- what personal data we collect and why we collect it
- how we use the data
- your rights under the General Data Protection Regulation
Our website address is: https://www.colourmyhealth.com
Colour My Health is a Xelium Ltd’s online publication. Xelium Ltd is a design, publishing and consultancy firm specialising in web presence, online learning environment, e-commerce, booking system, line of business applications, infrastructure and training services.
What personal data we collect and why we collect it
We collection information about you when you register with us or place an order for products or services. We also collection information when you voluntarily complete contact forms, leave comments, participate in online quizzes, provide feedback or participate in any of our website competitions.
We may collect the following information:
- name and job title
- contact information including email address
- demographic information such as postcode, preferences and interests
- other information relevant to customer surveys and/or offers
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
We use Google Analytics to analyse the use of our website and help us create a more useful and easy to use site. This is a web analytics service provided by Google. Google Analytics uses “cookies”, which are text files placed on your computer, to collect information such as visitor numbers and the most popular pages.
The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.
How will we use the information about you?
We collect information about you to process your order, manage your account and if you agree to email you about other products and services we think may be of interest to you.
Who we share your data with
We do not share or pass any of your personal data to outside organisations and/or individuals, except with your express consent, unless there is a lawful requirement to do so, for example, the National Fraud Initiative.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
How long do we keep your data
We will only keep your data for as long as it is necessary to deliver the service safely and securely. We may retain some records to maintain compliance with other applicable legislation e.g. finance, taxation, fraud and money laundering law.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Your rights under Data Protection Regulation
You may be asked to provide information to confirm your identity in order to exercise your rights. Under the terms of data protection legislation, you have the following rights:Use the heading links for further information.
Right to Access
You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please contact us using the details below.
Right to Rectification
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Right to Erasure (Right to be Forgotten)
You have the right to request that your information is removed. Where it is appropriate that we comply, your request will be fully actioned within 30 days.
Right to Object
You have the right to object to the processing of your information; the continued use of your data fo any purpose listed above for which consent is identified as the lawful basis for processing i.e. you have the right to withdraw your consent at any time.
Right to Restriction of Processing
You have the right to request that we restrict the extent of our processing activities;
Right to Data Portability
You have the right to receive the personal data which you have provided to us in a structured, commonly used and machine readable format suitable for transferring to another controller.
Where we send your data
We use a range of trusted service providers to help deliver our services. All of our suppliers are subject to appropriate safeguards, operating in accordance with our specific instructions and limitations, and in full compliance with Data Protection Law.
These service providers include:
- Payment Processors – to securely process your card payments (we do not see, or store payment card details)
- Email Providers – to send out our email notifications or receive messages sent by our Customers
- Hosting Providers – to manage our secure enterprise hosted servers
- Security Providers – to protect our systems from attack
- Telephony Providers – we might record calls for training, quality and security purposes
- Spam Detection Service – to check visitor comment through an automated spam detection service.
We may also have access to your personal information as part of delivering the service.
We will only disclose your information to other parties in the following limited circumstances
- where we are legally obliged to do so, e.g. to law enforcement and regulatory authorities
- where there is a duty to disclose in the public interest
- where disclosure is necessary to protect our interest e.g. to prevent or detect crime and fraud
- where you give us permission to do so e.g. by providing consent via online applications or consent forms
How to Contact Us
Xelium makes every effort to maintain the accuracy of the information on this website but cannot accept responsibility for any loss or damage which may occur from use of the information.
Xelium does not provide quality control of external links; the inclusion of any company’s name within the pages should not be construed as a recommendation of that company’s products and / or services.
If you find anything that causes concern please use the Contact form to let us know.