Welcome to the JohnShawIP.com privacy notice.
1. Important information
JohnShawIP.com is written and operated by John Shaw (I/me). I am a solicitor qualified in England and Wales. This blog is prepared and maintained by me in my personal capacity and does not reflect the views of my employer (currently Blake Morgan LLP).
This Notice aims to give you information on how your personal data is collected and processed through your use of this website, including any data you may provide through this website.
I am the controller and responsible for your personal data.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (http://www.ico.org.uk). I would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact me in the first instance.
2. The data collected about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
I may collect, use, store and transfer different kinds of personal data about you which I have grouped together as follows:
- Identity Data includes first name, last name, username or similar identifier, title, and gender.
- Contact Data includes your email address.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
- Profile Data includes your username, any comments made by you, and survey responses.
- Usage Data includes information about how you use our website, products and services.
- Communications Data includes your preferences in receiving emails from me.
I do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do I collect any information about criminal convictions and offences.
If you do not provide personal data you will still be able to view the website, but may not be able to use all the features available, like leaving comments.
3. How is your personal data collected?
Direct interactions. You may give me your Identity or Contact data by filling in forms or by corresponding with me by email.
Automated technologies or interactions. As you interact with this website, it will automatically collect Technical Data about your equipment, browsing actions and patterns using cookies, Google Analytics and other similar technologies.
4. How your personal data is used
I will only use your personal data when the law allows me to do so. Most commonly, I will use your personal data in the following circumstances:
- Where it is necessary for my legitimate interests (for example to understand how the website is being used) and your interests and fundamental rights do not override those interests.
- Where you have consented to me using your personal data (for example when you leave a comment).
- Where I need to comply with a legal obligation.
Purposes for which I will use your personal data
|Purpose/Activity||Type of data||Lawful basis for processing including basis of legitimate interest|
|To manage my relationship with you which will not include any direct notification from me to you.||Identity, Contact, Profile||Necessary for my legitimate interests (to understand how people use the website)|
|To enable you to interact with the website.||Identity,|
Contact, Profile, Usage, Technical
|Necessary for our legitimate interests (to study how people use the website to develop and improve it)|
|To administer and protect the website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||Identity, Contact, Technical||Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)|
|To use data analytics to improve the website, products/services, marketing, customer relationships and experiences||Technical,|
|Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)|
5. Disclosures of your personal data
I may share your personal data with the WordPress, Google Analytics and some social media platforms for the purposes set out in the table above.
I do not deliberately transfer your personal data outside the European Economic Area (EEA). If such a transfer does occur I will ensure, to the extent that I am able to, a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- To only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- Where transferring personal data to the USA, if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.
6. Data security
WordPress has put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, I limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
I will only retain your personal data for as long as reasonably necessary to fulfil the purposes for which it was collected
YOUR LEGAL RIGHTS
You have the right to:
Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data I hold about you and to check that I am lawfully processing it.
Request correction of the personal data that I hold about you. This enables you to have any incomplete or inaccurate data held about you corrected, though I may need to verify the accuracy of the new data you provide.
Request erasure of your personal data. This enables you to ask me to delete or remove personal data where there is no good reason for me continuing to process it. You also have the right to ask me to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where I may have processed your information unlawfully or where I am required to erase your personal data to comply with local law. Note, however, that I may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Object to processing of your personal data where I am relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where I am processing your personal data for direct marketing purposes. In some cases, I may demonstrate that I have compelling legitimate grounds to process your information which override your rights and freedoms.
Request restriction of processing of your personal data. This enables you to ask me to suspend the processing of your personal data in the following scenarios:
- If you want me to establish the data’s accuracy.
- Where my use of the data is unlawful but you do not want me to erase it.
- Where you need me to hold the data even if it is no longer required it as you need it to establish, exercise or defend legal claims.
- You have objected to our use of your data but I need to verify whether there are overriding legitimate grounds to use it.
Request the transfer of your personal data to you or to a third party. I will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for me to use or where I used the information to perform a contract with you.
Withdraw consent at any time where I are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, I may not be able to provide certain products or services to you. I will advise you if this is the case at the time you withdraw your consent.