We won’t collect any personally identifiable information without first acquiring your consent to do so.
We respect your data
We won’t collect any personally identifiable information without first acquiring your consent to do so. Where we do wish to collect information, we will be explicit in detailing the way your information will be used so you can decide if you are happy for us to do so. We will never supply any of your details to anyone else to use for any other reason.
Visitors to our website
We use a third party email provider, Campaign Monitor, to deliver newsletters from time to time. We gather statistics around email opening and clicks using industry standard technologies to help us improve and monitor our newsletter. For more information please see Campaign Monitors privacy notice. Security MightySighty uses a third party service to help maintain the security and performance of our websites. To deliver this service it processes the IP address of visitors to the website. We will only use this information to maintain the security of our own website.
We use a content management system, WordPress, to update and maintain the content of our website. We use a standard WordPress service to collect anonymous information about users’ activity on the site, for example the number of users viewing pages on the site, to monitor and report on the effectiveness of the site and help us improve it. WordPress requires visitors that want to post a comment to enter a name and email address. For more information about how WordPress processes data, please see Automattic’s privacy notice.
We use Gmail as our email service provider. Gmail supports Transport Layer Security (TLS) to encrypt and protect email traffic. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit. We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
We keep the details of people who have subscribed to a service on our site as long as they require that service. For example if you subscribe to our email list we will keep your email address to provide you with information that you are interested in. When you unsubscribe we will remove you from this list and no longer contact you.
Access to personal information
MightySighty tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’. If we do hold information we will: give you a description of it; tell you why we are holding it; tell you who it could be disclosed to; and let you have a copy of the information in an intelligible form. To make a request for any personal information we may hold you need to put the request in writing to. MightSighty. c/o Data Processing Officer, 4 Rivers Street Place, Julian Road, Bath BA1 2RS.
Under Article 17 of the GDPR individuals have the right to have personal data erased. This is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances. When we are presented with an ‘erasure’ request we will evaluate each request individually with GDPR compliance in mind.
GDPR introduces data portability – the right for a data subject to receive the personal data concerning them, which they have previously provided in a ‘commonly use and machine readable format’ and have the right to transmit that data to another controller.
Under the GDPR, breach notification will become mandatory in all member states where a data breach is likely to “result in a risk for the rights and freedoms of individuals”. This will be done within 72 hours of first having become aware of the breach. Data processors will also be required to notify their customers, the controllers, “without undue delay” after first becoming aware of a data breach.
Amazon Web Servers / IT
Our website is hosted on a dedicated server with Amazon Web Servers (AWS). As well as giving customers a number of tools and services to build GDPR-compliant environments, AWS has achieved a number of internationally recognised certifications and accreditations. In the process, AWS has demonstrated compliance with third-party assurance frameworks such as ISO 27017 for cloud security, ISO 27018 for cloud privacy, PCI DSS Level 1, and SOC 1, SOC 2, and SOC 3. AWS also helps customers meet local security standards such as BSI’s Common Cloud Computing Controls Catalogue (C5) that is important in Germany. We will continue to pursue certifications and accreditations that are important to AWS customers. Find out more about Amazon’s policy regarding GDPR by clicking here.
Any information you provide during the job application process will only be used for the purpose of progressing your application or to fulfil legal or regulatory requirements if necessary. We will not share any of the information you provide during the recruitment process with any third parties for marketing purposes or store any of your information outside of the European Economic Area. The information you provide will be held securely by us and/or our data processors whether the information is in electronic or physical format. We will use the contact details you provide to us to contact you to progress your application. We will use the other information you provide to assess your suitability for the role you have applied for.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites more enjoyable and personal. They can also be used to provide information to the owners of the website about your experience. The type of information that is being collected is very important because it determines whether as a company we require user consent. Cookies that are essential to the website working, which provide security or functionality but don’t store personally identifiable information do not require consent. Whereas Cookies that could be used to personally identify you do require user consent.
Please see the cookies below that are on the MightySighty website which DO REQUIRE user consent before they can be used.
Universal Analytics (Google) With your consent we use Google Analytics to measure how users interact with our website. As you navigate between pages, we record information about the page that you have seen, for example the URL of the page you are on and anything you may have clicked on. Primarily we use this information to make sure the experience you have on our site is a good one. And from time to time we might use the information we collect to place advertising that we think is appropriate you to. We will only ever advertise our own services and never pass any information on to anyone else.
You can manage cookies on the mightysighty.com site from the popup that appears onscreen the first time you visit us, and if you change your mind you can do so at any time by clicking here.
You can also set a more general rule for the way your browser deals with cookies by accessing browser preferences. Here you will also be able to view and manage historical cookies your browser may be using. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.
Links to other websites