The Ipseita management team last reviewed and amended this policy on 30 April 2020. We will check it and amend it from time to time, particularly when we add facilities to this website. We aim to keep the policy up to date.
Ipseita believes in the right of individuals to remain private. We want people to visit our website and if they find something interesting, to engage with us; but if you don’t want to do that, we will not attempt to discover your personal data. We strongly believe that an individual’s personal data is theirs to use and benefit from, and not for others to use unless the individual has given permission to use their personal data for specific purposes.
Our commitment to privacy came long before the EU’s General Data Protection Regulation (GDPR) and GDPR laws like that implemented in the UK. We aim to comply with and go beyond the requirements of GDPR laws.
Preamble: throughout this policy “we” or “us” or “our” means Ipseita, and “user” or “you” or “your” means any visitor to Ipseita’s website or anybody who contacts us for a legitimate purpose. By an “individual” we mean a natural person, and not a company, nor some piece of software nor a robot. We use the term “contacts us” to mean an action or actions of an individual that they freely take to communicate with us, whether the individual already works with us or is unknown to us. Our policy assumes that users will act in good faith: if our processes and systems determine that a user is likely to be malicious or acting to the detriment of Ipseita or others who contact us, we will collect and keep data that is needed for a “security process” to protect Ipseita and others. Note that in this policy we distinguish between “personal data” that relates to identifying an individual, and other “identifying data” that allows us to tell users apart so that we can, for example, count unique visitors to our website and work out what part of the world they are connecting from.
Who we are and what we do
Ipseita is the trading name for Ipseita Limited, a company registered in England and Wales with company number 11041919. For certain aspects of its enterprise Ipseita Limited trades with other related names, such as Ipseita and “Ipseita Labs”. We have an educational product with related services that is called “Digital Acumen“. We are specialists in software systems for business – particularly those that involve areas of data science like machine learning and big data, and those that involve decentralised solutions that include smart contracts and blockchain/distributed ledger technologies. We consult to clients and design or build solutions for them. To support our thought leadership activities, we design and develop internal tools. We also develop educational products for client organisations. As a company we have a social mission to help individuals benefit from the value of their personal data and to understand the impact of digital on their future.. This mission is embodied in the Nymidy project and the Digital Acumen educatonal offering.
Personal data and anonymous or pseudonymous data
The term “personal data” is taken to mean information that can be used to identify living individuals. A simple example would be a name with an address a location, or some set of physical characteristics. From our work in data science, we know that the term comes across as simpler than it should: modest amounts of anonymous or pseudonymous data can be interrelated to infer the identity of a unique individual. This means that to infer identity companies can harvest data that is not freely or knowingly given. As a matter of our ethical position and as a matter of policy, we choose not to do this or to otherwise attempt to uncover a user’s personal data. If a user becomes a contact, we will safely store the personal data our contact provides us.
Consequently, we distinguish between personal data and data for differentiating between users on our website whose identity we do not try to know. We need to collect data to be able to differentiate between users to understand how individuals make use of our website and to have the opportunity to gain insights into users’ interests. We dispose of anonymous user data as soon as we can, and commit not to infer to a personal, or near-personal level with what remains without informed consent.
Permitting us to use personal data for specific purposes
We do not collect either general or personal data ‘just in case’ or because it’s the usual thing to do, and we only keep personal data if a user has given us explicit permission to do so. In other words, the only personal data we keep is what you directly provide to us for your purposes. To give permission for us to store and use your personal data involves you contacting us and consenting for us to store personal data. Whatever way you contact us, we take the same approach to checking that you want us to keep personal data you have provided us and for what purpose.
For example, if you use our website’s contact forms to ask us for information or provide us with information, we will “register” your details and purposes and respond with a “registration email” that asks you to confirm or change what we have stored. We may ask you to follow a security process as part of registration.
If an individual or entity contacts us with information irrelevant to our mission, e.g. promoting irrelevant business or inviting us to use inappropriate services or websites, we may collect and store as much data as might be needed to block such emails or pass them on to national or international law-enforcement authorities as required.
Once you have registered personal details and information requirements, we will only contact you about the areas of Ipseita’s activities you tell us you are interested in. If we think there is new stuff coming up that might interest you, we may mention it, but will leave it to you to tell us that you want to know more.
If you make a purchase from us, or register as a user with an account, we will provide you with facilities to manage your personal data, including further GDPR compliance tools. Separate terms, privacy and cookie policies apply to customers and registered users which will be stipulated for agreement at the time of purchase or registration.
Keeping personal data secure
We use a variety of computer systems and encrypt your personal data when it is in transit and when it is at rest, i.e. when we store it. All the systems we use are in the UK. We do not share your data with any other organisation.
Contact information such as email addresses are stored securely and are only made available within the company to people who need to have access to them and who have signed up to Ipseita’s confidentiality requirements.
Ipseita will email its contacts from time to time with news or information about what its contacts are interested in. The email systems used have been selected because of their security attributes and use of encryption.
Cookies and similar technologies, and visitor logs
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles). Embedded content from other websites behaves in the exact same way as if our visitor has visited the other website. We aim to identify any website we use from which content is embedded; you may want to check if that website collects data about you, for example, using its own cookies. Please be aware that the original website for embedded content might use their own or third-party tracking, might monitor your interaction with the embedded content, etc.
Ipseita Limited is the Data Controller and primary Data Processor. Ipseita’s contacts and members, subscribers and other participants of the Digital Acumen courses are Data Subjects and GDPR laws stipulate the rights such users have.
We use reputable service providers which document their GDPR compliance for secure and encrypted email, and the storage of contact personal data. Such service providers act as Data Processors. For example, Ipseita uses Google Analytics as a Data Processor to help us understand from anonymous data how visitors use our website.
There are a variety of requests you can make regarding your rights of access, portability, erasure (known as ‘forgetting’), restricting processing and rectification of your data. In compliance with GDPR laws, we can only undertake these actions if we are able to verify your identity and authority to make a request. If, as a contact, you need further information, or wish to initiate such actions, please use our Privacy Enquiry Form and we will respond by email.
If you wish to make a complaint or wish to notify us of a suspected data breach, please use the form below.
1. What personal data does Ipseita keep?
Only if you contact us, do we keep your name and email address and topics you are interested in. You can change these at any time or delete your personal details or have them forgotten.
2. What other data does Ipseita collect and keep?
Data needed for the purposes of a security process or to solve security or performance problems or to improve the website. Such data is discarded promptly after use.
3. What do you send to Google Analytics?
We send an anonymous unique identifier and an obfuscated internet address used to recognise a visitor and their geographic region.
4. Where else do we send your data?
Generally, nowhere. If we are trying to solve a security problem, we might use an external service to check an email address or an IP address.
5. Who else do we share your data with?
6. How long do we retain your data?
While you remain an Ipseita contact, we will keep your data. If we detect that your email is not working, we will delete your data. You will be able to delete your data and action a process to forget your details at any time.
7. What rights do you have over your data?
Your personal data which we hold is yours. We have no rights to it, but if necessary, from time to time, we may have to use your data when improving the website or troubleshooting a problem, or as a part of a security process. For the protection of Ipseita and its contacts, we reserve the right to delete contacts.
8. How do we protect your data?
We encrypt your data and store it using secure services provided by reputable companies.
9. What data breach procedures do we have in place?
We have systems in place to monitor and report on access to stored data. If we detect the possibility of a breach or recognise a breach has taken place, we will announce it on our site and communicate the situation to our contacts within 24 hours. We monitor communication via our Privacy Enquiry Form through which users can tell us if they suspect a breach has taken place.
10. Does Ipseita obtain data from others to compare with my data?
11. What automated processing is done with on users’ data?
We automatically encrypt and decrypt data as needed. We may also have to process personal data if we have to investigate and solve a problem with a security process. The only modelling for analysis or prediction that is routinely carried out on data collected from the website is to do with Ipseita improving its content and better meeting the interests of website users.