Privacy & Cookie Statement
Privacy and data protection overview
Howell Penny is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website or via email or other channels such as events or direct mail, then you can be assured that it will only be used in accordance with this privacy statement.
Howell Penny may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.
General Data Protection Regulations
Howell Penny Ltd will be what’s known as the ‘Controller’ of the personal data you provide to us.
Why we need your data
We need to know your basic personal data in order to provide you with on-going organisational updates and information on the products and services we offer as well as industry news which we feel is relevant and appropriate to you, in line with this overall contract. We will not collect any personal data from you we do not need in order to provide and oversee this service to you.
How we handle your data
All the personal data we process is processed by our staff in the UK, however for the purposes of IT hosting and maintenance this information is located on servers wordwide. No 3rd parties have access to your personal data unless the law allows them to do so.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
What are your rights
If at any point you believe the information we process on you is incorrect you can request to see this information and have it corrected or deleted.
If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us or going to our Contact Preference Centre. (insert link)
If you wish to raise a complaint on how we have handled your personal data, you can contact us to have the matter investigated. Contact firstname.lastname@example.org
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office https://ico.org.uk/
2.0 Relevant legislation
We design our business, marketing and internal computer systems to try and ensure complete compliance with the following national and international legislation with regards to data protection and user privacy:
- UK Data Protection Act 1988 (DPA)
- EU Data Protection Directive 1995 (DPD)
- EU General Data Protection Regulation 2018 (GDPR)
If you believe we are not compliant, please contact us immediately.
- Personal information we collect and why we collect it
We collect and use personal information for the following reasons:
2.1 Site visitation tracking
Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.
2.2 Inform you of relevant products and services
We use your name and email address to inform you of our products and services and relevant industry information. This information is not shared with third purposes and you can unsubscribe at any time via phone, email or our website.
We require this information to understand your needs and provide you with a better service, and in particular for the following reasons: Internal record keeping and to improve our products and services.
We may periodically send promotional emails, texts, direct mail or contact you directly via phone about new products, special offers or other information which we think you may find interesting using the details which we have on our database. From time to time, we may also use your information to contact you for market research purposes. We may use the information to customise our website according to your interests.
What’s a cookie?
A cookie is a small text file received and stored by your browser. Information in the cookie makes it possible for a website to recognise a specific browser installation and thus to send individualised information to this installation.
A cookie can contain text, numbers, dates etc. but it does not hold any personal information. A cookie is not a program and it cannot contain virus.
How to avoid cookies
If you do not wish to receive cookies, you can setup your browser so as to block all cookies, delete existing cookies from your computer’s hard disk drive or issue a warning before any new cookie is downloaded. Please consult your web browsers help function for instructions on how to do this.
What’s the lifetime of a cookie?
A cookie’s lifetime varies depending on the purpose for which they have been created. Some cookies disappear as soon as the browser is being shut down (temporary cookies) while others can live on for several months (permanent cookies). Many providers specify a 12 or 24 months lifetime on advertisement, statistics and contents related cookies.
Cookies with a specified lifetime will have a new expiration date set each time the site to which a cookie is related is revisited.
You can always force immediate deletion of the cookies on your computer. Please consult the web browsers help function for instructions on how to do this.
Cookies used on our website
We make a distinction between cookies sent by our website, (first party cookies) and those sent by the website of one of our partners, e.g. Google Analytics (third party cookies). In most browsers it is possible to define settings that control the acceptance of cookies on the computer.
If you wish to restrict or block web browser cookies which are set on your device then you can do this through your browser settings; the Help function within your browser should tell you how. Alternatively, you may wish to visit www.aboutcookies.org, which contains comprehensive information on how to do this on a wide variety of desktop browsers.
Third party cookies
- Google Analytics
– utma cookie
This is a permanent cookie use to track the number of visits to the website, date first visited and date last visited. The cookie does not make user identification possible.
– utmb and utmc cookies
These are temporary cookies. These two cookies form a pair, which is used to calculate time spent on the website. _utmb expires when a session ends, while _utmc lives on for 30 minutes after the session has ended. A cookie has no information about when you actually leave a website or shuts down the web browser. Therefore, it waits 30 minutes to see if further pages are being shown before declaring a session ended.
– utmz cookie
This cookie typically lives for 12 hours. The cookie tracks the origin of the visitor, e.g. which search engine was used and what search criteria was used.
Twitter cookies are introduced by the Twitter follow button. For more information visithttp://twitter.com/privacy
LinkedIn cookies are introduced by the Linkedin follow button: __qca, bcookie, X-LI-IDC, visit, NSC_MC_WT_FU_IUUQ. They are used to track which pages the user visits to collect them. For more information visit http://www.linkedin.com/static?key=privacy_policy
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
3.2 Commenting on our website / blog / social media channels
Should you choose (or be able) to add a comment to any posts that we have published on our website / blog / social media channels, any details you enter with your comment will be saved to this website’s database, along with your computer’s IP address and the time and date that you submitted the comment.
This information is only used to identify you as a contributor to the comment section of the respective blog post and is not passed on to any of the third party data processors. Where relevant, only your name will be shown on the public-facing website.
Your comment and it’s associated personal data will remain on this site until we see fit to either 1.) remove the comment or 2.) remove the post / story. Should you wish to have the comment and it’s associated personal data deleted, please contact us, including using the email address that you commented with.
If you are under 16 years of age you MUST obtain parental consent before posting a comment on our website / blog / social media channels.
NOTE: You should avoid entering personally identifiable information to the actual comment field of any blog post comments that you submit on this website.
3.3 Contact forms and email links
Should you choose to contact us via any of our channels, we will consider this acceptance of an explicit opt-in (confirmation) that we can contact you. This will be clearly communicated.
Any data you supply will be stored on this website and may be processed by any of the third party data processors defined in section 6.0.
3.4 Email newsletter
If you choose to join our email newsletter, the email address that you submit to us will be forwarded to Nitromail (Campaign Monitor) who provide us with email marketing services. We consider Nitromail to be a third party data processor (see section 6.0 below). The email address that you submit will be stored within this website’s own database and in any of our internal computer systems.
Your email address will remain within Nitromail’s database for as long as we continue to use Nitromail’s services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by requesting removal by contacting us. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
If you are under 16 years of age you MUST obtain parental consent before joining our email newsletter.
While your email address remains within the Nitromail database, you will receive periodic newsletter-style emails from us.
4.0 How we store your personal information
If you submit a comment to a blog post or complete a sign-up form to our newsletters or submit a contact form, some personal information will be stored within this website’s database.
This data is currently stored in an identifiable fashion; a limitation of the content management system that this website is build on WordPress.
In the near future we aim to change the storage of this data to a pseudonymous fashion meaning that the data would require additional processing using a separately stored ‘key’ before it could be used to identify an individual.
Pseudonymisation is a recent requirement of the GDPR which many web application developers are currently working to fully implement. We are committed to keeping it as a high priority and will implement it on this website as soon as we are able to.
You data may also be stored with our named third party data processors, identified in section 6.0.
5.0 About our website’s server
This website is hosted by WP Engine. Every WP Engine customer benefits from the same robust and performance-oriented software technology stack which ensures top security, speed, and scalability. https://wpengine.com/legal/privacy/
6.0 our third party data processors
We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out in section 2.0.
All 3 of these third parties are EU-U.S Privacy Shield compliant.
7.0 Data breaches
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
8.0 Data Controller
The data controller of this website is: HOWELL PENNY LTD, The Old Diary, 26 Lower Kings Road, Berkhamsted, Hertfordshire, HP4 2AE