Privacy Policy

Privacy Notice

This privacy policy sets out how Hattie Weeks uses and protects any information that you give Hattie Weeks when you use this website
Hattie Weeks is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement. Hattie Weeks may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 21st May 2018 and replaces any policy detailed before.

What is this Privacy Policy for?

This privacy policy is for this website and served by Hattie Weeks trading as Hattie Weeks and governs the privacy of its users who choose to use it.
The policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the users, the website and website owners. Furthermore the way this website processes, stores and protects user data and information will also be detailed within this policy. This website and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies to all UK national laws and requirements for user privacy.

Business purposes: The purposes for which personal data may be used by us:
Business purposes include the following:
Compliance with our legal obligations and good practice
Ensuring business policies are adhered to (such as policies covering email and internet use)
Improving services
Personal data: Information relating to identifiable individuals, such as clients.
Personal data we gather may include:
Individuals’ contact details including names, addresses, phone numbers and email addresses

Who is responsible for this policy?
As our Data Protection Controller, Hattie Weeks, has overall responsibility for the day-to-day implementation of this policy.


The Data Protection Controller’s responsibilities:
We process personal data fairly and lawfully in accordance with individual’s rights. This generally means that we do not process personal data unless the individual whose details we are processing has consented to this happening.

The Data Protection Controller’s responsibilities:
Reviewing all data protection procedures and policies on a regular basis
Responding to individuals such as clients who wish to know which data is being held on them by Hattie Weeks
Accuracy and relevance
We will ensure that any personal data we process is accurate, adequate, relevant and not excessive, given the purpose for which it was obtained. We will not process personal data obtained for one purpose for any unconnected purpose unless the individual concerned has agreed to this or would otherwise reasonably expect this.
Individuals may ask that we correct inaccurate personal data relating to them. If you believe that information is inaccurate you should record the fact that the accuracy of the information is disputed and inform the Data Protection Controller, Hattie Weeks.

Data retention
We retain personal data for no longer than is necessary. What is necessary will depend on the reasons that the personal data was obtained, but will be determined in a manner consistent with our data retention procedures.
In practice, it means that we:
Review the length of time we keep personal data;
Consider the purpose or purposes we hold the information for in deciding whether (and for how long) to retain it;
Securely delete information that is no longer needed for this purpose or these purposes; and update, archive or securely delete information if it goes out of date.
Transferring data internationally
Hattie Weeks does not transfer personal data anywhere outside the UK without first consulting the Data Protection Controller.

Subject access requests
Please note that under the Data Protection Act 1998, individuals are entitled, subject to certain exceptions, to request access to information held about them.
Please contact the Data Protection Controller if you would like to correct or request information that we hold about you. There are also restrictions on the information to which you are entitled under applicable law.
Processing data in accordance with the individual’s rights
Hattie Weeks will abide by any request from an individual not to use their personal data for direct marketing, e.g. Email Marketing Campaigns.
Hattie Weeks will not send direct marketing material to someone electronically (e.g. via email) unless we have an existing business relationship with them in relation to the services being marketed.

The Website
This website and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies to all UK national laws and requirements for user privacy.

Use of Cookies
This website uses cookies to better the users experience while visiting the website. Where applicable this website uses a cookie control system allowing the user on their first visit to the website to allow or disallow the use of cookies on their computer or device. This complies with recent legislation requirements for websites to obtain explicit consent from users before leaving behind or reading files such as cookies on a user’s computer or device.
Cookies are small files saved to the user’s computers hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors.
This website uses tracking software to monitor its visitors to better understand how they use it. This software is provided by Google Analytics which uses cookies to track visitor usage. The software will save a cookie to your computers hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information. You can read Google’s privacy policy here for further information
Other cookies may be stored to your computers hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.

Contact & Communication
Users contacting this website and/or its owners do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use, as detailed in the Data Protection Act 1998. Every effort has been made to ensure a safe and secure form to email submission process but advise users using such form to email processes that they do so at their own risk.
This website and its owners use any information submitted to provide you with further information about the products / services they offer or to assist you in answering any questions or queries you may have submitted. This includes using your details to subscribe you to any email newsletter program the website operates but only if this was made clear to you and your express permission was granted when submitting any form to email process. Or whereby you the consumer have previously purchased from or enquired about purchasing from the company a product or service that the email newsletter relates to. This is by no means an entire list of your user rights in regard to receiving email marketing material. Your details are not passed on to any third parties.

External Links
Although this website only looks to include quality, safe and relevant external links, users are advised adopt a policy of caution before clicking any external web links mentioned throughout this website. The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should therefore note they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.

Social Media Platforms
Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
Shortened Links in Social Media
This website and its owners through their social media platform accounts may share web links to relevant web pages. By default some social media platforms shorten lengthy urls [web addresses]).
Users are advised to take caution and good judgement before clicking any shortened urls published on social media platforms by this website and its owners. Despite the best efforts to ensure only genuine urls are published many social media platforms are prone to spam and hacking and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.

Resources & Further Information
Data Protection Act 1998
Privacy and Electronic Communications Regulations 2003
Privacy and Electronic Communications Regulations 2003 – The Guide
Twitter Privacy Policy
Facebook Privacy Policy
Google Privacy Policy
Linkedin Privacy Policy

General Data Protection Regulation (GDPR) provisions
Where not specified previously in this policy, the following provisions will be in effect on or before 25 May 2018.
Privacy Notice – transparency of data protection
Being transparent and providing accessible information to individuals about how we will use their personal data is important for our organisation. The following are details on how we collect data and what we will do with it:
What information is being collected?
Who is collecting it?
How is it collected?
Why is it being collected?
How will it be used?
Identity and contact details of any data controllers
Data Retention period: 12 months
Conditions for processing
We will ensure any use of personal data is justified using at least one of the conditions for processing and this will be specifically documented. The conditions for processing will be available to data subjects in the form of a privacy notice.

Justification for personal data
We will process personal data in compliance with all six data protection principles.
We will document the additional justification for the processing of sensitive data, and will ensure any biometric and genetic data is considered sensitive.

1. Consent
The data that we collect is subject to active consent by the data subject. This consent can be revoked at any time.

2. Criminal record checks
Any criminal record checks are justified by law. Criminal record checks cannot be undertaken based solely on the consent of the subject.

3. Data portability
Upon request, a data subject should have the right to receive a copy of their data in a structured format. These requests should be processed within one month, provided there is no undue burden and it does not compromise the privacy of other individuals. A data subject may also request that their data is transferred directly to another system. This will be done for free.

4. Right to be forgotten
A data subject may request that any information held on them is deleted or removed, and any third parties who process or use that data must also comply with the request. An erasure request can only be refused if an exemption applies.
Privacy by design and default
Privacy by design is an approach to projects that promote privacy and data protection compliance from the start. The Data Protection Controller will be responsible for conducting Privacy Impact.
When relevant, and when it does not have a negative impact on the data subject, privacy settings will be set to the most private by default.

5. International data transfers
No data will be transferred outside of the EEA without specific consent from the data subject prior to transferring their data outside the EEA.

6. Data audit and register
Regular data audits to manage and mitigate risks will inform the data register. This contains information on what data is held, where it is stored, how it is used, who is responsible and any further regulations or retention timescales that may be relevant.

The Data Protection Controller has overall responsibility monitor this policy regularly to make sure it is being adhered to.
We take compliance with this policy very seriously
If you have any questions or concerns about anything in this policy, please do not hesitate to contact the Data Protection Controller, Lizzie Rolfe.
v.2.0 21st May 2018 edited & customised by: Lizzie Rolfe trading as Willow Nannies, 7 Kings Farm Ave, Richmond, TW10 5AE

More information about the information we potentially hold

What information is being collected?
Can included and is not limited to:
Personal information such as full name, address, email address and contact phone number

Who is collecting it?
Hattie Weeks will collect this information.

How is it collected?
The way Hattie Weeks collects information includes but is not limited to; verbally, via email, in written form or via social media platforms such as FaceBook and Whatsapp and via contact forms on

Why is it being collected?
Hattie Weeks collects data to communicate with enquiries from potential clients or to correspond directly with current clients.

How will it be used?
It will be used solely for the use of communicating directly with clients or enquiries.
Information will not be sold or used for research purposes.

Information security.
Please be aware that communications over the Internet, such as emails/webmails, are not secure unless they have been encrypted. Your communications may route through a number of countries before being delivered – this is the nature of the World Wide Web/Internet. Hattie Weeks cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.

Identity and contact details of any data controllers
Hattie Weeks:

Data Retention period
Hattie Weeks will hold information on an individual for 12 months.
If you communicate frequently through Hattie Weeks we will potentially need to keep information for longer than 12 months.