This website (hereinafter “Website”) collects some Personal Data from its Users.
The Data are collected and processed for the purposes set out below.
Data Processing Ownership
Business One Page Plan Ltd 22/28 Willow Street Accrington Lancashire BB5 1LP, firstname.lastname@example.org
Types of Data collected
Among the Data that this website may collect there are: Cookie, Browsing and usage Data, First Name, Last Name, Phone number, Company name, Address and Email.
The Personal Data may be freely inserted by the User or the Data Subject, or collected automatically when using the website.
Failure to provide certain Personal Data, in particular Navigation Data, by deactivating the website’s Cookies may make it impossible to surf or for the website to provide its services.
The Personal Data collected may regard both the User and third parties whose data the User provides.
The User assumes responsibility for the Personal Data of third parties published or shared through the website and declares that (s)he has the right to communicate or broadcast them, thus relieving the Owner of all responsibility towards third parties.
PHP Session Cookies are used on this Website in order to allow the functionality of the Website to work.
This website does not host any card details of its customers. All card transactions are handled through Sagepay; the token system currently employed is not stored within the Website and therefore no credit card details are stored within www.businessonepageplan.co.uk.
Mode and place of processing the Data obtained
Method of Processing
The Data Controller processes the Data of the Interested Parties and Users in a lawful and proper manner and shall take appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of the Data.
Processing is carried out using computers and / or telematic means, with organizational methods and logics strictly related to the stated purposes.
In addition to the owner, in some cases, access to the Data may be available to external parties (such as third party technical service providers, mail carriers, hosting providers, IT companies, communications agencies). The updated list of Managers may be requested from the Owner at any time.
The Data are processed at the headquarters of the Data Controller, unless stated otherwise in the rest of this document.
The Data are kept for the time necessary to perform the service requested by the User, and the User can always ask for their suspension or removal.
The use of the collected Data
The Data concerning the User or the Data Subject are collected for the following purposes: Analytics and Email contact.
The kinds of Personal Data used for each purpose are given in the specific sections of this document.
The use of Data for additional purposes by the Owner may in some cases, and for legal purposes, require specific consent by the User or the Data Subject.
Detailed information on the processing of Personal Data and the services provided by third parties
Personal Data collected for the following purposes and using the following services:
The services contained in this section enable the Owner to monitor and analyse web traffic and can be used to keep track of User behaviour.
Google Analytics (Google)
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilizes the Data collected to track and examine website use, to prepare reports on a Website’s activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
Personal data collected: Cookie and Browsing and usage Data.
Contact form (This Website)
By filling in the Contact form with his/her Data, the User authorizes the Website to use these details to reply to requests for information, quotes or any other kind of request as indicated by the form’s header.
Personal data collected: First Name, Last Name, Phone number, Company name, Address and Email.
Personal data collected: Email.
Additional information about data processing
The User’s Personal Data may be used for legal purposes by the Owner of the Website in court or in the stages leading to possible legal action arising from its improper use or that of related services by the User.
Specific information may be shown on the pages of the Site concerning particular services or the processing of Data provided by the User or by the Data Subject.
The User’s Personal Data may be further used in ways and for purposes required for Website maintenance.
For operation and maintenance purposes, this Website and any third party services it uses may collect system logs, i.e., files that record interaction – including navigation. They may also contain personal data, such as IP addresses.
Information not contained in this policy
More information on processing Personal Information may be requested from the Owner at any time.
The Rights of Data Subjects
Those persons to whom the Data refer have the right, at any time, to know whether their data has been stored and can consult the Data Controller to learn about their contents and origin, to verify their accuracy or to ask for them to be supplemented, cancelled, updated or corrected, or for their transformation into anonymous format or to block any data held in violation of the law, as well as to oppose their treatment for any and all legitimate reasons. Requests should be sent to the Owner of the Processing System.
Definitions and legal references
Personal information or Data
Any information regarding a natural person, a legal person, an institution or an association, which is, or can be, identified, even indirectly, by reference to any other information, including a personal identification number.
Browsing and usage Data
Information collected automatically from the Site, including the IP addresses or domain names of the computers utilized by the users who connect to the site, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the visitor, the various time details per visit (e.g., the time spent on each page) and the details about the path followed within the site with special reference to the sequence of pages visited, and other parameters about the operating system and the user's IT environment.
Means the individual user of the Website’s services or products.
The legal or natural person to whom the Personal Data refer.
The natural person, legal person, public administration or any other organization, association or organization designated by the Data Controller for the Personal Data processing system.
The natural person, legal person, public administration or any other body, association or organization with the right, also jointly with another Data Controller, to make decisions regarding the purposes, and the methods of processing of Personal Data and the means used, including the security measures concerning the operation and use of this Site.
Notice to European Users: this privacy statement has been prepared in fulfillment of the obligations under Art. 10 of EC Directive n. 95/46/EC, and under the provisions of Directive 2002/58/EC, as revised by Directive 2009/136/EC, on the subject of Cookies.
Latest update: November 09, 2012
This website uses an SSL (Secure Sockets Layer) Certificate. Below is detailed how this works.
What Happens When a Browser Encounters SSL
• A browser attempts to connect to a website secured with SSL.
• The browser requests that the web server identify itself.
• The server sends the browser a copy of its SSL Certificate.
• The browser checks whether it trusts the SSL Certificate. If so, it sends a message to the server.
• The server sends back a digitally signed acknowledgement to start an SSL encrypted session.
• Encrypted data is shared between the browser and the server.
Encryption Protects Data During Transmission
Web servers and web browsers rely on the Secure Sockets Layer (SSL) protocol to help users protect their data during transfer by create a uniquely encrypted channel for private communications over the public Internet. Each SSL Certificate consists of a key pair as well as verified identification information. When a web browser (or client) points to a secured website, the server shares the public key with the client to establish an encryption method and a unique session key. The client confirms that it recognizes and trusts the issuer of the SSL Certificate. This process is known as the "SSL handshake" and it begins a secure session that protects message privacy and message integrity.
Strong encryption, at 128 bits, can calculate 288 times as many combinations as 40-bit encryption. That's over a trillion times stronger. At current computing speeds, a hacker with the time, tools, and motivation to attack using brute force would require a trillion years to break into a session protected by an SGC-enabled certificate. To enable strong encryption for the most site visitors, this site uses an SSL Certificate that enables 128-bit minimum encryption for 99.9 percent of website visitors.
When Credit Card details are entered onto our website, these are entered on a secured page and are transferred using the SSL technology previously mentioned. They are transferred over to Sagepay and not stored within the website