Privacy policy
At Thought&Function, accessible from thoughtandfunction.com, one of our main priorities is the privacy of our visitors. This Privacy Policy document contains important information on who we are and how and why we collect, store and use and share any information relating to you (your personal data) in connection with your use of our website and/or our services.
If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us through email at [email protected]
General Data Protection Regulation (GDPR)
We collect, use and are responsible for certain personal data about you. When we do so, we are subject to the UK general Data Protection Regulation (UK GDPR). We are also subject to the EU General Data Protection Regulation (EU GDPR) in relation to services we offer to individuals in the European Economic Area (EEA). Where we transfer personal data and special category personal data outside of the UK and EEA, we will ensure such transfers are necessary for the performance of the contract between you and the controller or necessary for the conclusion or performance of a contract concluded in your interests between the controller and another natural or legal person. Please see ‘Where your personal data is held’ below for further information. The personal data (which is any information relating to an identified or identifiable individual) we collect about you depends on the specific context in which we collect the information.
We will collect and use the following personal data about you:
- Your name and contact information including email address and password.
- Your gender
- Information on how you use our website, IT, communication and other systems
- Your responses to our questionnaire
- Your address
We collect and use this personal data for the purposes described in the section ‘How and why we use your personal data’ below. If you do not provide personal data we ask for, it may delay or prevent us from providing our services to you.
How your personal data is collected
We collect most of this personal data directly from you. However we may also collect information from cookies on our website or from a third party with your consent. More information is available below.
How and why we use your personal data
Under data protection law, we can only use your personal data if we have a proper reason, eg:
- We need to enter or perform a contract with you
- You have given us permission to collect your personal data
- Processing your personal information is in our legitimate interests or those of a third party
- We need to comply with the law and our regulatory obligations.
The table below explains what we use your personal data for and why
- To comply with our legal and regulatory obligations;
- in other cases, for our legitimate interests, i.e., to protect our business, interests and rights.
- for our legitimate interests, i.e., to protect trade secrets and other commercially valuable information;
- to comply with our legal and regulatory obligations.
Cookies and Web Beacons
Like any other website, our website uses 'cookies'. These cookies are used to store information including visitors' preferences, and the pages on the website that the visitor accessed or visited. The information is used to optimize the users' experience by customizing our web page content based on visitors' browser type and/or other information.
Note that we have no access to or control over these cookies that are used by third-party advertisers.
- for our legitimate interests, i.e., to prevent and detect criminal activity that could be damaging for you and/or us;
- to comply with our legal and regulatory obligations.
- to perform our contract with you or to take steps at your request before entering into a contract;
- to comply with our legal and regulatory obligations;
- for our legitimate interests, e.g., making sure that we can keep in touch with our customers about existing orders and new services.
- to comply with our legal and regulatory obligations;
- for our legitimate interests, e.g., to make sure we are following our own internal procedures and working efficiently so we can deliver the best service to you.
- existing and former customers;
- third parties who have previously expressed an interest in our services;
- third parties with whom we have had no previous dealings.
You have the right to opt out of receiving marketing communications at any time by:
- Contacting us at:[email protected]- Using the unsubscribe link in emails or texting ‘STOP’ to texts.
We may ask you to confirm or update your marketing preferences if you ask us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business.
We will always treat your personal data with the utmost respect and never sell it to other third-party organisations for marketing purposes.
Log Files
We follow a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and this is a part of hosting services' analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analysing trends, administering the site, tracking users' movement on the website, and gathering demographic information.
Here is a list of our hosting partners, with whom we routinely share personal data:
https://www.heroku.comhttps://www.heroku.com
https://vercel.com/
https://cloud.google.com/gcp
Here is a list of our third-party service partners:
https://www.hubspot.com/Hubspot may collect your Name, email address, and phone number
Special category personal data
Certain personal data we collect and/or process is treated as special category to which additional protections apply under data protection law i.e., data concerning health.
Where we process special category personal data, we will also ensure we are permitted to do so under data protection laws, e.g.,:
• we have your explicit consent;
•the processing is necessary to protect your (or someone else’s) vital interests where you are physically or legally incapable of giving consent; or
•the processing is necessary to establish, exercise or defend legal claims.
We or the third parties mentioned above occasionally also share personal data with:
Sharing data with third parties
The table above contains details of the third parties we routinely share personal data with.
We or the third parties mentioned above occasionally also share personal data with:
- our and their external auditors, e.g., in relation to the audit of our or their accounts, in which case the recipient of the information will be bound by confidentiality obligations;
- our and their professional advisors (such as lawyers and other advisors), in which case the recipient of the information will be bound by confidentiality obligations;
- law enforcement agencies, courts, tribunals and regulatory bodies to comply with our legal and regulatory obligations;
- other parties that have or may acquire control or ownership of our business (and our or their professional advisers) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency—usually, information will be anonymised but this may not always be possible. The recipient of any of your personal data will be bound by confidentiality obligations.
Where your personal data is held
Personal data may be held on our company servers and those of our third party partners, service providers, representatives and agents.
Some of these third parties may be based outside the UK/EEA.
The EEA, UK and other countries outside the EEA and the UK have differing data protection laws, some of which may provide lower levels of protection of privacy.
It is sometimes necessary for us to transfer your personal data to countries outside the UK and EEA. In those cases, we will comply with applicable UK and EEA laws designed to ensure the privacy of your personal data.
Under data protections laws, we can only transfer your personal data to a country outside the UK/EEA where:
- in the case of transfers subject to UK data protection law, the UK government has decided the particular country ensures an adequate level of protection of personal data (known as an ‘adequacy regulation’) further to Article 45 of the UK GDPR. A list of countries the UK currently has adequacy regulations in relation to is available here.
- in the case of transfers subject to EEA data protection laws, the European Commission has decided that the particular country ensures an adequate level of protection of personal data (known as an ‘adequacy decision’) further to Article 45 of the EU GDPR. A list of countries the European Commission has currently made adequacy decisions in relation to is available here.
- there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you; or
- a specific exception applies under relevant data protection law.
In the event we cannot or choose not to rely on the mechanisms above, we will not transfer your data outside the UK/EEA unless we can do so on the basis of an alternative mechanism or exception provided by UK or applicable data protection law and reflected in an update to this policy.
How long your personal data will be kept
We will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.
If you wish to be informed what Personal Information we hold about you and if you want it to be removed from our systems, please contact us at [email protected]
Your rights
In certain circumstances, you have the following data protection rights:
- The right to access, update or to delete the information we have on you.
- The right of rectification.
- The right to object.
- The right of restriction.
- The right to data portability
- The right to withdraw consent
For more information on each of those rights, including the circumstances in which they apply, please see the guidance from the UK Commissioner’s Office (ICO) on individual’s rights, accessible here.If you would like to exercise any of those rights, please email us on [email protected]
Third Party Privacy Policies
Thought&Function's Privacy Policy does not apply to other advertisers or websites. Thus, we always advise that you consult the respective Privacy Policies of these third-party ad servers or providers for more detailed information. It may include their practices and instructions about how to opt-out of certain options. You will find a complete list of these Privacy Policies and their links in the table above
You can choose to disable cookies through your individual browser options. To know more detailed information about cookie management with specific web browsers, it can be found at the browsers' respective websites.
Children's Information
Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.
We do not knowingly collect any personal identifiable information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.
Online Privacy Policy Only
Our Privacy Policy applies only to our online activities and is valid for visitors to our website or users of our services with regards to the information that is shared with us, that we collect or transfer or we share with third parties..
Consent
By using our website and/or engaging our services, you hereby consent to our Privacy Policy and agree to its terms.