Last updated: 22.03.23
Pixel Fridge Ltd (“us”, “we”, or “our”) operates https://pixelfridge.digital/ (the “Site”). This page informs you of our policies regarding the collection, use and disclosure of Personal Information we receive from users of the Site.
We use your Personal Information only for providing updates and improving the Site. By using the Site, you agree to the collection and use of information in accordance with this policy.
Information Collection And Use
While using our Site, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to your name, email and organisation (“Personal Information”).
Like many site operators, we collect information that your browser sends whenever you visit our Site (“Log Data”).
This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics.
In addition, we may use third party services such as Google Analytics that collect, monitor and analyse this usage data.
We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that provide more information on the services and operations of Pixel Fridge. If you wish to opt out of these, please use the Unsubscribe functionality, or contact firstname.lastname@example.org.
Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive.
Like many sites, we use “cookies” to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some features of our Site, so please bear this in mind.
The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.
Pixel Fridge may gather and use certain information about individuals. These can include customers, suppliers, business contacts, employees and other people the organisation has or may need to contact.
This policy describes how this potential data must be collected, handled, stored and disposed of to meet GDPR requirements and comply with the Law.
This GDPR policy ensures Pixel Fridge:
- Complies with the regulations and follows good practice
- Protects the rights of staff, clients and partners
- Is open and transparent about how it collects, stores and processes individual’s data
- Protects itself from the risks of data breach
Data Protection Law
The Data Protection Act 1998 was replaced by the General Data Protection Regulations in May 2018 (following an EU directive). The regulations describe how a company including Pixel Fridge must collect, handle, store and dispose of personal information. The Regulations apply whether the data is stored electronically or as hard copy.
Data kept will be:
- Collected fairly and legally
- Individuals will be made aware and must actively give permission
- Data must be relevant.
- Data will be accurate and current
- Not be held for longer than necessary
- Be protected appropriately
- Destroyed on request – right to be forgotten
- Be supplied on request to the relevant individual FOC
This policy applies to all staff of Pixel Fridge.
It applies to all data that the company holds relating to identifiable individuals, even if that information technically falls outside GDPR 2018. This data will include:
- Names of individuals
- Postal addresses
- E-mail addresses
- Telephone numbers – landline and mobile
- And any other information relating to individuals
Data Protection Risks
This policy helps to protect Pixel Fridge from security risks including:
- Breaches of confidentiality e.g., divulging information by mistake
- Failing to offer choice e.g., preventing the individual from giving permission on holding data, what is held and how it is stored
- Reputational damage e.g., servers being hacked and sensitive data being stolen
All staff have some responsibility for ensuring that data is collected handled stored and disposed of appropriately. Each team within Pixel Fridge must ensure that data is handled in line with GDPR 2018.
Key stakeholders are:
Co-Founders/Directors– Nick Murray, Tom Aston and Chris Myhill are responsible for ensuring the company meets its legal requirements under GDPR 2018
Data Controller/Officer – Tom Aston is responsible for:
- Ensuring GDPR are applied with
- Reviewing GDPR procedures
- Where relevant, arranging GDPR training for people covered by this policy
- Handling data protection questions from staff and anyone else covered by the policy
- Dealing with requests from individuals who request to see data Pixel Fridge holds on them
- The only staff accessing data should need to do it for their work
- Data must not be shared informally
- Pixel Fridge will provide training to staff where appropriate
- Staff should keep all data secure and take sensible reasonable precautions
- Staff should use strong passwords and change regularly
- Personal data must not be disclosed to unauthorised people either internally or externally
- Where on review data is found to be no longer needed it should be disposed of appropriately
- Staff should request help from their manager or Data Protection Officer if they are unsure of any aspect of GDPR
Collection & Storage
- When data is collected it must be with the permission of the individual, freely given, clear and transparent
- Data will be stored in a secure place either electronically or as a hard copy
- Staff should ensure that they do not leave hard copy records where unauthorised people could see them
- Data should be disposed of securely – e.g., shredded when no longer required
- Where data is stored electronically it must be protected from unauthorised access, accidental deletion, and malicious hacking attempts
- Data should be protected by strong passwords, changed regularly
- Subjects will have the right to access, rectify, erase, port the data and object to the processing of the data. Requests should be emailed to email@example.com
Data is at the highest risk of loss corruption or theft when it is being used:
- Staff should ensure no data is visible on screens when they are unattended and laptops and PC’s should be left locked when unattended
- Personal data should not be shared informally, where possible it should not be sent by email which is not secure
- Staff should not save copies of personal data to their own computer
Pixel Fridge will take reasonable steps to ensure data is kept up to date and it is accurate and relevant:
It is the responsibility of staff at Pixel Fridge to take reasonable steps to ensure data kept is accurate and up to date
- Data will be held in as few places as possible. Unnecessary additional sets will not be created.
- Staff should take the opportunity to update client personal data – by confirming client details when speaking to a client
- Data will be updated as inaccuracies are discovered
Subject Access Request
The person whose data is held is referred to under GDPR as the subject.
The subjects of Pixel Fridge are entitled to:
- Ask what information is held on them
- Ask how to gain access to it
- Be informed how to keep it up to date
- Be informed of how the company is meeting its legal obligations under GDPR 2018
- Subject access requests should be made to the Data Controller (Tom Aston, firstname.lastname@example.org) formally in writing. Information will be supplied free of charge within 1 month of the request.
The Data Controller will always verify the identity of the person making the subject access request before handing over any information.