Atomic Smash homepage splash

GDPR Information

How Atomic Smash comply with GDPR and Data Protection.

This page is mostly related to the General Data Protection Regulation (GDPR) within the EU however, Atomic Smash Ltd believes it to be good practice to provide a unified experience and service to all users, worldwide. As such, Atomic Smash Ltd. has carefully put together this document in an effort to make all information regarding data collection and usage as clear as possible.

We are affected by GDPR in three areas:

Area 1 which is highlighted on this page is how we conduct activities with the information with gether from people using our website.

Area 2 is how we manage our services as a data processor for a number of clients.

Area 3 is how we manage the data / information we gather on our clients whilst in a working relationship and how that data is managed / stored and deleted accordingly.

Why do we collect Data on our Website?

All the data we collect is used to help to to understand who is using our website and to help us improve the online experience offered.

We also can use it to help us understand if someone who has contacted us through our contact form visits the site a number of times.

It helps us to gather insights around online behaviours and see where people have come from before visiting our website.

We believe that none of the information gathered is used to target or market to people who are not already somehow engaged with our company.

What data is collected?

We use Google Analytics to collect and store information around each users session who visits our website. This information is all anonymous and it is not possible to personally identify people or repeat visitors from Google Analytics. You can read more about their Terms and Conditions here.

https://privacy.google.com/businesses/compliance/

We use Hubspot to collect and store information around each user who fills in one of our contact forms. This saves the information they actively give us into the HubSpot CRM system. This also allows us to track if after someone has submitted a form if they visit the website again.

You can read more about their Terms and Conditions here.

https://www.hubspot.com/data-privacy/gdpr

We use MailChimp to store information for people who wish to be in our mailing list. If you submit the mailing list form on our website you will be added to a MailChimp list. You will need to confirm that you wish to be added to the list before it is confirmed. You can read more about their privacy policy here.

https://mailchimp.com/legal/

With all of the information we collect we do not actively share it with any other parties and it is only used internally to help us improve our service.

Contact Forms

When someone submits information through a contact form a number of things happen.

  1. The information submitted is stored within the WordPress website.
  2. A copy of the message is emailed to mail@atomicsmash.co.uk and this is then distributed to Piers & David. These emails are stored in Google Apps for Business.
  3. A copy is stored in our HubSpot CRM.
  4. Every day our database server is backed up to Digital Ocean and a copy of the enquiry will live there for 30 days.

All information shared through our submission form is only used for internal purposes only and is not shared with other companies except those stated above.

I would like a copy of my data.

If you would like a copy of the data that Atomic Smash Ltd have relating to yourself please get in touch with piers@atomicsmash.co.uk. Please note that any request may take up to 30 days to process and we will require proof of identification prior to releasing any information.

I would like you to delete any data you have that relates to me.

Please get in touch with piers@atomicsmash.co.uk. Please note that any request may take up to 30 days to process and we will require proof of identification prior to releasing any information.

Our role as a data processor.

We host an maintain a number of websites. It is therefore our responsibility to ensure that steps are being taken to ensure any information stored on those servers have adequate security measures in place. It is our client’s responsibility to ensure any information stored on the server is not sensitive. We are the data processor for those clients but they are the data controller. Under the GDPR regulations the controller needs to adequately investigate that all processors are equipped to handle the kind of data they wish to capture / store.

We use DigitalOcean as the provider of our servers. You can read more information about their Terms & Conditions / policies here.

https://www.digitalocean.com/legal/terms/

https://www.digitalocean.com/legal/privacy/

We believe it would not be best practice to highlight online exactly how we have our servers set up and managed as this could give a valuable insight to any malicious hackers. If you would like to find out more information about our roles and responsibilities for server hosting and management please email piers@atomicsmash.co.uk and we can send you the relevant information if it is applicable to you.

All of our clients are aware of their hosting set up and also are aware that there are procedures in place for security and if they wish to have any information deleted from the server.

We do not have control of what information our clients wish to host on their servers. If they decide to hold a database of names / emails and passwords in their website we are unable to prohibit this and we cannot be held responsible for any sensitive information being leaked from the website.

You can read more about this in our Terms and Conditions.

What happens when you work with us?

As a client when you decide to work with Atomic Smash Ltd there will be a relationship put in a place and as part of the website design / development process a large amount of information will flow between parties. We will require information from yourselves to sign contracts etc, all of this information will be stored in an online environment called Trello which is only accessible to members of the working group. This information will also be stored in email accounts and also Dropbox.

You can read more about their terms of services here.

https://www.dropbox.com/en_GB/security/GDPR

https://www.google.com/mail/help/terms_of_use.html

https://trello.com/trello-operations-and-security-guide.pdf

If we complete any user testing on behalf of your project then this information will be stored in a password protected Dropbox folder for the duration of the project and our relationship together.

Often with website projects there is a requirement to share user information between parties, EG from an old website provider to a new one. When this happens it will be the responsibility of the client to make the users aware that this transfer of their information is going to happen. When we are given sensitive data around a clients users / members then we ensure this is only shared with the relevant users within the organisation and also is stored within a secure Dropbox account. We retain this information for as long as is required and then delete it accordingly.

If you have any questions at all around your data

please contact Piers

Email
Back to top

Keep up to date with Atomic news