Privacy Policy

We use cookies in more or less the same way as any other website.

Cookies are small files that are put onto your device when you visit websites like ours. We use cookies to collect information that helps us improve your user experience.

The cookies we use are not used to identify you personally. We will not sell your information to any third parties.

If you don’t want cookies, you don’t have to have them! Here’s how to disable cookies in Chrome. You can also use free third-party programs like Spybot to block cookies.

If you do block cookies, some elements of our site might not work well.

We use cookies to do the following:

  • Keep track of what’s in your shopping basket

  • Remember your orders and enquiries

  • Remember if you are logged in (or not)

  • Offer live chat support

  • See which of our pages you visit

  • Enable retargeting adverts

  • Allow you to share our pages through social networks such as Facebook

  • Allow you to share pages through Add This

By continuing to use our website, you agree to our cookie policy.

Your Privacy

We collect personal data when you use this website. Some of the personal data is freely provided by users, whilst some of it is collected automatically.

The data that we collect includes the following:

  • Usage data

  • Email address

  • First name

  • Last name

  • Phone number

  • Company name

  • IP address

We use this data to do the following:

  • Improve our website by analysing user behaviour

  • Contact our users

  • Interact with our users on external social networks and platforms

If any other data collection occurs, it will be described at that point. Helping Hands UK is not responsible for any third-party data submitted by users.

How and where your data is stored

At Helping Hands UK, we use and store your data according to the GDPR (don’t say that the EU never did anything for you!) and take reasonable security measures to prevent your data from being accessed by unauthorised individuals.

Your data will be stored on our Data Processors’ secure servers. Your data may also be accessed by employees while they are not in Europe.

Keeping your data safe

The internet is not 100% free from security risks. While we take security very seriously and train our Ninjas on how to protect user data, we cannot guarantee that your data is secure. Any data that is sent to us is done at the user’s own risk.

Any payments made through this website, however, will be encrypted.

Your data and the government

We may be legally obligated to hand over your data to public authorities (not that the NSA doesn’t know everything about everyone already).

Your rights

You have the right to ask us what information we are storing about you, as well as to ask to be forgotten (have your data erased). Any requests to do so should be sent to lee@helpinghandsuk.co.uk. We will comply with all requests within 1 month.

Links to other websites

This privacy policy only applies to this website. You should be aware that although we link to third-party websites, they have separate privacy policies unaffected by our own. If you come to the Helping Hands UK website via a link from a third party website, they may also send us personal information about you.

Changes to our privacy policy

We reserve the right to change our privacy policy at any time. Changes will be listed here and you are advised to check this page often for updates. If you do not approve of a change to our privacy policy, you should stop using our website immediately.

By continuing to use our website and freely submitting your data to us, you agree to our privacy policy.

Have a ninja day!

GDPR Data and Information Policy

We are extremely transparent about how we hold and use data.

The information we hold is:

Client Information

  • Information enabling us to run their marketing campaign. Including names, phone numbers, email addresses, business address (or home address if working from home)

  • Website logins (where supplied)

  • Social media logins (where supplied)

  • Domain and hosting logins (where supplied)

  • Advertising account logins (where supplied)

  • Analytics logins (where supplied)

All of this information is gathered from the client in a Kickstart Questionnaire sent to them at the start of the campaign. It is hosted inside various spreadsheets in Google Drive, which the staff working on the campaign have access to.

Elements are also kept inside Infusionsoft (our CRM), Xero (our accounting software), Teamwork (our Project Management software), and Slack (our chat software). Their data processing terms and conditions are available on their websites.

Leads and Contacts

If you request a marketing review from us, sign up for free book updates, register to ‘join the dojo’ and receive our marketing training, or enquire about using our services, we will retain some or all of the following data:

  • Name

  • Address (if purchased)

  • Email address

  • Phone number (if provided)

  • Declared business information, including target turnover

This information is collected through:

  • Our website:

    • The free marketing review questionnaire asks visitors for the information necessary for us to carry out the review

    • Book update forms allow people to sign up with their name and email address to receive future book updates

    • Join the Dojo allows people to sign up for our email list to receive tips and advice

Lead information is shared between staff members responsible for sales, marketing, and accounting.

Data Consent

We always make clear on email capture forms that the data we collect will be used for follow up marketing (“Join the dojo”). On Kickstart Questionnaires and other forms, we specify how the data submitted will be used.

On all forms, we make it clear that consent can be withdrawn at any time by contacting us.

The basis for processing client data is Contract. The basis for processing lead/contact data is Consent and/or Legitimate Interest.

Data and Privacy Notice

We store the data you submit to us in our email marketing software so that we can send you relevant information and training to help you with your marketing.

You can remove your consent to receive this information at any time by clicking the link at the bottom of the email. If you would like to be ‘forgotten’ and have your data erased, simply reply to any email from us requesting this and we will handle this for you within 1 month.

Data Policy

Helping Hands UK only collects and stores information from clients necessary for us to carry out the marketing work that we are required to carry out. This information is available to the team working on the campaign and other staff in the company who might need it for the purposes of accounting, administration or helping with the marketing work.

We also collect and store information from contacts and leads in order to provide relevant marketing training, advice, and sales recommendations. This information is available to staff across the company.

The information we store about each client or contact is available to that client or contact on request, and we will delete any data when requested by them.

All client or contact information is held only in the designated cloud software applications (Google Drive, Infusionsoft, Gmail, Slack, Skype, 8×8, Teamwork, Teamwork Desk). Information and data should never be stored locally on staff computers in documents not controlled by these cloud apps, and the Ninjas receive training on the importance of not storing data locally.

Risks and Impact Assessment

  • Risk: Staff computer or account hacked, and contact information accessed

    • Impact: client data leaked and shared online. Potentially websites hacked and personal data leaked.

    • Mitigation: where possible, data is stored in cloud services like Google Drive which have login protection and two-step verification when accessed from new locations or IP addresses. Staff required to change all passwords every 3 months.

  • Risk: Staff member leaves and takes personal data with them

    • Impact: client data leaked and shared online. Potentially websites hacked and personal data sold

    • Mitigation: offboarding process which quickly removes access once staff member is terminated.

Training

All staff are trained on the following:

  • Password and account security

  • Data handling (including data storage methods and types of data to never store)

  • Device security

Breach Notification

A data breach can be something which leads to the destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored, or otherwise processed.

If any staff members notice that this has happened they are required to immediately notify their manager. Following notification of a breach, we will:

  • Assess the impact of the breach

  • Notify the relevant parties immediately

  • Investigate the cause of the breach

  • Rectify any security vulnerabilities or processes to minimise the chance of this happening again

Right of Access

If an individual requests access to their personal data, this request is to be immediately passed to the Data Protection Officer (Lee) who will:

  • Confirm the data being processed

  • Provide full access to their data stored in our various softwares, via email.

We will respond to all such requests within 1 month.

Data Disposal

Individuals have the right to be forgotten and can request that their data is erased. We will erase all records held for that individual/company including:

  • CRM records

  • Campaign documents and files

  • Slack channel

Data Processor Contracts

We have written contracts with our data processors governing the processing of personal data.

Data Protection Impact Assessments

We conduct DPIAs whenever we add a new piece of software to our workflow which will store or process personal data. These have a description of the processing operations and the purposes, and assessment of the necessity, risks, and details of the controls put in place to reduce these risks.

Information Security Policy

Every staff member is required to adhere to this policy and to abide by our data guidelines:

  • Personal data must not be stored on your personal devices

  • Passwords must be changed on the three-monthly cycle and at any other time when management requests

  • No data should be collected and retained other than what is necessary to carry out the work that has been requested of us

  • Any requests for access to data, requests to be forgotten, reports of a breach, or any other matter relating to management of or access to personal data should be immediately passed to Lee Woodbridge at lee@helpinghandsuk.co.uk.