GDPR Policy 

Last Edited: 24th July 2022

Definitions

Business Name
– Ayuda Agency Ltd T/A The Brandalorian

GDPR
– General Data Protection Regulation

Responsible Person
– Kris Wood

Register of Systems
– A register of all systems or contexts in which personal data is processed by Ayuda Agency Ltd T/A The Brandalorian

 

Data Protection Principles

Ayuda Agency Ltd T/A The Brandalorian is committed to processing data in accordance with its responsibilities under the GDPR.

Article 5 of the GDPR requires that personal data shall be:

 

  1. Processed lawfully, fairly, and in a transparent manner in relation to individuals;
  2. Collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes shall not be considered incompatible with the initial purposes;
  3. Adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed;
  4. Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
  5. Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and
  6. Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

 

General Provisions

  1. This policy applies to all personal data processed by Ayuda Agency Ltd T/A The Brandalorian.
  2. The Responsible Person, Chris James, shall take responsibility for Ayuda Agency Ltd T/A The Brandalorian’s ongoing compliance with this policy.
  3. This policy shall be reviewed at least annually.
  4. Ayuda Agency Ltd T/A The Brandalorian shall register with the Information Commissioner’s Office as an organisation that processes personal data.

 

Lawful, Fair and Transparent Processing

  1. To ensure its processing of data is lawful, fair and transparent, Ayuda Agency Ltd T/A The Brandalorian shall maintain a Register of Systems.
  2. The Register of Systems shall be reviewed at least annually.
  3. Individuals have the right to access their personal data, and any such requests made to Ayuda Agency Ltd T/A The Brandalorian shall be dealt with in a timely manner.

 

Lawful Purposes

  1. All data processed by Ayuda Agency Ltd T/A The Brandalorian must be done on one of the following lawful bases: consent, contract, legal obligation, vital interests, public task, or legitimate interests (see ICO guidance for more information).
  2. Ayuda Agency Ltd T/A The Brandalorian shall note the appropriate lawful basis in the Register of Systems.
  3. Where consent is relied upon as a lawful basis for processing data, evidence of opt-in consent shall be kept with the personal data.
  4. Where communications are sent to individuals based on their consent, the option for the individual to revoke their consent should be clearly available, and systems should be in place to ensure such revocation is reflected accurately in Ayuda Agency Ltd T/A The Brandalorian’s systems.

 

Data Minimisation

  1. Ayuda Agency Ltd T/A The Brandalorian shall ensure that personal data are adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.

 

Accuracy

  1. Ayuda Agency Ltd T/A The Brandalorian shall take reasonable steps to ensure personal data are accurate.
  2. Where necessary for the lawful basis on which data is processed, steps shall be put in place to ensure that personal data are kept up to date.

 

Archiving / Removal

To ensure that personal data is kept for no longer than necessary, Ayuda Agency Ltd T/A The Brandalorian shall put in place an archiving policy for each area in which personal data is processed and review this process annually.

 

Security

  1. Ayuda Agency Ltd T/A The Brandalorian shall ensure that personal data is stored securely using modern software that is kept up-to-date.
  2. Access to personal data shall be limited to personnel who need access, and appropriate security measures should be in place to avoid unauthorised sharing of information.
  3. When personal data is deleted, this should be done safely such that the data is irrecoverable.
  4. Appropriate backup and disaster recovery solutions shall be in place.

 

Breach

In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, Ayuda Agency Ltd T/A The Brandalorian shall promptly assess the risk to people’s rights and freedoms and, if appropriate, report this breach to the ICO (more information on the ICO website).

 

Privacy Policy

Last Edited: 24th July 2024

 

Introduction

This privacy notice provides you with details of how Ayuda Agency Ltd T/A The Brandalorian collects and processes your personal data through your use of our website www.thebrandalorian.com.

By providing us with your data, you warrant to us that you are over 13 years of age.

Ayuda Agency Ltd T/A The Brandalorian is the data controller and we are responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice).

 

Contact Details

Address: 5 Hesleyside Road, South Wellfield, Whitley Bay, England, NE25 9HB

Business Name: Ayuda Agency Ltd T/A The Brandalorian 

Email Address: info@thebrandalorian.com

 

It is important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at info@thebrandalorian.com.

What Data Do We Collect About You, For What Purpose and on What Ground We Process It

Personal data means any information capable of identifying an individual. It does not include anonymised data.

 

We may process the following categories of personal data about you:

– Communication Data: Includes any communication that you send to us whether that be through the contact form on our website, through email, text, social media messaging, social media posting, or any other communication that you send us. We process this data for the purposes of communicating with you, for record keeping, and for the establishment, pursuance, or defence of legal claims. Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records, and to establish, pursue, or defend legal claims.

– Customer Data: Includes data relating to any purchases of goods and/or services such as your name, title, billing address, delivery address, email address, phone number, contact details, purchase details, and your card details. We process this data to supply the goods and/or services you have purchased and to keep records of such transactions. Our lawful ground for this processing is the performance of a contract between you and us and/or taking steps at your request to enter into such a contract.

– User Data: Includes data about how you use our website and any online services together with any data that you post for publication on our website or through other online services. We process this data to operate our website and ensure relevant content is provided to you, to ensure the security of our website, to maintain backups of our website and/or databases, and to enable publication and administration of our website, other online services, and business. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business.

– Technical Data: Includes data about your use of our website and online services such as your IP address, your login data, details about your browser, length of visit to pages on our website, page views, and navigation paths, details about the number of times you use our website, time zone settings, and other technology on the devices you use to access our website. The source of this data is from our analytics tracking system. We process this data to analyse your use of our website and other online services, to administer and protect our business and website, to deliver relevant website content and advertisements to you, and to understand the effectiveness of our advertising. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business and to grow our business and to decide our marketing strategy.

– Marketing Data: Includes data about your preferences in receiving marketing from us and our third parties and your communication preferences. We process this data to enable you to partake in our promotions such as competitions, prize draws, and free give-aways, to deliver relevant website content and advertisements to you, and to measure or understand the effectiveness of this advertising. Our lawful ground for this processing is our legitimate interests which in this case are to study how customers use our products/services, to develop them, to grow our business, and to decide our marketing strategy.

We may use Customer Data, User Data, Technical Data, and Marketing Data to deliver relevant website content and advertisements to you (including Facebook adverts or other display advertisements)