The EU General Data Protection Regulation (GDPR) is the most significant piece of European privacy legislation in the last twenty years. It replaces the 1995 EU Data Protection Directive (Data Protection Act), strengthening the rights that EU individuals have over their data, and creating a uniform data protection law across Europe.
MindStore International Limited complies with applicable GDPR regulations as a data processor and data controller since taking effect on 25th May 2018. We are committed to protecting your privacy and maintaining the security of any personal information received from you.
Should we ask you to provide certain information by which you can be identified when using this website, you can be assured that it will only be used in accordance with this privacy statement.
MindStore International Limited may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from May 1st 2018 and complies with the GDPR Regulations that came into law on May 25th 2018.
The purpose of this Privacy Statement is to explain to you what personal information we collect and how we may use it.
When do we collect information?
We collect personal data from you when you provide it to us directly and through you use of MindStore.com:
- During a phone call enquiry.
- Once you email us.
- You purchase a coaching session.
- You book Jack Black for an event or presentation.
- You participate on a scheduled coaching session with us.
What we collect
We may collect the following information:
- Contact information including email address and phone numbers.
- Demographic information such as postcode, preferences and interests.
- Other information relevant to your or our enquiry.
- Transaction and other billing information, if you make any purchases (e.g. credit/debit card details).
- Records of your interactions with us (e.g. if you ask us a question, contact our customer services desk).
- Information you may share during a coaching session.
What we do with the information we gather
Depending on how you use MindStore.com – MindStore For Business, your interactions with us and the permissions you give us, the purposes for which we use your personal data include:
- To fulfil your order or request.
- To manage and respond to any queries or complaints to our customer services desk.
- We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
- We may use the information to improve our products and services;
- We may periodically send emails about new courses, services or other information which we think you may find interesting – using the email address which you have provided where we have your consent or are otherwise permitted to do so;
- To provide support and encouragement for using our tools and techniques.
- We rely on the following legal basis, under date protection law, to process your personal data:
- Because the process is necessary to perform a contract with you, or take steps prior to entering into a contract with you (e.g. where you contact us with a query, where you make a booking with us, or if you consent to receive marketing from us); and
- Because we have obtained your consent (e.g.where you contact us with a query, where you make a booking with us, or if you consent to receive marketing from us); and
- Because it is in our legitimate interests as a business to maintain and promote our services (e.g. we use information about you to tailor your view of MindStore.com – MindStore For Business, to make it more interesting and relevant in respect of the products and offers on view). We are always seeking to understand more about our customers in order to offer the most relevant content and customer experience.
Who does MindStore International Limited share this information with?
We do not sell, trade, or transfer your Personally Identifiable Information to outside parties. This does not include our payment processors, our professional and legal advisors, and in exceptional circumstances, if requested to lawfully do so, by law enforcement or other governmental authorities. We may also release information when its release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.
MindStore.com – MindStore For Business is not intended for, and should not be used by, children under the age of 16. We do not knowingly collect personal data from children under 16.
If at any time you would like to unsubscribe from receiving future emails, you can email us at firstname.lastname@example.org, and we will promptly remove you from ALL correspondence. You can also click on the ‘Unsubscribe’ link at the bottom of any of our emails. If you unsubscribe from marketing, please note we may still contact you with service messages from time to time (e.g. in regards to your specific purchase of a future course or information about your legal rights).
Where is my data kept and for how long?
We will keep your personal data as long as we need it for the purposes set out above, and so this period will vary depending on your interactions with us. For example, where you have made a purchase with us, we will keep a record of your purchase for the period necessary for invoicing and tax. We may also keep a record of correspondence with you (e.g. if you have made a complaint) for as long as is necessary to protect us from a legal claim. Where we no longer need to keep your information, we will delete it. Please note that where you unsubscribe from our marketing communications, we will keep a record of your email address to ensure we do not send you marketing emails in the future.
We will only contact you with your consent.
We do not sell, rent or exchange your personal information with any third party for commercial reasons, beyond the essential requirement for credit/debit card validation during purchase.
We follow strict security procedures in the storage and disclosure of information which you have given us, to prevent unauthorised access in accordance with the GDPR legislation.
We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
We do not collect sensitive information about you. To maintain the accuracy of our database, you can check, update or remove your details by emailing email@example.com.
For mailing and marketing, we use Mailchimp, whose data is stored in the USA behind a data privacy shield. Other than for this specific use we will not transfer your information outside the EEA (European Economic Area) without first obtaining your consent.
We use a technology called “cookies” as part of a normal business procedure, but only to save the contents of a shopping basket when a visitor leaves the site and returns to complete a purchase. A cookie is an element of data that our Website sends to your browser which is then stored on your system. You can set your browser to prevent this happening. Any information collected in this way can be used to identify you unless you change your browser settings.
We undertake an analysis of the risks presented by our processing, and use this to assess the appropriate level of security we need to put in place.
When deciding what measures to implement, we take account of the state of the art and costs of implementation.
We have an information security policy (or equivalent) and take steps to make sure the policy is implemented.
Where necessary, we have additional policies and ensure that controls are in place to enforce them.
We make sure that we regularly review our information security policies and measures and, where necessary, improve them.
We have put in place appropriate technical controls
We understand that we may in the future need to put other technical measures in place depending on our circumstances and the type of personal data we process.
We understand the requirements of confidentiality, integrity and availability of the personal data we process.
We make sure that we can restore access to personal data in the event of any incidents, such as by establishing an appropriate backup process.
We conduct regular testing and reviews of our measures to ensure they remain effective, and act on the results of those tests where they highlight areas for improvement.
Where appropriate, we implement measures that adhere to an approved code of conduct or certification mechanism.
We ensure that any data processor we use also implements appropriate technical and organisational measures.
Access to information
You may request details of personal information which we hold about you. If you would like a copy of the information held on you please email us on firstname.lastname@example.org or write to: MindStore International Ltd, 28-30 North Street, Dalry, Ayrshire KA24 5DW.
If you believe that any personal information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.
T: 07525 452758
Last updated 21/03/2020