Effective date: February 11, 2022
Philosophy Design Limited (“us”, “we”, or “our”) operates the www.philosophydesign.com website (hereinafter referred to as the “Service”).
This website is owned and operated by Philosophy (“Philosophy Design”), a private limited company registered in the United Kingdom under company number 3902537 and with a registered office at 91 Paul Street, London, EC2A 4NY
Terms and Conditions
The information presented in this website is intended to be general in nature and does not take into account the specifics of individual circumstances. Accordingly, while we endeavour to ensure that all information on the website is accurate and complete, we are not responsible or liable for any error, omission, consequence, loss or damage arising from its use. The content of this website is Copyright of Philosophy who retain rights over all the material presented. The content may be reproduced for personal use only and must be reproduced with acknowledgement of Copyright. The content may not be reproduced for any other purpose, in any form, without the prior permission of Philosophy. This website provides hyperlinks to third party websites. Id is not responsible for the content or availability of such websites and the presence of such hyperlinks should not be considered as an endorsement of, or authorisation to use, such websites. By using this website, you acknowledge that you have read the terms and conditions of this notice and that you consent to them.
Like most websites, this site uses Google Analytics to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.
Although Google Analytics records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. Google Analytics also records your computer’s IP address which could be used to personally identify you but Google doe not grant us access to this. We consider Google to be a third party data processor (see section 6.0 below).
Disabling cookies on your internet browser will stop Google Analytics from tracking any part of your visit to pages within this website.
“‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”
Personal information we collect about you
We may collect and use the following personal information about you:
- Your name and contact information, including job title and email address
- Information about how you use our website, IT, communication and other systems
This personal information is required to provide our marketing services to you. If you do not provide personal information we ask for, it may delay or prevent us from providing the services to you.
How your personal information is collected?
We collect most of this personal information directly from you— by email and via our website. However, we may also collect information:
How and why we use your personal information
Under data protection law, we can only use your personal information if we have a proper reason for doing so, e.g.: for the performance of our contract with you or to take steps at your request before entering into a contract; for our legitimate interests or where you have given consent. A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
The following explains what we use (process) your personal information for and our reasons for doing so:
What we use your personal information for
- To provide marketing services for you
- Ensuring business policies are adhered to, e.g. policies covering security and internet use
- Operational reasons, such as improving efficiency, training and quality control
- Ensuring the confidentiality of commercially sensitive information
- Statistical analysis to help us manage our business
- Marketing our services
Contact forms and email links
Should you choose to contact us using the email link like the one found at https://www.philosophydesign.com/ – top left of screen, none of the data that you supply will be stored by this website or passed to / be processed by any of the third party data processors defined in section 6.0. Instead the data will be collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by SSL meaning that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the internet. The email content is then decrypted by our local computers and devices.
If you choose to receive our email newsletter, the email address that you submit to us will be forwarded to dotmailer who provide us with email marketing services. We consider dotmailer to be a third party data processor (see section below). The email address that you submit will not be stored within this website’s own database or in any of our internal computer systems.
Your email address will remain within dotmailer’s database for as long as we continue to use dotmailer’s services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by requesting removal via email. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
If you are under 16 years of age you MUST obtain parental consent before joining our email newsletter. While your email address remains within the dotmailer database, you will receive periodic (approximately three times a year)
Applying to work at Philosophy
If you submit an application to work at Philosophy we will use your personal information to process your application and to produce and monitor recruitment statistics. We will not take up references without your prior permission. We will not share or disclose your information unless you have given us your consent or we are required to by law.
We will retain personal information relating to unsuccessful applicants for no longer than 12 months, for use in the event of an appeal.
HOW WE STORE YOUR PERSONAL INFORMATION
In the near future we aim to change the storage of data to a pseudonymous fashion meaning that the data would require additional processing using a separately stored ‘key’ before it could be used to identify an individual.
Pseudonymisation is a recent requirement of the GDPR which many web application developers are currently working to fully implement. We are committed to keeping it as a high priority and will implement it on this website as soon as we are able to.
Contacting us about your personal information
We will be as open as possible with you about the personal information we hold about you, and if something is wrong we want to work with you to put it right.
You have the following rights, which you can exercise free of charge:
- Access: The right to be provided with a copy of your personal information (the right of access)
- Rectification: The right to require us to correct any mistakes in your personal information
- To be forgotten: The right to require us to delete your personal information—in certain situations
- Restriction of processing: The right to require us to restrict processing of your personal information—in certain circumstances, e.g. if you contest the accuracy of the data
- Data portability: The right to receive the personal information you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations
- To object: The right to object:
- at any time to your personal information being processed for direct marketing (including profiling);
- in certain other situations to our continued processing of your personal information, e.g. processing carried out for the purpose of our legitimate interests.
- Not to be subject to automated individual decision-making: The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you
For further information on each of those rights, including the circumstances in which they apply, please contact us or see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please:
- email, call or write to – see below: and
- let us have enough information to identify you e.g. your full name;
- let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill); and
- let us know what right you want to exercise and the information to which your request relates.
Keeping your personal information secure
We have appropriate security measures to prevent personal information from being accidentally lost, or used or accessed unlawfully. We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
How to complain
We hope that we can resolve any query or concern you may raise about our use of your information.
If you think your data has been misused or that Philosophy in holding it has not kept it secure, you should contact us and tell us.
If you’re unhappy with our response or if you need any advice you should contact the Information Commissioner’s Office (ICO).
Information Commissioner’s Office
Wycliffe House Water Lane
ABOUT THIS WEBSITE’S SERVER
This website is hosted by DigitalOcean with data centres located in some of the most respected data centre facility providers in the world. It leverages all of the capabilities of these providers including physical security and environmental controls to secure their infrastructure from physical threat or impact. Each site is staffed 24/7 with on-site physical security to protect against unauthorized entry. Some of the data centre’s more notable security features are as follows:
- 3m rota-spike security fence and perimeter anti ram barriers
- Blast proof anti-intruder shielded external windows and doors
- Biometric readers with two-factor authentication
- Facilities are unmarked as to not draw attention from the outside
- Battery and generator back up with generator fuel carrier redundancy
- Secure loading zones for delivery of equipment
- Proximity access locks on all external and internal doors
Interlocked man-trap doors with biometric iris scanners to gain access into data floors
Server cabinets have locked doors (no open racks)
- Perimeter and internal IP CCTV system monitored 24×7
- 24×7 on-site security guards with static and mobile patrols All on-site personnel are security vetted to BS7858 standard Only authorised security cleared staff are allowed into the facility.
DigitalOcean’s infrastructure is secured through a defense-in-depth layered approach. Access to the management network infrastructure is provided through multi-factor authentication points, which restrict network-level access to infrastructure based on job function utilising the principle of least privilege. All access to the ingress points are closely monitored, and are subject to stringent change control mechanisms.
Systems are protected through key-based authentication and access is limited by Role-Based Access Control (RBAC). RBAC ensures that only the users who require access to a system are able to login. We consider any system which houses customer data that we collect, or systems which house the data customers store with us to be of the highest sensitivity. As such, access to these systems is extremely limited and closely monitored.
Additionally, hard drives and infrastructure are securely erased before being decommissioned or reused to ensure that your data remains secure.
Snapshots and Backups
Snapshots and Backups are stored on an internal non-publicly visible network on NAS/SAN servers. Customers can directly manage the regions where their snapshots and backups exist which allows the customer to control where their data resides within our data centres for security and compliance purposes
OUR THIRD PARTY PROCESSORS
We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out in section 2.0. All 3 of these third parties are based in either UK or the USA.
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
How to contact us