This Privacy Notice was last updated on 29/09/2023
This notice outlines the details of what information we, STF Online Ltd T/A AwakenMySexuality (referred to as 'we', 'us', and 'our'), collect about you, the purposes for which we use that information, and to whom we may disclose it. We also specify your rights related to your data and provide contact information should you require further details or have any questions.
We place great importance on data protection and are dedicated to safeguarding your personal information. This Privacy Notice explains our approach to handling personal information collected through various channels, including our website at AwakenMySexuality.co.uk.
Our policy is to gather only the bare minimum amount of data needed from you. If you suspect that we have obtained an excessive amount of data about you, please email us to share your concerns.
Throughout this Privacy Notice, we use the terms "personal data" to refer to your personal information, and we refer to the handling, collection, protection, or storage of your data as "processing."
While you are not required to provide us with your personal data, if we request it and you refuse, we may be unable to provide you with the information, products, or services you require from us.
Personal Information Collection
Personal information refers to any data that enables your identification, such as your name, address, email address, or phone number.
Below are some ways in which you can furnish us with your personal information:
- Placing orders for our products
- Browsing our website and searching for content
- Subscribing to our newsletter
- Providing us with your CV or work history information. When you provide us with personal information, we may use it for any of the purposes set out in this Privacy Notice, including but not limited to:
- Providing you with our products
- Administering and managing our website(s), including:
- Confirming and verifying your identity
- Customizing and enhancing your browsing experience by displaying content that is more relevant and interesting to you
- Understanding how people use the features and functions of our website in order to enhance user experience
- Monitoring and enforcing compliance with our terms of business and policies, and/or
- Any other purposes for which you provided the information to us, including those given in the "Personal Information Collection" section above. We do not gather personally identifying information for third-party sale or use.
- To fulfill our contractual obligations to you
- To comply with any legal obligations to which we are subject
- To meet our legitimate interests in effectively delivering products and services to you and in effectively and lawfully operating our businesses
- If you have agreed to our processing of your personal information (where no other legal basis for processing is available)
Personal Information Security
We have implemented accepted technology and operational security standards to protect your personally identifiable information from loss, misuse, alteration, or destruction. Access to personally identifiable information collected by us is limited to authorised personnel who have agreed to maintain confidentiality. While we use appropriate security measures once we receive your personal data, data transmission over the internet, including email, is never entirely secure. We make an effort to protect personal data, but we cannot guarantee data transmitted to or from us is completely secure.
Sharing Personal Information
We may share or disclose the personal data we collect from you with third parties, their subcontractors, subsidiaries, and affiliates for the following purposes:
- The purposes for which the information has been submitted
- The purposes listed above under the use of personal information
- The administration and maintenance of our website and/or Other internal or administrative purposes
- We may also transfer, share, or disclose personal data to third-party service providers for identity management, website hosting and management, data analysis, data backup, security, and storage services. These third-party providers may use their subcontractors that have access to personal data (sub-processors). Our policy is to use only third-party providers that are required to maintain appropriate levels of security and confidentiality, process personal information only as instructed by us, and flow the same obligations down to their sub-processors.
- ABS Holdings
International Personal Information
We do not transfer (send) your personal information outside the European Economic Area (EEA).
Other Personal Information Disclosures
We may also disclose personal information to third parties in the following cases:
- When explicitly requested by you
- When required to deliver our products and services to you
- As otherwise set out in this privacy statement. We may also disclose your personal information to law enforcement and other government agencies and other third parties, as required by and/or in accordance with applicable law or regulation.
Retention of Personal Data
We will store your personal data only for as long as it is necessary for the purposes for which it was collected, or as required by law. Usually, we will retain your personal data for seven years. To obtain a copy of our retention policy, please contact us.
We will keep your contact information, such as mailing list information, until you un-subscribe or request that we delete it. If you choose to un-subscribe from a mailing list, we may keep limited information about you to honour your request.
If we require your explicit consent to provide you with marketing materials, we will only provide them if you have given us consent to do so.
By subscribing to our services, you will receive automated emails when content is updated. If you choose to subscribe to any newsletters or select any preferences, you will receive email communications related to those topics.
You can unsubscribe from our mailing lists or subscriptions by following the instructions provided in the relevant communications or by contacting us at any time to request that we stop sending such communications.
If you unsubscribe, we may retain information sufficient to identify you so that we can honour your request.
Rights Relating to Your Data
You have certain rights with regard to your personal data that we hold. Specifically, you have the right to:
- Receive a copy of your personal data that we hold;
- Request that we update or correct any personal data that you believe to be incorrect or incomplete;
- Ask us to delete your personal data or restrict the way in which we use it;
- Object to our processing of your personal data; and/or
- Withdraw your consent to our processing of your personal data (where we process it based on consent and consent is the only basis for processing).
If you would like to exercise these rights or find out if they apply to you, please contact us.
We will not use your personal data for automated decision-making or profiling.
We recognize the importance of protecting children's privacy and we do not knowingly collect personal data from individuals under the age of 18. Our Terms and Conditions of Use require all users to be of the age of majority in their local country. We comply with laws regarding marketing to children.
We do not intend to collect special category (sensitive) personal data through our website(s) unless required by law. Special category data includes race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, genetic data, biometric data, sexual life or orientation, and criminal records. We request that you do not provide us with any special category personal data when using our website.
Get in touch
You also have the right to file a complaint with your local data protection regulator, which in the UK is the Information Commissioner's Office (ICO). The ICO can be contacted through any of the following methods:
Online Form: www.ico.org.uk/global/contact-us/email/
Phone: 0303 123 1113 (local rate - calls to this number cost the same as calls to 01 or 02 numbers). If you're calling from outside the UK, please dial +44 1625 545 700. Postal Mail: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
RETENTION POLICY FOR STF ONLINE LTD | T/A AWAKEN MY SEXUALITY
STF ONLINE LTD | T/A AWAKEN MY SEXUALITY (referred to as 'we', 'us', or 'our') is dedicated to:
- Complying fully with all the requirements of the General Data Protection Regulation (GDPR).
- Efficiently managing records to effectively deliver our services.
This policy outlines our commitment to fulfilling our obligations and responsibilities under the GDPR and its principles pertaining to the retention and destruction of personal data. It provides guidance on retaining, deleting, and disposing of personal data for which we hold a responsibility and/or obligation under the GDPR. This policy applies to all personal data stored by us, whether kept in paper, electronic, or digital form, and all of our staff.
Please note that this policy should be read and used in conjunction with our other policies, including data protection and privacy.
The objectives of this policy are to:
- Ensure compliance with the GDPR and its principles regarding the retention, disposal, and destruction of personal data.
- Comply with all applicable legal and regulatory requirements.
- Securely store personal data.
- Ensure that personal data is up-to-date.
- Maintain accurate personal data.
- Assist with subject access requests.
- Ensure that personal data stored in storage can be quickly and efficiently retrieved.
- Carry out the retention, disposal, and destruction of personal data in a consistent and controlled manner.
- Assist with audits.
- Minimize storage requirements and costs.
- Help identify the location of personal data.
- Clarify responsibilities for implementing, complying with, and monitoring this policy.
In this policy, the following definitions apply:
- Individual-related information means any details regarding an identified or identifiable person ('data subject') such as their name, postal/email address, phone number or ID, date of birth, ID documents and numbers, and educational/professional documents (e.g. CVs & certificates).
- Sensitive personal data refers to information revealing a person's racial or ethnic origin, political views, religious or philosophical beliefs, trade-union affiliation, genetic data, biometric data for uniquely identifying a person, health data, data concerning their sex life or sexual orientation, and data about criminal convictions or offences.
- Data subject refers to any person whose individual-related information is processed by us.
- Processing refers to any use of personal data including collecting, recording, organizing, structuring, storing, adapting or changing, retrieving, consulting, using, disclosing, distributing, deleting, and destroying. (This covers virtually anything that STF ONLINE LTD | T/A AWAKEN MY SEXUALITY does with personal data).
- Data controller means the organization that determines the purposes and means of processing individual-related information. NB: STF ONLINE LTD |T/A AWAKEN MY SEXUALITY is the data controller for the purposes of this policy.
- Data processor means any person or organization that processes personal data on behalf of a data controller.
- Personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to individual-related information transmitted, stored, or otherwise processed.
- Consent means any freely given, specific, informed, and unambiguous indication of a data subject's wishes by which they, through a statement or clear affirmative action, signify agreement to the processing of their individual-related information.
- Staff refers to all individuals working at or for STF ONLINE LTD | T/A AWAKEN MY SEXUALITY , including directors and permanent, temporary, and interim employees.
For the purposes of this policy, the following data protection principles must be observed in relation to personal data:
- Personal data must be adequate, relevant and limited to what is necessary for the purposes of processing (i.e. data minimization).
- Personal data must be accurate and kept up-to-date, and any inaccuracies must be erased or rectified without delay (i.e. accuracy).
- Personal data must not be stored in a form that permits identification of data subjects for longer than necessary, unless it is for public interest, scientific or historical research, or statistical purposes, and appropriate measures are implemented to protect the data subjects' rights (i.e. storage limitation).
- Personal data must be processed with appropriate security measures to prevent unauthorized or unlawful processing, and against accidental loss, damage, or destruction (i.e. integrity and confidentiality). Note that retaining personal data unnecessarily could result in unnecessary costs, occupy valuable storage space, and expose us to significant liability risks.
Roles and Responsibilities
Our Directors have ultimate responsibility for ensuring compliance with GDPR, data protection principles, and this policy. The Commercial Director is responsible for daily operational compliance with GDPR, data protection principles, and this policy. You can contact the Commercial Director at firstname.lastname@example.org. All staff members must adhere to GDPR, data protection principles, and this policy when performing their duties. Line managers are responsible for supporting staff in complying with this policy. Failure to comply with this policy may result in disciplinary action and legal consequences.
Personal data is usually kept for a minimum of seven years.
Disposal and Destruction
All personal data must be disposed of and destroyed when the retention periods expire, unless authorized in writing by a member of the Board of Directors. Failure to comply with this policy may result in serious gross misconduct and dismissal. Line managers are responsible for securely disposing of paper records and deleting electronic files from local PCs.