For the purpose of the General Data Protection Regulation (“GDPR”) and the Data Protection Act 2018, (collectively the “Data Protection Laws”) the Data Controller is Adrian Myers Image Archive Ltd (trading as “The Ami Collection”), with company number 11163323 and having its registered office address at Cronulla, Thursley Road, Elstead, Godalming GU8 6ED.
YOUR PERSONAL INFORMATION
INFORMATION WE COLLECT FROM YOU
We collect and process some or all of the following types of information from you in the course of providing you with AMI Services:
- Information that you provide by filling in forms on the AMI App, Our Website, by email or telephone or otherwise as part of the registration process or during receipt of AMI Services. This includes information provided at e.g. the time of registering to use the AMI App or other AMI Services, or requesting further information or services.
- Specifically, personal details such as name, email address, date of birth, family members, details about your friends, photographs and other images or any content or information input by you when using the AMI App, Website or otherwise provided to Us by You when using our Services.
- If you contact Us, We may keep a record of that correspondence.
- Details of your visits to the AMI App and Website including, but not limited to, traffic data, location data, weblogs and other communication data, and the resources that you access.
USES MADE OF YOUR INFORMATION
LAWFUL BASIS FOR PROCESSING
We rely on the fact that processing your personal data is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract, as the lawful basis on which We collect and use your personal data.
PURPOSES OF PROCESSING
We use information held about you in the following ways:
- To provide you with the AMI Services.
- To ensure that content on the AMI App and Website is presented in the most effective manner for you and for the device(s) you use to access and view the AMI App and Website.
- To provide you with information and other services that you request from Us or which We feel may interest you.
- To carry out our obligations arising from any contracts entered into between you and Us.
- To allow you to participate in any interactive features of our service, when you choose to do so.
- To notify you about changes to the AMI Services.
- To develop the AMI App and AMI Services in the future to best serve our customers’ needs, which may involve the use of additional technology in order to improve Our services.
- To develop and create new products services including in conjunction with third party companies and suppliers.
In addition to the above uses We may use your information to notify you about goods or services which may be of interest to you. Where We do this, We will contact you by electronic means (e-mail or SMS) only if you have consented to such communication. If you do not want Us to use your data in this way please either:
(i) tick the relevant box situated on the form on which We collect your data (for example, the registration form);
(ii) unsubscribe from our electronic communications using the method indicated in the relevant communication; or
(iii) inform Us at any time by contacting Us at the contact details set out below.
DISCLOSURE OF YOUR INFORMATION
We routinely disclose your personal data to third parties as follows. We may pass your information to our third party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on Our behalf (e.g. to host our servers and developing and enhancing our products and services).
We may disclose your personal data to any member of our corporate group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006 (where applicable). We may also disclose your personal data to third parties:
- in the event that We sell or buy any business or assets, in which case We may disclose your personal data to the prospective seller or buyer of such business or assets; or
- if We or substantially all of our assets are acquired by a third party, in which case personal data held by Us about our customers will be one of the transferred assets; or
- to protect Our rights, property, or safety or that of our affiliated entities and our users and any third party We interact with to provide the AMI Services; or
- for the purposes of developing and enhancing our existing AMI Services and for developing and creating new products and services.
Other than as set out above, and/or save insofar as is necessary in order for Us to carry out our obligations arising from any contracts entered into between you and Us, We will not share your data with third parties unless We have procured your express consent to do so.
STORING YOUR PERSONAL DATA
We take appropriate measures to ensure that any personal data are kept secure, including security measures to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal data to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. Where We have given you (or where you have chosen) a password which enables you to access certain parts of the AMI App or other AMI Service, you are responsible for keeping this password confidential.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where We are legally required to do so.
Unfortunately, the transmission of information via the internet is not completely secure. Although We will do our best to protect your personal data, We cannot guarantee the security of your data transmitted to the AMI App (or other online AMI Service); any transmission is at your own risk. Once We have received your information, We will use strict procedures and security features to try to prevent unauthorised access.
Keeping your personal data up to date
If your personal details change you may update them by contacting Us using the contact details below.
If you have any questions about how We use data collected which relates to you, please contact Us by sending Us an email to firstname.lastname@example.org
We will endeavour to update your personal data with seven (7) working days of any new or updated personal data being provided to Us, in order to ensure that the personal data We hold about you is as accurate and up to date as possible.
HOW LONG WE KEEP YOUR PERSONAL DATA
We will hold your images, information and content, together with your contact details (including addresses), employment and family details for as long as You use Our services and we may retain it for a further period of seven (7) years, in case we receive a claim relating to the data. After that seven year period, We will contact You to confirm if We should delete or retain the information. If You do not respond, we may delete all of Your information.
WHERE WE STORE YOUR PERSONAL DATA
All information We hold about you is stored on secure servers located in the United Kingdom..
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
- access to your personal data and to certain other supplementary information that this Policy is already designed to address
- require Us to correct any mistakes in your information which We hold
- require the erasure of personal data concerning you in certain situations
- receive the personal data concerning you which you have provided to Us, in a structured
commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
- object at any time to processing of personal data concerning you for direct marketing
- object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- object in certain other situations to our continued processing of your personal data
- otherwise restrict our processing of your personal data in certain circumstances
- claim compensation for damages caused by our breach of any data protection laws.
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please:
- email Us at email@example.com:
- let Us have enough information to identify you;
- let Us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and
- let Us know the information to which your request relates.
HOW TO COMPLAIN
We hope that We can resolve any query or concern you raise about our use of your information. The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.