Privacy Policy

We Are Griots is a marketing communications company that helps brands tell their stories and connect with their audiences. We respect your privacy and are committed to protecting your personal data. This privacy policy will inform you about how we look after your personal data when you visit our website or use our services, and about your privacy rights and how the law protects you.

What personal data do we collect and why?

We may collect and process the following types of personal data about you:

  • Identity data: This includes your name, username, title, and gender.
  • Contact data: This includes your email address, phone number, and postal address.
  • Transaction data: This includes details about payments to and from you and other details of products and services you have purchased from us or that we have provided to you.
  • Technical data: This includes your internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
  • Usage data: This includes information about how you use our website, products, and services, such as the pages you visit, the links you click, the time you spend, and the actions you take.
  • Marketing and communications data: This includes your preferences in receiving marketing from us and our third parties, and your communication preferences.

We collect and use your personal data for various purposes, such as:

  • To provide and improve our website, products, and services, and to deliver a better and more personalised experience to you.
  • To communicate with you about our website, products, and services, and to respond to your enquiries, requests, and feedback.
  • To process and fulfil your orders, payments, and invoices, and to provide you with customer support and after-sales service.
  • To send you marketing communications, such as newsletters, offers, promotions, and surveys, that may be of interest to you, based on your preferences and consent.
  • To analyse and measure the performance and effectiveness of our website, products, and services, and to conduct research and development.
  • To comply with our legal and regulatory obligations, and to protect and enforce our rights and interests.

 

    How do we collect your personal data?

    We may collect your personal data in different ways, such as:

    • When you provide it to us directly, such as when you fill in a form, register an account, place an order, subscribe to our newsletter, or contact us by email, phone, or post.
    • When you provide it to us indirectly, such as when you interact with us on social media platforms, or when you use third-party services that are integrated with our website, products, or services.
    • When you browse or use our website, we may automatically collect technical and usage data through cookies and other similar technologies. Cookies are small text files that are stored on your device when you visit a website. They help us to recognise you, remember your preferences, and tailor our website to your needs. For more information about how we use cookies, please see our cookie policy.

     

    Who do we share your personal data with?

    We may share your personal data with the following parties for the purposes described above:

    • Our group companies, affiliates, and subsidiaries, who provide us with administrative, technical, and operational support.
    • Our service providers, contractors, and agents, who perform services on our behalf, such as web hosting, payment processing, data analysis, marketing, and customer service.
    • Our business partners, who offer products or services that may complement or enhance our own, or who collaborate with us on joint projects or events.
    • Our professional advisers, such as lawyers, accountants, auditors, and insurers, who assist us with our legal, financial, and regulatory matters.
    • Our regulators, authorities, and law enforcement agencies, who may require us to disclose your personal data in order to comply with our legal and regulatory obligations, or to protect and enforce our rights and interests.
    • Other third parties, such as potential buyers, investors, or successors, in the event of a merger, acquisition, reorganisation, or sale of our business or assets, or in the event of bankruptcy or insolvency.

     

    We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow them to use your personal data for their own purposes, and we only permit them to process your personal data for specified purposes and in accordance with our instructions.

    How do we protect your personal data?

    We take appropriate technical and organisational measures to protect your personal data from unauthorised access, use, disclosure, alteration, or destruction. These measures include:

    • Using encryption, firewalls, and other security software and hardware to safeguard your personal data.
      Limiting access to your personal data to those who have a legitimate business need to know it.
    • Training our staff on data protection and privacy, and requiring them to follow our policies and procedures.
    • Implementing backup, recovery, and incident response plans to deal with any potential data breaches or disruptions.

     

    However, please note that no method of transmission or storage of data is completely secure, and we cannot guarantee the absolute security of your personal data. You are responsible for keeping your password and account details confidential, and for notifying us immediately if you suspect any unauthorised access or use of your account.

    How long do we keep your personal data for?

    We will only retain your personal data for as long as necessary to fulfil the purposes for which we collected it, and to satisfy any legal, accounting, or reporting requirements. To determine the appropriate retention period for your personal data, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure of the data, the purposes for which we process the data, and whether we can achieve those purposes through other means. When we no longer need your personal data, we will securely delete or destroy it in accordance with our data retention policy and applicable laws and regulations.

    What are your rights and choices regarding your personal data?

    Under certain circumstances, you have the following rights and choices regarding your personal data:

    • Access: You have the right to request a copy of the personal data that we hold about you, and to check that we are lawfully processing it.
    • Correction: You have the right to request that we correct any inaccurate or incomplete personal data that we hold about you.
    • Erasure: You have the right to request that we delete or remove your personal data from our systems, where there is no good reason for us to continue processing it, or where you have exercised your right to object or withdraw consent.
    • Restriction: You have the right to request that we restrict or suspend the processing of your personal data, where you want us to verify its accuracy, or where you have objected to our use of it, or where you need us to retain it for legal claims.
    • Portability: You have the right to request that we transfer your personal data to you or to another party, in a structured, commonly used, and machine-readable format, where our processing is based on your consent or on a contract, and where our processing is carried out by automated means.
    • Objection: You have the right to object to our processing of your personal data, where we are relying on a legitimate interest or on a public interest, and where our processing impacts your fundamental rights and freedoms. You also have the right to object to our processing of your personal data for direct marketing purposes.
    • Withdrawal of consent: You have the right to withdraw your consent at any time, where we are relying on your consent to process your personal data. However, this will not affect the lawfulness of any processing that we carried out before you withdrew your consent, or the processing of your personal data on other lawful grounds.
    • Complaint: You have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection, if you are unhappy with how we handle your personal data, or if you believe that we have breached your rights. You can contact the ICO through their website at https://ico.org.uk or by phone at 0303 123 1113.

     

    If you wish to exercise any of your rights or choices regarding your personal data, please contact us at [email protected] or write to us at:

    We Are Griots 3 Trefoil Court Derby DE23 3WU.

    We will respond to your request as soon as possible, and in any case, within one month of receiving it. We may ask you to provide proof of your identity and other relevant information, to verify your request and to help us process it. We may also charge you a reasonable fee or refuse to comply with your request, if your request is clearly unfounded, repetitive, or excessive.

    How do we update our privacy policy?

    We may update our privacy policy from time to time, to reflect changes in our data practices, in the law, or in our services. We will notify you of any significant changes by posting a notice on our website or by sending you an email. We encourage you to review our privacy policy periodically to stay informed about how we collect, use, and share your personal data.

    Griots © 2024. All rights reserved.