Your privacy matters to me. The UK’s General Data Protection Regulation 2018 (GDPR) sets rules about how businesses manage and protect the data that they hold. This page explains my data protection policy. I may update it from time to time to comply with changes to UK law. If you have any questions about how I store and use your data, you can contact me at any time.

What personal data do I collect and what do I do with it?

  • I will only ask you for data that I need in order to provide a business service to you.
  • If you contact me by email or complete the contact form on this website, I will securely store the details you supply.
  • I will not ask for extra information unless it is strictly necessary for the project.
  • I will only use a testimonial on my website with your express permission.
  • I will never use your information to send you marketing or promotional emails. And I won’t pass it on to someone else unless you ask me to, or I have asked your permission, or I am required by law to provide it (for instance, for a tax audit).
  • I will not sell or lease your personal information to third parties.
  • If you agree to work with me, for tax purposes I will hold your data after the project is completed until I am no longer required to do so (currently six years in the UK).

What other information do I store?

  • Electronic records of telephone conversations relating to the project.
  • Information about each job, such as hours worked, agreed fees, and any other information provided.
  • Anonymised information about your use of this website, including pages viewed. This information includes traffic data, browser usage, operating system, and other communication data. I will not be able to identify you personally from this information, which I keep only as a guide to the effectiveness of my website.

How do I store and protect your data?

  • All project-related files and emails for live projects are stored on a password-protected computer that only I control.
  • Files are backed up regularly to an external hard drive, which is stored in a secure location and is also password-protected.
  • Files are also backed up to a secure cloud storage system that is password-protected.
  • All project-related files and emails for completed projects are stored in a password-protected archive.
  • I use reputable providers for web hosting, password protection, and cloud storage.
  • All personal data is irretrievably wiped from all old devices before I dispose of them.
  • Should I have a breach in my security, I will tell you as soon as possible if I think your information may not be safe.

What can you ask me to do with your information?

  • You can ask for details of the personal data (as defined under the GDPR) that I hold about you. 
  • If you tell me that information I am holding about you is incorrect, I will update it within 15 working days.
  • You can withdraw permission for use of a testimonial or feedback displayed on this website.
  • You can ask me to delete any information that I hold about you, except for details that I need to keep by law or for tax purposes (such as your name and address on invoices, or a record of our business contract).

If you have any questions that have not been answered here, please contact me at hesterhigton@academicedit.co.uk.