Privacy Policy for James Meads Media & Consulting Ltd.
James Meads Media & Consulting Ltd., a company registered in Bulgaria and with its registered address at ul. Razvigor 2, 1421 Sofia, Bulgaria, is pleased that you have found our online presence. We highly regard the safe processing of your data. We therefore wish to clearly inform you in regard to how we use your data when you visit our website.
1. Glossary of Terms
James Meads Media & Consulting’s Privacy policy is based on the terminology used through European Union Policy and Guidelines which result from the enactment of the General Data Protection Regulation (GDPR). Our Privacy Policy is intended to be open and easily understandable for both the general public as well as business partners and clients.
To ensure this we wish to highlight the following terminology used throughout this text.
- Person-specific data: Person-specific data are all pieces of information which relate to an identifiable or identified individual person (herewith referred to as “affected person”). The term identifiable person refers either to a natural person, who may either directly or indirectly be identifiable, in particular through means of a name, an ID number, locational information, online handle or a single or multiple characteristic(s), through which could express the physical, physiological, genetic, psychic, economic, cultural or social identity of this affected person.
- Affected Person: Affected person is each identified or identifiable natural person whose specific personal data which is processed by those individuals responsible.
- Processing: Processing is each executed procedure, with or without help of automated processes, or each such process step in connection with person-specific data such as the input, registration, organisation, filing, storage, updating or amendments, the request, selection, usage, presentation for audit or inspection, controls, deletion or destruction.
- Limitation of Processing: Limitation of processing is the labelling of stored, personal data with the objective to limit any future processing of this data.
- Profiling: Profiling is a form of processing of personal data which enables this data to be used to identify and evaluate certain personal characteristics or preferences of an individual, for example economic situation, health, personal preferences, interests, credit worthiness, interests, relationships, place of residence, and to analyse or predict such events.
- Pseudomisation: Pseudomisation is the processing of personal data in a way in which a specific individual may no longer be individually identified, insofar as this additional information may explicitly be retained, and technical and organisational process-related measures underpin the guarantee that personal data cannot result in the identification of a specific individual person.
- The responsible entity or data protection officer: The responsible entity or data protection officer is the natural person or a legal entity, civic or government office, agency or any other body which alone or in conjunction with another party decides the purposes and means of processing personal data. If the means and purposes of this processing are decreed by EU law or the law of a specific member states, those responsible may decree the law of the EU or specific member state as legitimate grounds for doing so.
- Order processor: The order processor is a natural person or legal entity, civic or government office, agency or any other body which processes personal data under the instructions of the responsible party.
- Receiver: Receiver is the natural person or a legal entity, civic or government office, agency or any other body, which is able to openly view the personal data, independent of whether this relates to a Third Party or not. Government agencies, which according to EU law or that of a member state, may receive or view personal data resulting from an investigational probe, are not considered to be receivers.
- Third Party: Third Party is a natural person or a legal entity, civic or government office, agency or any other body which is authorised to process the data, other than the affected person, the entity processing the order and those persons under the direct responsibility of those responsible or who have been given access by the organisation processing the order.
- Consent: Consent is the informed and unequivocally granted permission, given voluntarily by the affected person, for the specific processing of the affected person’s personal data, for the purpose of the specific case for which the processing is necessary.
2. Collection of Data
James Meads Media & Consulting Ltd.’s website compiles an automatic log of data and information, each time an affected person or automated system accesses our website. These general pieces of data and information are saved in log files on our servers. The following may be recorded:
a) Browser type and version,
b) the operating system installed on the computer accessing the site
c) the referral website from which the system accessed the site
d) any child pages which the system navigated to
e) the date and time the website was accessed
f) an Internet protocol address (IP-Address),
g) the Internet Service Provider used to access the site
h) other similar data and information, which serve the purpose of defending the site in the case of an attack on our IT systems or web presence
Through the use of this general data and information, James Meads Media & Consulting Ltd. does not seek to interfere with or pursue the affected person.This information is rather necessary for:
a) ensuring the content on our website is displayed and delivered correctly,
b) to optimise our website, along with any personalisation of advertising,
c) ensuring or IT systems and the technology used to host our website are able to function and operate over the long term
d) in the case of a cyberattack, to notify and be able to provide the law enforcement bodies with the required information.
This anonymously compiled data and information is used by James Meads Media & Consulting Ltd. on the one hand for statistical purposes, but primarily it contains the wider objective to ensure that data protection and data security is at an optimal level to ensure all personal data is processed by us in a secure manner. The anonymous server log file data is saved separately from any personal data entered by the affected person.
3. Legal or contractual regulations for providing personal data; Mandatory requirements to process contracts; obligations of affected persons to provide personal data; potential consequences of not providing this data
We would like to make you aware that the provision of personal data is in some cases a legal requirement (e.g. tax provisions) or could also be a requirement for contractual reasons (e.g. details necessary for a contractual partner). From time to time it can also be necessary for an affected person to make available personal data to us in order to process a specific request. The affected person is obliged to provide us with personal data, for example, if our company concludes a contract with them. Not providing this data may hinder or prevent a contract or transaction being concluded or processed. Before providing us with personal data, the affected person may contact our data protection officer for an individual clarification of whether this data is a legal requirement, or whether it is a contractual requirement or just simply necessary in order to perform the services contained within the contract. We will also provide clarification around any potential consequences of not fulfilling this request and providing the required data.
4. Use of personal data by means of opt-in for Newsletter
On James Meads Media & Consulting’s website, the users have the option to subscribe to our newsletter and be added to our email list. The necessary personal data we require from you to distribute this newsletter is referenced in the sign-up forms used.
James Meads Media & Consulting informs its customers and business partners at regular intervals through means of this newsletter about any special offers and new content published on the website. Our company newsletter can in principle only be received if:
a) The affected person has a valid email address and
b) The affected person registers i.e. signs up to receive the newsletter
In addition, when the affected person subscribes to our Newsletter, we also save the IP address from the user’s Internet Service Provider (ISP) at the time of their subscription, as well as the date and time of the registration. Holding this data is required so as to re-trace any (possible) misuse of an affected person’s email address and therefore serves as a legal safeguard for the person responsible for processing the data.
Any personal data collected for the purpose of distributing our Newsletter shall be used exclusively for this means only. Furthermore, email Newsletter subscribers can be informed by email. Additionally, subscribers may be informed via email in instances which could result in changes to our Newsletter service or ensuing technical circumstances. Any personal data used for the purpose of sending Newsletter by email is not shared with any other Third Parties. Subscription to our newsletter may be cancelled at any time. The permission to store any personal data granted to us by the user at the point of subscribing may be revoked at any time. The link at the bottom of each email enables the user to revoke this permission. In addition, the possibility also exists to unsubscribe from our Newsletter by using the contact form or email address shared on our website, or any other reasonable means of direct communication.
5. Newsletter Tracking
James Meads Media & Consulting Ltd.’s email Newsletters contain so-called integrated pixels. An integrated pixel is a miniature graphic, which is embedded in such emails and sent in HTML format in order to enable recording of log data and log data analysis. This enables us to perform a statistical evaluation of the success or failure of a specific online marketing campaign. Through these embedded integrated pixels, James Meads Media & Consulting Ltd. is able to see whether and at what time an email was opened by a specific user and which links in the email were clicked by the affected person.
Any such personal data gathered through the integrated pixels contained in Newsletters are stored and evaluated by the responsible entity in order to optimise future Newsletters and email campaigns and improve the relevance of the content in line with the affected person’s interests and likes. This personal data is not shared with any Third Parties. Affected persons may at any time revoke this permission which was granted. Upon revoking this permission, the responsible entity will delete all of this personal data. Anyone who unsubscribes from the James Meads Media & Consulting Ltd. Newsletter is understood to have automatically revoked his or her permission.
6. Contacting us through the website
James Meads Media & Consulting Ltd. website offers the opportunity to make contact with the company through means of both an electronic contact form, as well as containing a generic email address to reach us. Should an individual voluntarily and on their own free will send us an email or transmit data to us through a contact form embedded in one of our web pages, the personal data submitted by the individual will automatically be saved. None of this submitted data shall be forwarded to any other Third Parties.
7. Use of Cookies
In order to make our website more attractive to visitors and to enable the use of certain functions, we use so-called cookies on certain pages. These are small text files which are saved onto the end-user’s device. Some of the cookies we use are deleted at the end of a browser session i.e. when you close your internet browser (so-called session cookies). Other cookies remain on your device and enable us to recognise your browser the next time you visit the site (persistent cookies). You may configure your browser in such a way to enable you to be informed each time a cookie is placed on your device and in individual cases to decide whether or not to allow cookies for certain situations, or to generally block them. Refusing cookies, however, may result in the reduced functionality of our website.
8. Usage of Google (Universal) Analytics for website statistical analysis
This website uses Google (Universal) Analytics, a website analysis tool by Google Inc. (www.google.de or www.google.co.uk). Google (Universal) Analytics deploys methods to enable a statistical analysis of website use through means such as cookies, which are text files stored on your computer. The data gathered pertaining to your use of this website are generally transferred to a Google server located in the United States and stored there. Through activation of IP-anonymisation on this website, the IP address will be condensed inside a member state of the European Union or in other signatory states of the European Economic Area before this data is transferred across. The full IP address will only be transferred to the USA and condensed there in exceptional cases. The anonymised IP address which is transferred from your browser through the Google Analytics framework will not be consolidated with other data from Google.
You have the opportunity to prevent the gathering and processing of this data (incl. your IP address) through means of a cookie placed by Google, by clicking on the following link and installing the available browser plug-in: https://tools.google.com/dlpage/gaoptout?hl=en.
As an alternative to the browser plug-in you can click this link in order to prevent the collection of data through Google Analytics. Consequently, an opt-out cookie will be placed on your end device. If you delete your cookies, you will need to click on the link and repeat the process once again.
9. Embedded Videos and Images from external websites
Some of our web pages contain embedded content from YouTube. By accessing a page of our website containing videos or images from a YouTube Channel, no personal data is transferred, save for the IP address. The IP address in the case of YouTube is transferred to Google Inc., 600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google“).
10. Notification of changes
Changes to the law or changes to our internal processes may necessitate us to revise this privacy policy. In such a case, we will notify you latest 6 weeks before these changes take effect. Your right to withdraw the original consent given (Clause 6) remains unaffected nonetheless.
Please note that the current version of this privacy policy is that which is in effect at any given time (provided you do not exert your right to withdraw consent)
11. Updating/Deletion of your personal data
At any time you have the right to check any personal data you have provided to us, and to change or to delete this, by means of sending an email to us at the email address info@jamesmeadsconsulting.com. If you are a subscriber or a member of our site, at the same time you may also suspend any information being sent in the future.
You also have the right to revoke any previously given consent, effective from a certain point in time in the future.
The deletion of any stored personal data shall occur when you withdraw your consent to us for storing any of said data. The responsible entity shall only process and store an affected person’s data for the time period necessary to achieve the purpose for which this data is required, or provided this was intended through the European legal and regulatory bodies or another responsible regulatory body through laws or regulations which specify the responsibility for data processing.
The personal data will be routinely frozen or deleted in instances where the purpose for storing such data becomes null and void, or in the case where the mandatory retention period as set by European legal and regulatory bodies or another responsible regulatory body shall expire.
12. Rights of persons affected
The European legal and regulatory bodies grant every affected person the right to request a confirmation from the responsible entity of whether any related personal data has been processed. Should an affected person wish to exercise their rights with the responsible entity, he/she may request this at any time by contacting the responsible data protection officer or any other employee who bears responsibility for processing an individual’s personal data.
Every person impacted by the processing of their personal data has been granted the right by the European legal and regulatory bodies to request disclosure from the responsible entity of exactly what personal data is being processed and stored, and to request a copy of such information. Additionally, the European legal and regulatory bodies accord the affected person rights of disclosure surrounding the following information:
- The reasons for processing
- The categories of personal data being processed
- The receivers or categories of recipients to whom the personal data have been made visible to or remain visible to, especially in cases where recipients are in third countries or are international organisations.
- If possible the estimated period for which the personal date shall be stored, or in cases where this is not possible, the criteria used to determine this period.
- The existence of the right to be notified, or of deletion, of affected personal data, or of restrictions and limitations affecting the responsible entity regarding the processing of this data, or of the right to revoke any original permission which has been granted.
- The existence of the right to pursue a complaint through a regulatory authority
- If the personal data is not compiled by the affected person: All available information pertaining to the origins of the data
- The existence of an automated decision-making including profiling according to Art. 22, Paragraphs 1 and 4 of the GDPR and – at least in these cases – information regarding the logic used, together with the consequences and the meaningful effects of this type of processing which relates to the affected person.
Furthermore the affected person has the right to request information regarding whether personal data was transferred to a third country or an international organisation. Where this may be the case, the affected person has the additional right to obtain information pertaining to any applicable guarantees in relation to the data transfer.
If an affected person wishes to exercise their right to be informed, at any time they may contact the data protection officer or any employee at the responsible entity.
Each person affected by the processing of personal data has the right, enshrined in law by the European legal and regulatory bodies, to promptly demand the correction of any personal data relating to them which is found to be incorrect or inaccurate. Furthermore the affected person has the right, under consideration of the means which were used for processing, to demand the completion of any personal data being held which is deemed to be incomplete, if necessary by means of a supplementary declaration.
If an affected person wishes to exercise their right to be informed, at any time they may contact the data protection officer or any employee at the responsible entity.
Each person affected by the processing of personal data has the right enshrined in law by the European legal and regulatory bodies to demand from the responsible entity that they immediately delete their data being held, provided that one of the following reasons applies:
- The personal data were used for such purposes or on such grounds which are no longer deemed necessary.
- The affected person revokes their consent upon which Article 6, Paragraph 1, Letter a) of the GDPR was based, and no other reasonable legal grounds for processing are deemed to exist.
- The affected person lodges a complaint against the processing of their data according to Article 21, Paragraph 1 of the GDPR and no legitimate interest exists, or the affected person lodges a complaint according to Article 21, Paragraph 2 of the GDPR.
- The personal data were processed unlawfully.
- The deletion of personal data is for the fulfillment of a legal requirement pertaining to EU law or the law of a member state under whose jurisdiction the responsible entity falls.
- The personal data were collected in relation to services provided through the information society according to Article 8, Paragraph 1 of the GDPR.
As far as one of the aforementioned reasons apply and an affected person wishes to pursue a deletion of personal data which are stored by James Meads Media & Consulting Ltd, they may do so at any time through contacting any employee of the responsible entity or Mr. James Meads directly. They commit to ensure that the request for deletion of data is promptly exercised.
Should personal data from James Meads Media & Consulting Ltd be made public and our organisation is responsible to delete such data as stipulated under Article 17, Paragraph 1 of the GDPR, James Meads Media & Consulting Ltd shall carry out measures to instruct those who are responsible for processing the personal data which has been made public that the affected person has instructed them to delete all related links to these data or any copies or replication thereof, provided that processing of this data is not a necessary requirement. James Meads Media & Consulting Ltd commits to this undertaking whilst taking into consideration the available technology, methods and costs of the appropriate and reasonable means to do so. James Meads Media & Consulting Ltd shall perform the necessary tasks for individuals on a case-by-case basis.
Every person affected by processing or personal data has the right enshrined by the European legal and regulatory bodies to demand limitations to the processing of their data, if one of the following criteria is met:
- The accuracy of the personal data is contested by the affected person, in cases where the timeframe enables the responsible entity to carry out an investigation to check and confirm the accuracy of the data.
- The processing is unlawful, the affected person declines to have their personal data deleted but demands instead to have limitations placed on which personal data may be processed.
- The responsible entity no longer requires personal data for the purpose of processing but the affected person nonetheless requires it for enforcing, exercising or defending a legal claim.
- The affected person has lodged a complaint against the processing of data according to Article 21, Paragraph 1 of the GDPR and it is not yet clear whether the legal basis of the responsible entity outweighs those complaints made by the affected person.
As long as one of the aforementioned conditions are met and an affected person demands a limitation on personal data which is stored by James Meads Media & Consulting Ltd, they may at any time contact Mr. James Meads or any other employee of the responsible entity, who shall then proceed to implement these limitations on the processing of their data.
Every person affected by the processing of personal data has the right enshrined by the European legal and regulatory bodies to have any details of any data being held by the responsible entity given to them in a structured, typically recognised machine-readable format provided to them. Furthermore, they also have the right to have this data transferred by the responsible entity, without obstruction to another responsible entity for processing, as long as this permission for processing has been granted according to Article 6, Paragraph 1, Letter a) of the GDPR or Article 9, Paragraph 2, Letter a) of the GDPR or according to a contract compliant with Article 6, Paragraph 1, Letter b) of the GDPR and is carried out by means of an automated process, provided that the data transferred to the responsible entity is not considered to be assigning any duty or notice which could be in the public interest or public authority.
When exercising their right regarding the transferability of data according to Article 20, Paragraph 1 of the GDPR, the affected person additionally has the right to effect that the personal data is transferred directly from one responsible entity to another, insofar as this is technically possible and provided that the rights and freedoms of other persons are not impaired. The affected person my exercise their right to data transfer at any time by contacting Mr. James Meads or any other employee of James Meads Media & Consulting Ltd.
Each person affected by processing of their personal data has the right, enshrined in law by the European legal and regulatory bodies, to lodge a complaint according to Article 6, Paragraph 1, Letter e) of the GDPR against the processing of their personal data, for reasons ensuing from their own individual circumstances. This is also valid for any profiling related purposes.
James Meads Media & Consulting Ltd shall cease to process personal data in cases where a complaint has been lodged, except for instances where we can demonstrate a need to do so on compelling grounds of protecting the interests, rights and freedoms of the affected person, or where it may facilitate the processing, validation or enforcement of a legal claim.
If James Meads Media & Consulting Ltd uses personal data for means of sending direct marketing campaigns, the affected person has the right at any time to file an objection for their personal data to be used for marketing purposes. This also applies to profiling, insofar as this is connected to direct marketing campaigns. Should an affected person withdraw permission to use their personal data for purposes of direct marketing, James Meads Media & Consulting Ltd shall no longer use their data for this purpose.
In addition, the affected person has the right, for reasons ensuing from their own individual circumstances to file an objection against the respective processing of personal data which is undertaken by James Meads Media & Consulting Ltd for scientific, historical or statistical purposes according to Article 89, Paragraph 1 of the GDPR, except for cases under which such processing of data is required to fulfil an activity which is in the public interest.
To exercise their right to file an objection, the affected person may contact Mr. James Meads or any employee of James Meads Media & Consulting Ltd. The affected person is, in addition, also free to exercise this right in conjunction with any electronic or online means which may be available to exercise their right through any automated process via digital technology, notwithstanding the directive 2002/58/EG.
Each person affected by the processing of personal data has the right enshrined in law by the European legal and regulatory bodies to not be subjected to an automated processing – including profiling – which is displayed in relation to the legal outcome or could otherwise considerably impair them, insofar as the decision
a) is not a necessary requirement for the conclusion or fulfillment of a contract between the affected person and the responsible entity, or
b) is permissible based on the statutory provisions of the EU or those of a member state under which the responsible entity is subjected to and these statutory provisions contain sufficient measures to protect the rights and freedoms, along with any legitimate interests of the affected person, or
c) is made with express consent of the affected person.
If the decision is
a) necessary for the conclusion or the fulfilment of a contract between the affected person and the responsible entity, or
b) resulting from the express consent of the affected person, James Meads Media & Consulting Ltd shall take the required measures to protect the rights and freedoms and also to preserve the legitimate interests of the affected person, whereby the right belongs to obtain the access of a person on the part of the responsible entity, upon disclosure of the individual position and upon appeal of the decision.
Should an affected person wish to exercise their right in relation to automated decisions, they may at any time contact our data protection officer or any other employee of the responsible entity for processing the data. Every person affected by the processing of personal data has the right enshrined by the European legal and regulatory bodies to withdraw their consent at any time for processing of personal data.
Should an affected person wish to make use of their right to withdraw their consent, they may at any time contact Mr. James Meads or any other employee of the responsible entity i.e. James Meads Media & Consulting Ltd.
13. Legal Foundation for Processing
Article 6, Paragraph 1, Letter a) of the GDPR serves as the legal foundation for the instance of processing data, under which we obtain consent from the individual for the purpose of processing. In the case where the processing of personal data is necessary to fulfil a contract, under which the contracting party is the affected person, such as may be the case for example to fulfil a transaction which necessitates the delivery of goods or a service, or a reciprocal service in return, the processing of data is under the grounds of Article 6, Paragraph 1, Letter b) of the GDPR. The same is valid for such purposes for processing, which relate to necessary data for carrying out pre-contractual assessments which are necessary in relation to preparing details of our products or services. If our company has a legal obligation through which the collection and processing of personal data is necessary, e.g. for such means as providing legally mandated tax information, the processing is based on Article 6, Paragraph 1, Letter c) of the GDPR. In rare cases, the processing of personal data may be necessary to protect vital interests of an affected person or another individual person. This would be the case for example, if a visitor to our company was injured and we needed to provide their vital data such as name, age, health insurance data or other essential information to a doctor, hospital or other related third party. This processing would be covered under Article 6, Paragraph 1, Letter d) of the GDPR. Ultimately the procedures for processing could rest on Article 6, Paragraph 1, Letter f) of the GDPR. Procedures for processing based on this legal foundation are all those which cannot be apportioned to any of the other previously listed legal foundations, if the processing falls under what could be deemed as necessary under the legitimtate interests of our company or that of a third party, as long as the interests, basic rights and basic freedoms of the affected person are not outweighed. Such procedures for processing are therefore in particular permitted because they are especially referred to by the European legislative body. It takes the view that a legitimate interest could be presumed if the affected person is a customer of the responsible entity (Ground for Consideration 47, Sentence 2 of the GDPR).
14. Legitimate Interests for data processing which are pursued by the responsible entity or from a Third Party
If the processing of personal data is justified on the grounds of Article 6, Paragraph 1, Section f) of the GDPR, our legitimate interest is to carry out all of our business activities for the benefit and advantage of all our employees and our shareholders.
15. The responsible party and your contact person
For any queries relating to the collection, processing or use of your personal data, for information, rectification, blocking or deleting data, as well as revoking previously granted consent or revoking specific usage of your data, please send all enquiries and correspondence to:
James Meads – Director
James Meads Media & Consulting Ltd.
ul. Razvigor 2, 1421 Sofia, Bulgaria
Phone: +359 87 9963569
Email: info@jamesmeadsconsulting.com