I’m a sole trader operating under the business name Sally Moss Editorial.
My editorial services include research and development, writing, editing and proofreading.
I serve a range of clients (businesses, non-profits, public sector bodies, independent authors, academics and students).
My clients are based all over the world.
These include suppliers and fellow editorial professionals.
This policy describes the personal data I hold on clients and other contacts, how I use it and how I keep it safe.
Last updated 31st March 2020
What I do with the personal data I hold
I use it to do these things:
- respond to enquiries
- communicate with clients
- communicate with other contacts, including in my role as coordinator of the Liverpool group of the Chartered Institute of Editing and Proofreading (CIEP)
- monitor my productivity
- take payment from clients
- pay suppliers
- maintain records required by HMRC.
I don’t use the data I collect for any other purpose, such as to send out marketing communications, without active consent.
I don’t pass the data I collect on to third parties, unless I am required to by law, for example in the case of a tax audit by HMRC.
Types of personal data I hold
I may hold any of the following personal data on my contacts:
- email address
- postal address
- phone number
- Skype ID
- social media handles
- additional personal data supplied to me in emails or documents, including documents for editing
- additional data on Liverpool CIEP group members (CIEP membership status and attendance of meetings)
- payment history.
Sensitive personal data
I don’t collect any sensitive personal data (such as ethnic origin or criminal history).
However, I may be asked to work on documents that contain sensitive personal data about the author(s) or other people. I will keep such data fully confidential and I will delete the data on request by the data subject once the work is complete.
Where I store personal data (see below for details of specific platforms)
- I store the emails I receive, which contain email addresses and other contact information, in my email platform.
- Postal addresses will also be stored on electronic records of invoices.
- If you use the contact form on my website to contact me, your email address and message will also be stored in the backend of the website as a backup.
- Details of payments are stored, with client names, in my accounting spreadsheets. Details of PayPal payments are also stored on the PayPal site.
- Suppliers’ invoices may be stored in paper form.
- I use an online productivity tool (Toggl) to record name of client, type of project (but no document titles or other information), fee and time spent.
- Documents, including documents for editing, are kept on the hard drive of my computer and all files are also backed up to Dropbox.
Platforms and providers
I access the personal data I hold on a personal computer and a smartphone, both of which are password-protected (on start-up and wake-up). Virus and malware protection is installed and up to date.
Before I dispose of any hardware I ensure that all data is permanently deleted.
All my provider accounts are password-protected.
How long I keep data for
I generally keep contacts’ personal data indefinitely unless I am asked to delete it. In the case of clients, this is because they sometimes require my services after long intervals, depending on their needs.
Removal of data
I will remove your personal data from my records on request, unless it is data I am legally required to keep, such as information I might be required to supply for a tax audit by HMRC. I will aim to carry out any removal of data within 30 days.
You are very welcome to ask me what personal data I hold on you and how I handle your personal data, or to ask me to remove any of your personal data from my records.