Highrise Digital Ltd Privacy Policy

This document outlines our privacy policy. Privacy is critically important to us and this document outlines:

• The information we collect;
• The information you share with us;
• What we do with that information;
• Who we share this information with;
• How we keep your information secure.

Who are we?

We are Highrise Digital Ltd and we run a web development agency, providing primarily WordPress development services to clients. In addition to this we also sell some of our development products in our store as digital downloads.

Contact Details

Full name of legal entity: Highrise Digital Ltd
Email address: hello@highrise.digital
Postal address: 35 Station Approach, West Byfleet, Surrey, United Kingdom, KT14 6NF
Telephone number: 01772 456 448

The privacy policy applies to any information we collect about you when you use:

• Our websites – this includes highrise.digital and store.highrise.digital
• Our web development services – this is when you engage with us to complete some work for you, usually WordPress development but it could be maintenance and support or consultancy

Throughout this document we are going to refer to our websites and any services that we offer such as web development, consultancy, hosting and maintenance as “services”.

This privacy policy explains what data we collect from you, what data you submit to us and why we require this data. We also explain how we share this data with other services and the reasons for this.

Information we collect

We only collect information if we have a reason for this such as if we need it to communicate with you or to provide you with a service. Sometimes we collect information in order to try and make our services better.

Below we outline the different ways in which we collect information from you.

Information you provide to us

Information that you provide to us when using our services is collected and stored. What we collect and store depends on the context. Here are some examples.

• Contact form information – if you have filled in our contact form we collect your name, email address, telephone number and other information your include in your message to us. We collect this information as it is the basic information we need to communicate with you about your enquiry.
• Basic contact information – this is usually for invoicing purposes and typically we need to collect your name, address, telephone number, email address and company information such as VAT number in order to meet regulations on financial transactions and invoicing.
• Transaction and billing information – if you buy something from our online store, we will collect personal payment information to process the transaction such as your name, credit card information (although we don’t store this ourselves, it is passed securely to our payment gateway provider) and your contact information required for a financial transaction.
• Credentials – you may provide us with credentials for accessing a website, for example, WordPress login details or (s)FTP or SSH details
• Website backups – there may be times when we need a copy of your website in order to work on features or debug a problem which you have asked us for help with. For this, we work on a copy of your site which you would provide us with. When you do this, you agree that you have removed any personally identifiable data that may be on the website copy that you do not have authority to share with others.
• Mailing list – if you have signed up for our mailing list we collect your first and last name and your email address.

Information we collect automatically

When you use our services we may also collect some information automatically. Below is the information we may automatically collect from you.

• Location information – we collect and determine your approximate location based on the IP address of your device. We collect this information so we can, for example, better understand how many people use our services from different countries. This helps us make them more accessible to people in those locations and improve our services.
• Log information – when accessing our services we collect basic log information about the device you are using, the operating system it is running, its IP address, the language of the device, the browser being used and the date and time of access.
• Cookies – Highrise Digital uses cookies on its websites in order to track anonymised usage of our services. This enables us to see which pages are clicked on by users as well as other information. They are also important for when you log in to our services, such as the online store and it enables functionality such as our store basket to function correctly. You can, of course, switch off cookies in your browser.

How we use information

The information we collect, as outlined above is used in a number of different ways, some already mentioned above and as follows:

• To provide our services – for example, to set up your account with us in our accounting package so that we can issue invoices or to set up your account in our online store. This is necessary to perform our contract with you.
• To communicate with you about a project, offers and promotions that we may think are of interest to you and to receive feedback from you about our service provided. You can opt out of receiving communication about offers, promotions and new products at any time by either clicking the links in the communications or by contacting us. When you sign up we always ask for your consent to process and store your information and to sent you communications.
• To improve our services and make them better for everyone.

Sharing information

We never sell your information to any third party, but we do share your information in the circumstances outlined below, with safeguards in place to help protect your privacy.

• Employees and independent contractors – it may be the case we need to share your details with a contractor who we have employed to work on your project. They need this information to be able to communicate with you and access various things e.g. your server or website.
• Third-party vendors – to help us run our business we use several third-party vendors to provide services to us, for example, accounting software and payment providers. We need to provide them with your details so they can carry out those services successfully and safely. We also use some services to store our data on such as cloud storage solutions. All this data is stored in a secure way (see below). We share information with organisations in the following categories:
  • Cloud storage solutions to store assets and files that we need to carry out our service
  • Accounting software in order to run our accounting and invoicing efficiently. We are required to do this for transactions and reporting things such as tax and company accounts.
  • Web hosting is used to host customer website and/or staging sites so that we can present our work to clients and receive feedback.
  • Project management software allows us to efficiently manage the services we provide. Clients are likely to have their own account with these providers and can, therefore, control what data they provide.
  • Cloud-based email providers mean we can efficiently access our communications. We store all emails sent and received in these third-party systems.
  • Time tracking software is used when we are providing a time based billable service. This is done to make sure we invoice clients with the right amount at the end of a project. We only add the project name and client name to this software.
  • We use marketing partners to help us improve our business. Some of this work involves communicating with our clients to help understand how we can improve our services. Information shared here is not to market our services directly to you, but to help us improve our overall marketing strategies and the services we can provide to clients.
• Business Transfers – in connection with any merger, sale of company assets, or acquisition of all or a portion of our business by another company, or in the unlikely event that Highrise Digital goes out of business or enters bankruptcy, user information would likely be one of the assets that is transferred or acquired by a third party. If any of these events were to happen, this Privacy Policy would continue to apply to your information and the party receiving your information may continue to use your information, but only consistent with this Privacy Policy.
• As Required by Law – we may disclose information about you in response to a court order, or other governmental requests.
• To Protect Rights and Property – we may disclose information about you when we believe, in good faith, that disclosure is reasonably necessary to protect the property or rights of Highrise Digital, third parties, or the public at large. For example, if we have a good faith belief that there is an imminent danger of death or serious physical injury, we may disclose information related to the emergency without delay.

Information shared publicly

We like to show off our work to help market our products and services with others. Unless agreed in our contract we may share the work we have done in our portfolio or list your site in a list of sites which uses one of our products or plugins.

We may also share your company or project name with others when discussing our work and work we have done in the past with clients.

Data Retention

Enquiries

For enquiries that we receive, we keep your enquiry for 1 year. After this time, if we have not engaged in any work with you then we delete or anonymise your data after 1 year.

Customers

As a customer where we have carried out some work for you and issued an invoice where there has been a financial transaction, we are legally obliged to keep records on this relationship for a period of 7 years for company record keeping.

Security

Whilst nothing is ever 100% secure, we work very hard to protect information about you against unauthorised access, use, alteration or destruction and we take reasonable measures to do so.

All the data we store on you is stored on servers or computers which use encryption when sending data from one device to another. Where services allow us to, we always use Two Factor Authentication to improve the security of login information and reduce the risk of login information being used to gain unauthorised access.

Data Breach Procedure

In the unfortunate circumstances where a data breach occurs, we will following the procedure outlined below:

1. We will notify the affected parties as soon as possible including the Information Commissioners Office (ICO).
2. Record the details of the breach in our data breach log.
3. Take measures to fix the problem that lead to the breach in the first instance.
4. Produce a report about the data breach including the following:
   1. What went wrong
   2. How we went about fixing it
   3. The steps we have taken to prevent a similar breach in the future

Choices

You have several choices regarding the information we store about you:

• Limit the information that you provide – you can choose to provide us with only the information we require to operate our services and not any optional information.
• Opt-out of electronic communications – you may choose to opt out of receiving electronic communications from us by following the instructions in those messages. If you do opt out, we may still send you other messages such as those about your account (e.g. service expiration emails) and legal notices.
• Set your browser to reject cookies – you can set your browser to reject cookies which will mean we will not track the data from you that we usually collect via cookies (see above). This comes with the drawback that some of our services may not operate or function properly without the aid of cookies.

Your “right to be forgotten”

You have a right to both access the information we hold from you as well as asking us to remove the information we hold from our systems. You can request either of these, doing so by completing the data request form here. If you request that we delete your information, you understand this may mean that we cannot continue providing you with the service or product you are currently using. We will also request that other organisations who we have shared your data with do the same. If you require a list of these organisations, please indicate this when contacting us with your request.

Transferring Information

Highrise Digital is primarily a UK based business but we do work with clients and third party providers from across the world. By accessing or using our services or providing your information to us you consent to us processing, transferring and storing your information in countries which could be outside of the UK and/or different from your home country.

Website Hosting

If we manage or host your website on our servers, any information you enter into those websites, servers or hosting accounts remains your property. We will never disclose this information to any other parties, unless required to do so by law, or if required to do so by our chosen hosting provider in order to keep your website running. We will only access the information you have added to your hosting when we are required to do so to complete any tasks we have agreed on.

Privacy Policy Changes

As our services and products change and to keep in line with current regulation and guidelines this privacy policy may change from time to time. These are likely to be minor changes however we recommend you continue to check this page from time to time. By continuing to use this site, our other sites and our products and services constitutes your acceptance of any changes.

How to contact us

Please contact us using our contact form if you have any questions about our Privacy Policy or information we hold about you. You can also contact us by post using the address below:

Highrise Digital Ltd.
35 Station Approach,
West Byfleet,
Surrey,
KT14 6NF

With thanks to Automattic for making their privacy policy Creative Commons Sharealike.