top of page

PRIVACY POLICY

This Privacy Policy (the “Policy”) was adopted by Andrea's Touch, (the “Company”, “we”, or “us”). This Policy is designed to provide a detailed description of our approaches to the collection and processing of personal data when you use our website https://www.andreastouch.co.uk/ (the “Website”) or any other way of communication containing a reference to this Policy.

Our Website contains information about the Company’s activities, our team, services as well as newsletters, guides, alerts and other materials.

When the Website is being used, we not collect and process any personal data, include cookies and other. We only hold the personal information of the people you need to for our own advertising, marketing and public relations – for example information about past, existing or present customers or suppliers.

The Policy describes whose data we process, what data we process, for which purpose processing occurs, and other details of personal data processing and protection.

This Policy is governed by and interpreted according to English law. All disputes arising under this privacy policy are subject to the exclusive jurisdiction of the English courts.

  1. Definitions and interpretation

1.1. In this privacy policy, the following definitions are used:

  • “Data Protection Legislation” means the EU General Data Protection Regulation 2016/679 and the UK Data Protection Act 2018 together with all other applicable legislation relating to privacy or data protection and including any statute or statutory provision which amends, extends, consolidates or replaces the same. The terms “personal data”, “data subject”, “controller”, “processor”,“process” (and its derivatives) and “special categories of personal data” shall have the meanings given to them in the Data Protection Legislation;

  • “personal data” means any information relating to a directly or indirectly identified or identifiable individual (the personal data subject).

  • “personal data controller” means a legal entity, separately or jointly with other entities, arranging and/or carrying out personal data processing, as well as determining the purposes of personal data processing, the scope of personal data to be processed, actions or operations performed on personal data.

  • “personal data processing” means any action or operation, or set of actions or operations performed with personal data with the use of automated means or without such means, including collection, recording, systematisation, accumulation, storage, clarification (update, modification), retrieval, use, transfer (dissemination, provision, access to), depersonalisation, blocking, deletion or destruction of personal data.

  1. What information we collect

2.1. Personal data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

2.2. Through the Website, we collect and process only anonymous data of the Applicants, i.e. individuals who have submitted a request addressed to us via the request form or email. This could include requests for a fee proposal when you would like to receive our services, applications to get registered for an event we organise (e.g. surveys, tests), job seekers.

2.2.1. We process the following data of Applicants:

  • Name;

  • E-mail;

  • Services in which the Applicant is interested.

The data collected does not relate to personal data, as it is not linked to a specific individual. The data is necessary for our specialist to contact the provided contact with a detailed response to your request.

After your request from the Website, we can continue to interact with you, by signing a contract. In this case, your personal data will be processed in the category of Customer and suppliers. 

We process the following personal data of Customer and suppliers:

  • Name and surname;

  • Contact details;

  • Services;

  • Any other information.

The information is restricted to what is necessary for your advertising, marketing and public relations – for example, names, addresses and other identifiers.

2.4. We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

2.5. We process personal data of applicants on the basis of consent, which you give us when submitting your request.

  1. Purposes of processing and use of your personal information

3.1. Generally, personal data may be used by us for the following reasons:

  • internal record keeping;

  • consider your application where you have applied for a our service

  • improvement of our products/services;

  • data analytics;

  • carry out our obligations arising from any agreements entered into between you and us;

  • communicate with you;

  • administer the Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;

  • transmission by email of promotional materials that may be of interest to you (where we have the right to do so).

in each case, in accordance with this privacy policy and Data Protection Legislation.

  1. Legal basis for processing 

4.1. The Operator processes personal data only if there is at least one of the following conditions:

  • processing of personal data is carried out with the consent of the personal data subject to the processing of his personal data;

  • the processing of personal data is necessary for the execution of a contract to which either the beneficiary or the guarantor is the subject of personal data, as well as for the conclusion of a contract on the initiative of the subject of personal data or a contract under which the subject of personal data will be the beneficiary or guarantor;

  • processing of personal data is necessary to exercise the rights and legitimate interests of the Operator or third parties or to achieve socially significant goals, provided that the rights and freedoms of the personal data subject are not violated.

The operator and other persons who have gained access to personal data are obliged not to disclose to third parties and not to distribute personal data without the consent of the personal data subject, unless otherwise provided

  1. Disclosure of your personal information

5.1. Except as expressly set out in this privacy policy we do not share, sell, or lease personal information about you to any third parties for their marketing use.

5.2. However, any company needs to involve some third parties for technical and other issues in order to support its business as well as to use its IT infrastructures. Such process may involve instructing such third parties to process your personal data on behalf of the Company.

5.3. When we engage such third parties, we ensure that these third parties keep your personal data confidential and implement the necessary and appropriate organisational, legal and technical measures to protect your personal data.

5.4. Third parties that we involve process your personal data solely for the purposes indicated in this Policy.

  1. Retention

6.1. As a general rule, we process your personal data no longer than it is necessary to achieve the purposes of personal data processing.

6.2. Once the purposes of personal data processing are achieved, we will delete and/or destroy personal data within 30 days.

6.3. We will also cease processing your personal data, and delete or destroy it, if you withdraw your consent to data processing, where we process your personal data on the basis of consent.

6.4. Please note that, in certain cases, we may continue processing your data after you have withdrawn your consent, where such processing is necessary to perform our duties arising from applicable laws or where such processing is required to exercise the rights and legitimate interest of the Company.

6.5. Where we are permitted to send you direct marketing communications we may retain your contact information necessary for this purpose, (provided that you have consented to receive them) until you unsubscribe from receiving the same from us.

  1. Your rights

7.1. You have the following rights in respect of personal data processing performed by us:

  • To withdraw your consent to the processing of your personal data.

  • To require the clarification, blocking and/or destruction of incomplete, inaccurate, outdated, unlawfully obtained or unnecessary personal data.

  • To access to your personal data.

  • To object against our personal data being processed, including by filing a complaint with the data protection authority or a claim with the competent court.

7.2. Requests to exercise these rights should be made in writing to andreas.touch.info@gmail.com we will respond within a reasonable period or in accordance with any statutory time limits contained in Data Protection Legislation. Some of these rights are not absolute and will be assessed when we receive a request.

  1. Processing of your personal data

8.1. We carry out automated and non-automated personal data processing (mixed processing).

8.2. When processing your personal data, we perform the following actions or operations on such personal data: collection, recording, systematisation, accumulation, storage, clarification (update, modification), retrieval, use, transfer (provision, access), depersonalisation, blocking, deletion or destruction of personal data.

8.3. As a general rule, we will not disseminate the personal data discussed in this Policy. If we need to carry out dissemination, we will ask for your specific consent for this.

8.4. We ensure that the recording, systematisation, accumulation, storage, clarification (update, modification) and retrieval of your personal data are performed with the use of databases located in European Economic Area (“EEA“)

8.5. We do not carry out automated decision-making or profiling in relation to your personal data.

  1. Security

9.1. Data security is of great importance to us and to protect your personal data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure your personal data.

9.2. We treat confidentiality and security of your personal data as our key principles of personal data processing. We have implemented adequate technical, legal and organisational measures in respect of your personal data.

9.3. We undertake to take any other necessary legal, organisational and technical measures to protect personal data from unlawful or accidental access, destruction, modification, blocking, copying, transfer, dissemination, as well as any other unlawful actions in respect of personal data, in particular, measures covered by the Law.

9.4. We endeavor to do our best to protect your personal data. However, the transmission of information over the internet is not entirely secure and is done at your own risk. 

  1. Amendments to this Policy

10.1. We reserve the right to make amendments to this Policy.

10.2. We will publish the amended Policy on the Website, so you can always get acquainted with the up-to-date version.

  1. Contacting us and complaints

11.1. If you would like to exercise your rights (e.g. withdraw your consent), receive certain information from us or have any other questions related to this Policy or our personal data processing, you may send us a request:

Last update: February  27th, 2025

bottom of page