Privacy Policy
Effective Date: 23 January, 2025
Femsights (“we,” “us,” or “our”) respects your privacy and is committed to protecting the personal data you share with us.
This Privacy Policy explains who we are, what information we collect, how and why we process it, and the rights you have under the General Data Protection Regulation (GDPR).
- Who we are
- Controller: Femsights is the controller of your personal data.
- Data Protection Officer (DPO): Our appointed Data Protection Officer is Rose Bundock, who can be contacted at rose@femsights.com for any data protection concerns or requests.
- What information we collect and why
We collect personal data only to the extent necessary for the specific purposes detailed below. Some of this information is collected directly from you (e.g., when you fill out a form on our website), while other data may be generated during our interactions (e.g., call recordings).
- Providing our services
- Categories of data: Names, contact details, addresses, photographs or video recordings, call recordings, records of meetings and decisions, and information relating to compliments or complaints.
- Purpose: To respond to inquiries, provide quotes, deliver our services, and handle any complaints or feedback.
- Legal bases: Consent (e.g., where you explicitly agree to be recorded or share photos) and/or Contract (where the processing is necessary to fulfill a service agreement).
- Operating customer accounts
- Categories of data: Names, contact details, addresses, and marketing preferences.
- Purpose: To set up and manage your customer account, track any guarantees, and keep records of transactions.
- Legal basis: Contract (necessary for the performance of a contract or to take steps at your request before entering a contract).
- Service updates or marketing
- Categories of data: Names, contact details, marketing preferences, call recordings, website and app user journey information, and records of consent (where appropriate).
- Purpose: To send you updates about our services, provide marketing communications, and improve user experiences on our platforms.
- Legal basis: Consent (we will only send direct marketing if you have opted in).
- Research purposes
- Categories of data:General: First name, email address, call recordings, personal information used for research administration, non-identifiable research data, records of consent. Special category data: Racial or ethnic origin, health information, and sexual orientation information.
- Purpose: To conduct research or studies related to our services and to improve offerings in the public interest.
- Legal Basis: Consent (including explicit consent for special category data in accordance with Article 9 of the GDPR).
- Cookies
- We do not collect or store any information through cookies. If we employ tools like Google Analytics, we have configured it in a privacy-friendly manner that does not rely on cookies or collect personal data. If this changes, we will update this policy and request any necessary consent.
- How we obtain your consent
- When we rely on consent, we will ask you to provide a clear affirmative action (e.g., ticking a checkbox, signing a form, or verbally agreeing to be recorded).
- You have the right to withdraw consent at any time. To withdraw, please contact our DPO at rose@femsights.com or follow the unsubscribe link in our marketing emails. Withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal.
- Data sharing
We will not share your personal data with third parties unless:
- You have given us express consent to do so;
- We are required by law to disclose the information.
- International data transfers
- Your personal data will remain within the European Economic Area (EEA). We do not transfer your personal data outside the EEA.
- If we use third-party services like Google Analytics or Mailchimp, we ensure data is either hosted within the EEA or is otherwise protected by appropriate safeguards (such as Standard Contractual Clauses) in line with GDPR requirements.
- How long we keep your information
We adhere to the principle of storage limitation, retaining your personal data only as long as is necessary for the purpose for which it was collected or as required by law.
- Website form / Quote inquiry (No Further Service)
- If you filled out a form or requested a quote but did not proceed with our services, we will delete your personal data after 12 months from all systems.
- Participation in research
- If you took part in a research study, we will delete your personal data and recorded audio or video conversations after 12 months.
- If you gave us consent to replicate your story, we will retain the relevant portion of the data indefinitely, unless you request otherwise.
- Other data retention
- For active customer accounts or ongoing service provision, we retain personal data in accordance with contractual obligations and legal requirements.
- You may contact us at rose@femsights.com to request more specific retention details for particular data sets.
- Your rights under GDPR
You have the following rights regarding your personal data:
- Right to Access: You can request a copy of the personal data we hold about you.
- Right to Rectification: You can ask us to correct any inaccurate or incomplete personal data.
- Right to Erasure (“Right to be Forgotten”): You can, in certain circumstances, request the deletion of your personal data.
- Right to Restrict Processing: You can request that we restrict the processing of your data in certain situations.
- Right to Data Portability: You can request that we provide your personal data in a structured, commonly used, and machine-readable format so you can transfer it to another provider.
- Right to Object: You can object to certain types of data processing, such as direct marketing.
- Right to Withdraw Consent: If processing is based on consent, you may withdraw it at any time.
- Right to Lodge a Complaint: If you believe we have infringed your rights, you can lodge a complaint with your local supervisory authority. If you are in the UK, this is the Information Commissioner’s Office (ICO).
To exercise any of these rights, please contact our DPO at rose@femsights.com.
- Data security
- We store your personal data on secure servers located in the UK, managed by our hosting provider.
- We may also store data on GDPR-compliant cloud storage and backup services.
- We use SSL encryption to protect data submitted through our website’s contact forms.
- We have implemented appropriate technical and organisational measures (e.g., access controls, staff training, encryption) to safeguard your data.
- In the event of a data breach, we will notify both you and the relevant supervisory authority in accordance with GDPR requirements.
- Third-party services
Where we use third-party data processors, we ensure they comply with GDPR requirements and have data processing agreements in place. Examples include:
- Hubspot: Used for managing and sending marketing communications (e.g., newsletters).
- Google Analytics: Used for tracking website usage in a privacy-friendly configuration (no personal data collection or cookies).
We regularly review our third-party service providers to ensure continued compliance with GDPR and other data protection laws.
- Updates to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our data processing practices or for other operational, legal, or regulatory reasons. Any updates will be posted on our website with a revised “Effective Date.”
If you have any questions or concerns about how we handle your personal data, please contact our Data Protection Officer at rose@femsights.com.
Last updated: 23 January, 2025