receive them if you make such transactions.
4. To charge and collect money from our customers. This includes sending you notices and alerts by email or telephoning. We use third party (PayPal & WorldPay) for secure card payment processing, and we send billing information to them for processing orders and payments. We use third party accounting systems to manage our financial accounts. We send them billing information for this purpose.
5. To provide, support and improve the website and service to you. This may include sharing your personal data with third party service providers to provide and support our service and make certain features available to you. We ensure your data is protected by ensuring all third parties we may use have entered into a contract to only use your data as is necessary and in a manner that is consistent with this Privacy Policy.
6. To enforce compliance with our Terms of Use and applicable law. This includes storing server log data that help us prevent site misuse and violation.
7. To protect the rights and safety of our customers, site visitors and third parties.
8. To meet legal requirements, comply with the law, court orders, respond to legal requests or an official investigation.
9. To provide information to our advisors or agents, such as lawyers and accountants.
10. We may share your data with a third party if we choose to sell, transfer or merge part or all of our business - or we we seek to acquire another business or merge with them. We will only share your data with a third party in this case if they agree to keep your data safe and private and have the appropriate safeguards in place. In any such event we will notify you of the change either by sending you an email or posting a notice on our Website.

THIRD PARTY LINKS

The Good Web Guide includes links to third party websites including partners, advertisers, social media sites (such as Instagram, Facebook or Twitter) and other websites. We do not control these sites and when you visit them you may be providing personal data to the third party. The third party’s use of your information will be governed by their own Privacy Policy which we recommended you review. We do not accept any responsibility or liability for their policies whatsoever.

RECIPIENTS OF THE YOUR DATA (WHO WE MAY SHARE IT WITH)

1. Other Site Users:
a) Entering a competition - If you interact with the site to enter a competition, we will share data with the competition partner only if you allow us to share that information. This information is therefore provided with your consent.
b) Entering the Awards - If you choose to enter the Website of the Year Awards. We will share that with our judges panel, affiliates and other parties involved in the Awards. This information is therefore provided with your consent.
c) Voting in the Peoples’ Choice – If you choose to vote in the Peoples’ choice. We may share that with our judges panel, affiliates, and other parties involved in the awards. This information is provided with your consent.

2. Our Employees and Contractors:
You data will be shared with our employees, contractors and agents who all enable us to provide the service. We need to share this information in order to ensure the adequate performance of our contract with you. Such recipients will have entered into a contract to keep your data safe and private and in a manner that is consistent with this Privacy Policy.

3. Service Providers:
We use a variety of third party service providers (TTPs) to help us who help us provide and support our services. We need to share this information in order to ensure the adequate performance of our contract with you. These TTPs would be classed as “data processors” under GDPR. Examples of TTPs we use include payment processors, hosting services, helpdesk systems and content delivery services. All TTPs enter into a contract that requires them to use your personal data only for the provision of services to us and in a manner that is consistent with this Privacy Policy.

4. Other Third Parties:
We may share your data with a third party if we choose to sell, transfer or merge part or all of our business - or we we seek to acquire another business or merge with them. We will only share your data with a third party in this case if they agree to keep your data safe and private and have the appropriate safeguards in place.

TRANSFERS TO THIRD PARTY PROCESSORS AND OUTSIDE THE EU

We are a UK registered company, operating in the UK and our website and service is available to anyone worldwide. We use a number of Third Party Processors (TTPs) to enable us to provide and support the website and service to our Owners, Webusers and Visitors. Some of these TTPs are based outside the European Economic Area (EEA) and data is processed on servers located outside the EEA. These TTPs have limited access to your information and perform process on our behalf. We only use TTPs who we are confident have the appropriate safeguards in place and they are contractually bound to protect and use it only for the purposes for which it was transferred, consistent with this Privacy Policy.

Examples of TTPs we use include (but are not limited to):
Hosting - Amazon Web Services (AWS), Rackspace, 1&1
Email - Mailchimp

Safeguards - EU-US Privacy Shield
The EU-US Privacy Shield is a framework that protects the fundamental rights of anyone in the EU whose personal data is transferred to the United States for commercial purposes. Our TTPs are certified and comply with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework. They comply with the Privacy Shield Principles for all transfers of personal data from the EU and Switzerland. Where appropriate we have signed Data Processing Addendums with TTPs to be confident that any data from the EEA that is being transfered outside of the the EEA will be subjected to the same high levels of security, privacy control, and data protection that it would receive in the EU.

YOUR RIGHTS

The GDPR provides the following rights for individuals:

1. Right to be informed
You have the right to be informed about the collection and use of personal data. This Privacy Policy should contain all the information you need for you to exercise this right.

2. Right of access
You have the right to access your personal data and supplementary information. You can request this by emailing privacy@thegoodwebguide.co.uk We will respond to a request within one month. We may ask you to verify your identity.

3. Right to rectification
You have the right to ask us to have inaccurate personal data rectified, or completed if it is incomplete by emailing privacy@thegoodwebguide.co.uk We will respond to a request within one month. We may ask you to verify your identity.

4. Right to erasure
You have a right to have your personal data erased. This is also known as the “right to be forgotten”. You can ask us to delete your data by emailing us at privacy@thegoodwebguide.co.uk We will respond to a request for erasure within one month. We may ask you to verify your identity.

5. Right to restrict processing
In certain circumstances, you have a right to restrict the way we may process your personal data, as an alternative to erasing it, if you have a particular reason for wanting it restricted

6. Right to data portability
Your right to data portability entitles you to obtain personal data you have provided to us - in a commonly used, structured format - and request that we send it to another another service provider (if technically feasible).

7. Right to object or withdraw consent
You have the right to object to our processing of your personal data where the use is based on our legitimate interests (including profiling), or where it is used for direct marketing. You may at any time ask us to stop processing of your information for direct marketing purposes, by emailing us at privacy@thegoodwebguide.co.uk or by following the link on our emails.

HOW LONG WE MAY KEEP YOUR DATA

We generally retain your information for as long as your account is active or as long as necessary to provide you with our service. We may also retain and use your information in order to comply with our legal obligations, resolve disputes, prevent abuse, and enforce our Agreements.

SECURITY

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

Updated April 2024