The Noisy Brain takes your privacy seriously. That is why we will only use your personal information to provide you with the products and services you have requested, as well as to administer your account. We will not sell or share your information with third-parties you grant us explicit permission to do so, and we will never use your personal data for any reason other than the reasons described within this policy.
The Noisy Brain Limited is the trading name of The Noisy Brain, which is registered in England and Wales and registered with the UK’s Information Commissioner’s Office under the Data Protection Act 2018. Our data controller is Frances Gaillard firstname.lastname@example.org, and we encourage you to get in touch with any questions you may have.
HOW DO WE DO BUSINESS
The Noisy Brain is committed to upholding and maintaining your personal rights. We operate our business in-line with the European Union’s General Data Protection Regulation and observe your rights to change or withdraw your opt-in options at any time. As part of our ongoing commitment to uphold your rights, The Noisy Brain will also extend advice on how you can issue formal complaints to relevant authorities, such as the Information Commissioner’s Office.
This policy applies to all our personnel, including contributors, musicians and other individuals with whom we do business. It is the responsibility of all personnel to:
PERSONAL INFORMATION COLLECTED
The Noisy Brain only collects personal information that is necessary for the Platform's functions and activities. This includes personal information collected when you sign up for the Platform via third party websites. This information will only be collected with the consent of the individual or otherwise in accordance with the law.
The Noisy Brain does not collect any sensitive data about you. Sensitive data refers to (but is not limited to) information about your race or ethnic background, religious or political affiliations, trade union affiliations, sexual orientation, criminal background or health background.
As with many other websites, the web servers used to operate the Platform may collect certain non-personal data pertaining to users of the Platform and the equipment and communications method that they use to access the Internet and the Platform. Without combining this data with other sources of information, they do not readily or personally identify individuals. They may reveal such things as the Internet protocol ("IP") address assigned to an individual's computer, specific pages that an individual accessed on the Platform or immediately prior to visiting the Platform, and the length of time spent in a visit to the Platform.
The purposes for which this information is collected and used include facilitating Platform operation and system administration, the generating of aggregate, non-identifiable statistical information, monitoring and analysing Platform traffic and usage patterns, and improving the content and content delivery with regard to the Platform and the content, materials, opportunities, and services that we describe or make available on the Platform.
You may receive regular updates from The Noisy Brain on actions to take. If at any time you would like to unsubscribe from our email list, you may do so by clicking the unsubscribe link in the email.
We may also use "cookies" (small text files stored on users' computers) to help track and customise access and use of the Platform. Cookies store and retain information that helps us recognise individuals when they return to the Platform following a previous visit. Most popular Internet browser packages allow one to configure the browser so as not to accept cookies. However, setting your browser to reject cookies may, in certain instances, prevent you from taking full advantage of the Platform and the materials, products, and services that we make available on the Platform.
YOUR RIGHTS AND PREFERENCES
In line with the European Union’s General Data Protection Regulation ("GDPR"), GDPR gives certain rights to individuals in relation to their personal data and as we have made available a number of tools for you to exercise these rights. As available and except as limited under applicable law, the rights afforded to individuals are:
You are able to exercise your rights through your account settings page when logged in to the site which gives you options to update your personal information, contact preferences, data processing preferences and to suspend your account. You can request a copy of your data by emailing us at email@example.com.
STORAGE AND PROCESSING OF YOUR PERSONAL DATA
The Noisy Brain collects and stores data in the UK. We will store your data for a period of two years after your last recorded login attempt unless otherwise noted and explicitly stated. The Noisy Brain stores data relating to transactions, payments and orders for a period of up to seven years. This period may be extended under certain circumstances as part of our ongoing commitment to comply with UK and international law. We use carefully selected and recognised third-parties to help us take payments, provide commerce services and manage company accounts. Some of these third-parties may operate outside the European Union.
The Noisy Brain may process your data based on more than one legal ground. Circumstances under which we may be required to process your data under more than one legal grounds. The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (”EEA”), the country in which you reside, or the country from which you are accessing the Platform. We take reasonable steps to ensure that cross-border data transfers comply with existing data protection laws, such as working with third party processors certified in the EU-US Privacy Shield framework or with those that use standard contractual clauses that bind parties to protect the privacy and security of data.
USE AND DISCLOSURE OF PERSONAL INFORMATION
We will generally use and disclose personal information for purposes related to the main purpose for which the information was collected, or where the individual has consented to the use or disclosure. We may also use personal information to send you email communications promoting messages, content or actions on behalf of other organisations. These emails will always come from the Platform's email address.
In addition, we may disclose personal information to third party service providers who assist us in providing our services. These may include companies which assist with data processing and analysis, research, mail services or maintenance. These third parties may also include organisations that cross-check the information you provide to us with information about you in other databases, which we will include in our records. We obtain this data with assurance from these providers that you have consented to the collecting and sharing of this data. We do not actively collect sensitive personal data such as medical data.
Personal information will only be disclosed to those third party service providers on a confidential basis so that the service provider can effectively provide those services. Under circumstances where we determine that members may be misusing our systems for malicious purposes (for example, using the numbers we provide to make harassing phone calls), such activities may be reported to law enforcement agencies. In such cases, we may release personally identifiable information, including name and address, to those agencies. We may transfer your personal information to a third party if we or any of our company affiliates are involved in a corporate restructuring (e.g., a sale, merger, or other transfer of assets).
Disclosure When Required by Law: We may otherwise use or disclose personal information where required or authorised by law, which may include emergency situations and assisting law enforcement agencies.
Disclosure to Partner NGOs: From time to time we will feature actions including, but not limited to petitions and email campaigns, supplied by partner organisations on the Platform. These actions may be subject to data sharing agreements between us and these partner organisations. Where such agreements are in place, this will be clearly noted on the pages associated with the action. You will be provided with an express opt-in before we share your information with the partner organisation(s). You acknowledge that The Noisy Brain has no control over the content, frequency and/or any other aspect of such communications.
From time to time we will feature rewards, supplied by partner organisations on the Platform. These actions may be subject to data sharing agreements between us and these partner organisations. Where such agreements are in place, this will be clearly noted on the pages associated with the reward and at the point of entry. By entering the reward, you are agreeing to further contact from the partner organisation(s) associated with that reward. You acknowledge that The Noisy Brain has no control over the content, frequency and/or any other aspect of such communications.
Access to Database & Mailing List: We will not allow access to our database or mailing lists to any organisation or individual, except as expressly permitted by the user. However, if the material another organisation or individual wishes to circulate through our database aligns with our core values and is within the use anticipated by those on the mailing list, we will take responsibility for the circulation and will ask that the organisation/individual provide us with a letter explaining their request.
USE OF THE PLATFORM
Credit Card Security: On the Platform, The Noisy Brain may use PayPal or another third party to process and accept transactions. We do not store any credit card information.
Petitions and Surveys: For petitions and surveys you've signed or completed, we treat your display name, age, city and comments as public information—for example, we may provide compilations of petitions, with your comments, to partner NGOs and other targets, or to the press. In no such case will we disclose your email address or phone number, without your permission. We may also make your comments, along with your first display name, age, city available to the press and public online. We are not responsible for the content of use of your email address by campaign targets.
ACCESSING AND UPDATING YOUR PERSONAL INFORMATION
We take reasonable steps to make sure that the personal information collected, used and disclosed is accurate, complete and up-to-date. Individuals who need to access or correct any personal information held by us about them are asked to send a request to firstname.lastname@example.org. As much detail as possible should be provided by the individual about the particular information sought, in order to enable us to retrieve it. In certain circumstances, we may not be required by law to provide the individual with access to, or to correct, personal information. If this is the case, reasons will be given for that decision.
SECURITY OF PERSONAL INFORMATION
We take reasonable steps to protect all of the personal information The Noisy Brain holds from misuse and loss and from unauthorised access, modification or disclosure. This protection applies in relation to information stored in both electronic and hard copy form. As part of our ongoing commitment to GDPR, The Noisy Brain will report any security breaches or attempted breaches to the relevant authorities within 24 hours. We will subsequently contact all those affected by the breach within 72 hours of its occurrence.
Information security: We use firewalls and other industry standard security technology, as well as industry standard security practices, to protect personal and confidential information that we receive and to prevent that information from being accessed by unauthorised persons. For example, we work to protect the security of information submitted through the Platform during transmission by using Secure Sockets Layer (SSL) software, which encrypts information. The information that you submit through the Platform is gathered on computers, and stored in a data centre, protected by industry standard security practices. The number of employees that have physical access to our data centre, and to the computer on which personal information is stored, is limited. Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot ensure or warrant the security of any information you transmit to us, and you do so at your own risk. Once we receive your transmission, we make our best effort to ensure its security on our systems.
We may occasionally present a shortened URL that references a longer URL which contains an ID—we do this to simplify the display, to prevent links from becoming broken when copied, and to ensure compatibility with email programs which do not handle long URLs. When a shortened URL is displayed in an email, you will see the full URL in the browser's address bar when you access the page.
We may revise or amend this policy at any time at our sole discretion. If we make any substantive changes in the way we collect or use personally identifying information provided by users, we will post a prominent announcement on the Platform's home page and post the changes on this page. We will never change our policies and practices to make them less protective of user information collected prior to the effective date of any changes without the consent of affected users. We encourage users to visit this page periodically to review our current policy.