General date Protection Regulations (GDPR)

& The Cookies Policy

GDPR compliance, Privacy Policy

Last updated: 25 May 2018

GDPR compliance

Our Updated Privacy Policy with specific reference to this website

This privacy policy is for this website; pagan-village.co.uk. It governs the privacy of its users who choose to use it. It explains how we comply with the GDPR (General Data Protection Regulation), the DPA (Data Protection Act) and the PECR (Privacy and Electronic Communications Regulations).

This policy will explain areas of this website that may affect your privacy and personal details, how we process, collect, manage and store those details and how your rights under the GDPR, DPA & PECR are adhered to. Additionally it will explain the use of cookies or software and the download of any documents, files or software made available to you (if any) on this website. Further explanations may be provided for specific pages or features of this website in order to help you understand how we, this website and its third parties (if any) interact with you and your computer / device in order to serve it to you. Our contact information is provided if you have any questions.


Our website is used to promote our business and you are welcome to contact us using the contact form or by direct email to chas@chasalexander.com and our listed telephone numbers for communications. We are a business to business organisation and we do not work for individuals.

Most of our inbound work comes from advertising, this web site and client referrals. We do not actively seek new business on a cold call basis.

We and this website complies to the DPA (Data Protection Act 1998) and already complies to the GDPR (General Data Protection Regulation) which comes into effect from May 2018. We will update this policy accordingly after the completion of the UK's exit from the European Union.


Legal definitions of GDPR

Data Controller: a controller determines the purposes and means of processing personal data.

Date Processor: a processor is responsible for processing personal data on behalf of a controller

Data Subject: Natural person meaning anyone living within Great Britain and the European Economic Community

Personal Data: The General Data Protection Regulation applies to ‘personal data’ meaning information relating to an identifiable person, identifiable for example by home address, email address, passport number.

Processing: means any operation which is performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, disclosure by transmission or dissemination.

Third Party: A natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

Which data do we collect from clients and suppliers?

We collect and process personal data about individuals, sole traders and unincorporated partnerships, and about limited companies where this relates to key people. But only if we are processing your data as a customer or prospective customer to Pagan Village based, for a service or associated product, or as a supplier, in relation to a service or supply made to Pagan Village based.

How do we collect data from clients and suppliers ?

From your application as a customer or prospective customer to Pagan Village based, for a service or associated product.

From correspondence from you as a supplier, in relation to a service or supply made to Pagan Village based.

From third parties such as credit reference agencies, fraud prevention agencies, agents working on your behalf, government and law enforcement agencies.

What data do we collect from clients and suppliers ?

We collect and process from you personal data such as your name, residential and email addresses, country of residence, bank account details of suppliers when necessary for making payments and any other information we have asked you to provide.

How dows the law protect our clients and suppliers >?

Data Protection law says that we are allowed to use personal information only if we have a proper reason for doing so, and that we must have one of the following reasons:

  • To fulfil a contract that we have with you.
  • When it is our legal duty.
  • When it is in our legitimate interest.
  • When you consent to it.

A legitimate interest is when we have a business or commercial reason to use your information, including but not limited to internal administrative purposes, product development and enhancement, preventing fraud, ensuring network and information security. This also includes the retention of data required under law for accounting and taxation purposes for Pagan Village based.

How we will use the personal data from our clients and suppliers

In the preparation and performance of contracts to which you are a party such as a customer or a supplier and in keeping such financial details as necessary to allow us to receive payments from you or to make payments to you.

To help us prevent or detect fraud and other financial crimes.

To meet our legal obligations.

To communicate with you and provide information on specific services when you request it.

NOTE: We do not at present send out unsolicited marketing information or news letters. Updates to our services are promoted through our website and via social media.

Why we need your personal data and what happens if you fail to provide the requested information

We require your personal data as it is a contractual requirement or a requirement necessary to enter into a contract.

It is unlikely that we will be able to enter in to a contract, or maintain an existing contract with you, either as a customer or as a supplier.

how long do we retail the data of clients and suppliers

We keep your personal data no longer than reasonably necessary . Typically we will retain your data for the purposes of :

  • Fulfilling our business purposes.
  • Compliance with legal and regulatory requirements.
  • For any legal claims.

Sharing the personal information of our clients and suppliers.

We may share your personal information with our service providers and third parties who provide services on our behalf, including but not limited to:

  • Agents and administrators who we use to help run your accounts.
  • Fraud prevention and law enforcement agencies.
  • Regulators, governments, courts, dispute resolution bodies and auditors.

We will do this to respond to enquiries and complaints; undertake transactional analysis; support the provisions of service; assist in the detection of fraud and comply with legal obligations.

How do we protect our clients and suppliers data ?

To protect the security of your personal data we implement appropriate technical and organisational security measures which include physical and technical security safeguards and a governance model that ensures that adequate policies, procedures and controls are in place.

Transferring of Data abroad.

We do not transfer data outside the EEA.

Automated decision making.

We do not use any automated decision making in our business.

Our clients and suppliers rights and their personal data.

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:

The right to request a copy of the personal data which we hold about you.

The right to request that we correct any personal data if it is found to be inaccurate or out of date.

The right to request that your personal data is erased where it is no longer necessary to retain such data.

The right to request that we provide you with your personal data and where possible, to transmit that data directly to another data controller where applicable.

The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request that a restriction is placed on further processing.

The right to object to the automated processing of personal data except where used to detect, prevent and investigate fraud and other financial crimes.

Changes to our compliance policies

Any changes we may make to our privacy policy in the future will be posted on this page, and where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy. GDPR compliance is important to us, so if you believe we have missed something important from the content of this statement please email us.

How to make a complaint

To exercise all relevant rights, queries or complaints, please in the first instance contact our Data Representative on the company email address or by post. If this does not resolve your complaint to your satisfaction you have the right to lodge a complaint with:

The Information Commissioners Office, on 0303 1231113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF, England.


Contact & Communication with us

Users contacting us through this website do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use.

Please Note: If you contact us through this website, we wil reply to you under the terms legitimate interest and continue to do so until we have answered your query. Your email address, name, business name and other details will not be recorded on any database and we will only keep your information on file until such time as we have completed our business with you.

This excludes legal documents and digital files for tax and accounting purposes, which will be retained for 6 years in accordance with the current tax regulations operating within the United Kingdom

Email Mailing List & Marketing Messages

We do not operate an email mailing list program, except for existing clients under the term Legitimate Interest. This might be to advise on new tools and services directly relating to our business with you.


Information Security & Technical and Organisational Measures

Pagan Village based takes the privacy and security of individuals and their personal information very seriously and take every reasonable measure and precaution to protect and secure the personal data that we process. We have robust information security policies and procedures in place to protect personal information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures.

Although we only look to include quality, safe and relevant external links to other websites, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website.

Shortened URL's; URL shortening is a technique used on the web to shorten URL's (Uniform Resource Locators) to something substantially shorter. This technique is especially used in social media and looks similar to this (example: http://bit.ly/zyVUBo). Users should take caution before clicking on shortened URL links and verify their authenticity before proceeding.

We cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should therefore note they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.


Social Media Policy & Usage

While we may have official profiles on social media platforms users are advised to verify authenticity of such profiles before engaging with, or sharing information with such profiles. We will never ask for user passwords or personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.

There may be instances where our website features social sharing buttons, which help share web content directly from web pages to the respective social media platforms. You use social sharing buttons at your own discretion and accept that doing so may publish content to your social media profile feed or page. You can find further information about some social media privacy and usage policies on the individual platforms.


Cookies information

This website uses cookies to better the users experience while visiting the website. As required by legislation, where applicable this website uses a cookie control system, allowing the user to give explicit permission or to deny the use of /saving of cookies on their computer / device.

What are cookies?

Cookies are small files saved to the user's computers hard drive that track, save and store information about the user's interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.

Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors or use the cookie control system if available upon their first visit.

Website Visitor Tracking

This website uses tracking software to monitor its visitors to better understand how they use it. The software will save a cookie to your computers hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information. This is used for Google Analytics and Bing webmastering tools which tells us how many users have visited these pages. We also use AWstats to record visitor numbers.
No personal information about you is downloaded, stored or recorded

We use Google Analytics to collect information about how people use this site. We do this to make sure it’s meeting its users’ needs and to understand how we could do it better.

Google Analytics stores information about what pages you visit, how long you are on the site, how you got here and what you click on. We do not collect or store your personal information (e.g. your name or address) so this information cannot be used to identify who you are. We do not allow Google to use or share our analytics data.

3rd Party Cookies used

Name of Cookie value Purpose Duration
_ga GA1.2 Used through Google Analytics to view page use, visits and number of visitors. 3 months
cookiesDirective 1 Used to ensure users are aware of the Cookies Policy and details of the GDPR regulations 30 days
AWSUSER_ID Random key of letters and numbers AWStats is another way to measure website usage 10,000 hours
AWSSESSION_ID Random key of letters and numbers AWStats is another way to measure website usage Less than one day

How do I change my cookie settings?

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit www.aboutcookies.org or www.allaboutcookies.org.

Find out how to manage cookies on popular browsers:

To find information relating to other browsers, visit the browser developer's website.

To opt out of being tracked by Google Analytics across all websites, visit http://tools.google.com/dlpage/gaoptout.