Privacy Statement.

The purpose of this policy


We are committed to protecting your privacy and safeguarding your personal data. Our use of your personal data is subject to the EU General Data Protection Regulation, other relevant UK and EU legislation (together
Data Protection Legislation), as well as marketing rules.In this privacy policy we explain how we will process your personal information obtained through your use of this website or through other interactions with you or third parties (e.g. buying or enquiring about our products or services or attending our events). It is important that you read this privacy policy, together with any other privacy notice we may provide on specific occasions, so that you are fully aware of how and why we are using your data, and what data protection rights you have.

What does this policy cover:

1. Who we are


When we say we, us or our in this privacy policy, we mean Milkman Digital, a company incorporated and registered in The Netherlands with company number 73573566, and whose registered office is at Jupiterkade 7, 2516 BS in The NetherlandsFor the purposes of the Data Protection Legislation, we are the controller of your personal data. This means that we are responsible for deciding how we hold and use personal information about you.

2. Personal data we collect

Personal data
means information which relates to an identified or an identifiable individual. We may collect, use, store and transfer various types of personal data relating to your identity, contact details, profile, profession, usage of our website and website services, and our networking and professional interactions with you.We do not provide goods or services to children below 16 or collect their personal data.We may also collect, use and share anonymised, aggregated data such as statistical or demographic data for any purpose. Anonymised data may be derived from your personal data but is not considered personal information in law as this information does not directly or indirectly reveal your identity. For example, we may aggregate information on how you use our website to calculate the percentage of users accessing a specific website feature. For further details, see sections 9 to 11 of this policy.

3. How we collect personal data

We collect most of this information from you directly. However, we may also collect information from other sources.

Type of source

Examples

Your use of our website

when you subscribe to our updates; inquiry of the “Milk Tasling”: submit an online enquiry; subscribe to our services; buy our products via our online store; or download our free materials.

Direct interactions with you

when you first contact us (e.g. by phone or email); when you sign up or attend our seminars; when you give us your business card; when you register interest in our services; or when you take part in our university live projects.

From publicly accessible sources

your website; your professional profiles on social media platforms (e.g. LinkedIn).

Directly from a third party

our corporate customer or prospective customer whom you represent or work for; another organisation or professional who told us that you would like to hear from us; or your university or college taking part in our projects.

Automated technologies or interactions

As you interact with our website, we may automatically collect technical data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies, server logs, and other similar technologies. Please see section 4. “How we use cookies” for further details.

4. How we use cookies

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.For further details, see sections 9 to 11 of this policy.

5. How and why we use personal data

Under the Data Protection Legislation, we can only use your personal data if we have a proper reason for doing so. For example,
because:

- you have given us your consent;
- it is necessary for the performance of a contract;
- it is necessary for our legitimate interests or those of a third party;
- or it is necessary for the protection of your vital interests or those of a third party.

Where your consent is required, we will ask you for such consent separately and clearly. You have the right to withdraw consent to marketing at any time by emailing info@milkman.digital or using the ‘unsubscribe’ link in our marketing emails. Even if we are not required to obtain your consent for marketing purposes, you can still opt-out of receiving marketing communications at any time, so you are still in control. We may ask you to confirm or update your marketing preferences if you instruct us to provide further services in the future, or if there are changes in the law, regulation, or structure of our business.

A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.

For further details, see sections 8 to 10 of this policy.

6. Who we share personal data with

We may share your information with third parties for the purposes set out in this policy. For example, we may:

- share your personal data with our suppliers, who process data on our behalf as data processors, and which we use to operate our business. We impose contractual obligations on service providers to ensure that they can only use your personal data to provide services to us and to you;
- disclose your personal data to professional advisers (e.g. lawyers, accountants, auditors or insurers) who provide professional services to us;
- disclose your personal data to certain third parties if specifically requested or agreed with you (e.g. if you ask us to introduce you to a third party);
- disclose and exchange certain information with law enforcement agencies and regulatory bodies to comply with our legal obligations;
- and share some personal data with other parties, such as potential buyers of some or all of our business or during a re-structuring. Usually, information will be anonymized but this may not always be possible. The recipient of the information will be bound by confidentiality obligations

7. International transfers of data

We may transfer your personal data to a destination outside of the United Kingdom. Transfers of data outside the European Economic Area (EEA) are subject to special rules under the Data Protection Legislation.

We use cloud-based platforms and tools for the purpose of running our website, selling our products, managing payments and accounts, marketing our activities, storing information and communicating with internal and external parties. The providers of these systems are based either in the EEA or outside the EEA (mainly in the US). Those who are based in the US subscribe to the EU-US Privacy Shield, which the European Commission considers to be providing an appropriate level of protection.

Some of our providers may further transfer your data to their group companies or other processors based outside the EEA. When they do so, such transfers are either to countries that the European Commission considers to provide the appropriate level of protection, or are safeguarded by means of a lawful mechanism, such as contractual obligations based on the standard provisions approved by the European Commission or binding corporate rules.

If you want further information on the specific mechanism used by us when transferring your personal data out of the EU please contact us at info@milkman.digital

8. How long we keep personal data

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for.In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

9. If you use our website

Types of personal data we may collect

Examples

Identity data

Name; title; user IDs;

Contact data

Address; billing address; email; telephone number;

Financial and transaction data

Payment card details; details of orders made and processed; details of payments received from you (including country you make payments from); invoices; receipts;

Professional data

Job title; company name; business telephone; business email;

Usage data

Services you signed up to (e.g. our blogs, updates); account activity; download history; events you attended or expressed interest in; products you purchased and prices paid; free materials you downloaded;

Profile data

Interests; preferences (including marketing permissions and preferences and unsubscribe history); feedback and survey responses;

Communication data

Details of communication with you exchanged via our website, email or social media channels;

Technical data

Internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website.

Reasons for using your data

Lawful basis for processing

- to place cookies on your device (please see our Cookie Notice [insert as link] for further details);
- to respond to your enquiries;
- to send you our updates or other electronic marketing communications which you subscribed to, or otherwise requested
- to send you other electronic marketing communication (if you are not our existing client or a representative of a business)
- if we want to share your details with a third party (e.g. because we think that their products, services, or event might be of interest to you)

You have given us your consent

- to register you as a new customer or administer your account;
- to provide our services or sell our products to you;
- to process and deliver your order;
- manage our relationship with you (e.g. to respond to your enquiries or to notify you about changes to our services).

Necessary for the performance of contract we have or are about to enter with you

- to administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data);
- to interact with you professionally (e.g. if you represent our client, supplier or business partner);
- to manage your account and our relationship with you;
- to manage payments, fees, charges;to deal with your enquiry unrelated to a contract which we may have with you;
- to provide you with a free service (e.g. enable you to download free contact from our website);
- to ask you to leave a review or complete a survey;to increase our business or promote our brand through marketing communication where your express consent is not required by law;
- to measure or understand the effectiveness of the advertising we provide to you;
- to improve our website, products, services, marketing, and customer relationships and understanding;
- to conduct web analytics;
- for the prevention and detection of fraud;
- and for the establishment, exercise or defence of legal claims.

Necessary for our legitimate interest

10. If we interact with you as a business otherwise

Types of personal data we may collect

Examples

Identity data

Name; title; user IDs

Contact data

Address; billing address; email; telephone number;

Financial and transaction data

Payment card details; bank details; details of orders made and processed; details of payments received from you (including country you make payments from); details of payments made to you; invoices; receipts;

Professional data

Job title; company name; business telephone; business email; CV;

Usage data

Services you purchased (e.g. our workshops, consultancy, presentations); account activity; channel usage; events you attended or expressed interest in (e.g. our seminars); products you purchased and prices paid (e.g. our printed books);

Contract dataProfile data

Copy of and information about our contract with you;Interests; preferences (including marketing permissions and preferences); feedback and survey responses;

Communication data

Details of communication with you exchanged via our website, email, social media channels or post.

Reasons for using your data

Lawful basis for processing

- to respond to your enquiries and to keep in touch with you;
- to send you other electronic marketing communication (if you are not our existing client or a representative of a business);
- if we want to share your details with a third party (e.g. because we think that their products, services, or event might be of interest to you).

You have given us your consent

- to administer your account supplier/customer account;
- to provide you a service to sell our products to you;
- to make payments to you;
- to process and deliver your orders;manage our relationship with you.

Necessary for the performance of contract with have or are about to enter with you

- to administer and protect our business;
- to interact with you professionally (e.g. if you represent our client, supplier or business partner);
- to manage your account and our relationship with you;
- to manage payments, fees, charges, and collect and recover money which you may owe to us;
- to deal with your enquiry unrelated to a contract which we may have with you;
- to ask you to leave a review or complete a survey;
- to increase our business or promote our brand through marketing communication where your express consent is not required by law;
- to measure or understand the effectiveness of the advertising we provide to you;to improve our website, products, services, marketing, and customer relationships and understanding;
- for the prevention and detection of fraud;
- and for the establishment, exercise or defence of legal claims.

Necessary for our legitimate interest

11. If you apply for a job or internship in our company

Types of personal data we may collect

Examples

Identity data

Name; title; identity documents

Contact data

Address; email; telephone number

Education data

CVs; qualifications; job experience

Wellbeing data

Wellbeing and socio-demographic data (which may include special categories of data, e.g. data related to health)

Reasons for using your data

Lawful basis for processing

Recruitment (to consider your application for our job or internship)

You have given us your consent

Staff administration (to enable you to participate in the job activities or internship)

Necessary for the performance of contract we have or are about to enter with you

Health and safety

Necessary to protect your vital interests (or those of a third party)

If your application is not successful, we will keep your data for one year after the end of the recruitment process. If your application is successful, we will keep most of your data for the duration of your internship. We will keep your contact details for six years after the end of your internship to keep in touch with you about future recruitment opportunities.

12. Your rights

You have a number of rights in relation to your personal data, which allow you to access and control your information in certain circumstances. You can exercise these rights free of charge, unless your request is manifestly unfounded or excessive (in which case we may charge a reasonable administrative fee or refuse to respond to such request).

Under certain circumstances, you have the following data protection rights:

Your right

Explanation

Access

This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

Rectification

The right to require us to correct any inaccuracies in your personal data.

Erasure (to be forgotten)

The right to require us to delete your personal data in certain situations.

To restrict processing

The right to require us to restrict processing of your personal data in certain circumstances (e.g. if you contest the accuracy of the data we hold).

Data portability

The right to receive, in certain situations, the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party.

To object

The right to object at any time to your personal data being processed for direct marketing (including profiling) or, in certain other situations, to our continued processing of your personal data (e.g. processing carried out for the purpose of our legitimate interests).

Rights related to automated decision making including profiling

The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you, or similarly significantly affects you.

If you would like to exercise any of those rights, please contact us at by using the contact methods set out in section 15. “How to contact us” of this policy. Please let us know what right you want to exercise and the information to which your request relates.

For further information on your rights, please see the Information Commissioner’s Office Guide to the General Data Protection Regulation.

13. Keeping personal data secure

We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

14. Complaints

We hope that we can resolve any query or concern you may raise about our use of your information. You may contact us by using the contact methods set out in the How to contact us [insert as link] section of this policy.

The Data Protection Legislation also gives you a right to lodge a complaint with a supervisory authority, in particular in the European Union (or the European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws has occurred. The supervisory authority in the UK is the Information Commissioner, who may be contacted at https://ico.org.uk/concerns or by telephone on: 0303 123 1113. We would, however, appreciate the chance to deal with your concerns before you approach the Information Commissioner’s Office, so please contact us in the first instance.

15. How to contact us

If you have any questions about this privacy policy, (including any requests to exercise your legal rights) please contact us by either email at info@milkman.digital or post at 28 Lime Street, Newcastle upon Tyne, NE1 2PL.

16. Changes to this privacy policy

This privacy policy was last updated on 05th August 2022.We may change this privacy policy from time to time, when we do we will publish the new version of the policy on our website. We may also inform you via email or post at Jupiterkade 7, 2516 BS in The Netherlands.