Please read the following carefully to understand our practices regarding your personal data and how we will treat it.
For the purpose of the Data Protection Act 2018 (the Act) and all other relevant privacy and data protection law in force in the United Kingdom, the data controller of all personal data provided by you to us will be The Pool (UK) Limited. We are registered in England and Wales under company number 09070050 and have our registered office at 1st Floor, Epatra House, 58-60 Berners Street, London, W1T 3NQ. Our VAT number is 198462557.
PERSONAL INFORMATION COLLECTED ABOUT VISITORS TO THE-POOL.COM
If you, as a visitor to The Pool, elect to register as a subscriber to one of our mailing lists (such as Today in 3), we will collect any details that you provide to us using our sign up form (including your first and last names and your email address).
If you choose to sign in using Facebook connect, we will collect your first and last names, email address, Facebook profile picture and any information that you have chosen to make public on Facebook, including your name, age, location.
No matter how you choose to register or sign in, none of your personal data will be public to other visitors to the site.
We process the data that you provide in this way on the basis that you have either consented to us using it (where you ask us to provide you with newsletters, or information about special offers) and/or on the basis that we have a contract with you that obliges us to use it (such as where you contract with us to receive regular publications or gifts).
HOW WE WILL USE PERSONAL INFORMATION
We will use information held about you in the following ways:
Information you give to us
We will use this information:
- to carry out our obligations arising from any contracts entered into between you and us (such as if you subscribe to receive regular communications or gifts from us), and to provide you with the information, products and services that you request from us;
- to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about (but only to the extent that the law allows us ton, and only if you have not told us that you would like us to stop – for more information please see ‘Your Rights’ below);
- to notify you about changes to our service;
- to ensure that content from our site is presented in the most effective manner for you and for your computer.
Information we collect about you
When you visit our website we will collect certain information about you to help us deliver the site to you. This includes technical details about your computer from which you may be individually identifiable (such as your IP Address, your browser type, and which pages you view in which order) we will use this information:
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of our service, when you choose to do so;
- as part of our efforts to keep our site safe and secure;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
- to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.
We process the data that you provide in this way on the basis that we have a legitimate interest in doing so, because we need to use that data in order to improve our website and to make sure that we are delivering the best possible user experience to you.
For details on the ‘cookies’ we use to collect this kind of data, please see the Cookies section below.
We will retain your data for as long as your account is active. There is no automatic expiration on accounts, but you may request deletion of your data at any time (for more on which, see ‘Your Rights’ below).
If you notify us that you want us to stop sending you direct marketing communications, then we will keep a record of your e-mail address on our ‘opt-out’ list indefinitely in order to ensure that we continue to respect your request at all times.
Disclosure of your information to third parties
We will not share your personal information with any third parties except:
- in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
- if The Pool or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets;
- All information you provide to us is stored on our secure servers, which are encrypted, salted and hashed. Any payment transactions will be encrypted using 256 bit encryption. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
- Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
SERVICES THE POOL USES
When you sign up to The Pool, you will be added to The Pool’s Mailchimp mailing list if you have indicated that you would like to receive direct email marketing from The Pool.
The Pool uses Google analytics to track how you are using the site, your browsing behaviour, journey and device or browser used. No personally identifiable information is collected via Google analytics. This information is used to help improve the experience for the users.
The below table outlines the performance cookies set by our website and a description of how they are used.
PHPSESSID Used to identify logged in users
Stripe (For Editor’s Circle subscribers)
Facebook Login (After successful login)
Facebook (Social Sharing)
As a data subject you have a number of rights in relation to your personal data. Below, we have described the various rights that you have, as well as how you can exercise them.
RIGHT OF ACCESS
You may, at any time, request access to the personal data that we hold which relates to you (you may have heard of this right being described as a "subject access request").
Please note that this right entitles you to receive a copy of the personal data that we hold about you in order to enable you to check that it is correct and to ensure that we are processing that personal data lawfully. It is not a right that allows you to request personal data about other people, or a right to request specific documents from us that do not relate to your personal data.
You can exercise this right at any time by writing to us at email@example.com using the contact details set out here and telling us that you are making a subject access request. You do not have to fill in a specific form to make this kind of request.
YOUR RIGHT TO STOP RECEIVING COMMUNICATIONS
Where we send you e-mail marketing communications you have the right to opt-out at any time. You can do this by using the ‘unsubscribe’ link that appears in the footer of each communication.
Alternatively, if for any reason you cannot use those links, or if you would prefer to contact us directly – you can unsubscribe by writing to us at firstname.lastname@example.org and telling us which communications you would like us to stop sending you.
YOUR RIGHT TO RECTIFICATION AND ERASURE
You may, at any time, request that we correct personal data that we hold about you which you believe is incorrect or inaccurate. You may also ask us to erase personal data if you do not believe that we need to continue retaining it (you may have heard of this right described as the “right to be forgotten”).
Please note that we may ask you to verify any new data that you provide to us and may take our own steps to check that the new data you have supplied us with is right. Further, we are not always obliged to erase personal data when asked to do so; if for any reason we believe that we have a good legal reason to continue processing personal data that you ask us to erase we will tell you what that reason is at the time we respond to your request.
You can exercise this right at any time by writing to us at email@example.com and telling us that you are making a request to have your personal data rectified or erased and on what basis you are making that request. If you want us to replace inaccurate data with new data, you should tell us what that new data is. You do not have to fill in a specific form to make this kind of request.
YOUR RIGHT TO RESTRICT PROCESSING
Where we process your personal data on the basis of a legitimate interest (see above for when and why we do this) you are entitled to ask us to stop processing it in that way if you feel that our continuing to do so impacts on your rights and freedoms or if you feel that those legitimate interests are not valid.
You may also ask us to stop processing your personal data (a) if you dispute the accuracy of that personal data and want us verify that data's accuracy; (b) where it has been established that our use of the data is unlawful but you do not want us to erase it; (c) where we no longer need to process your personal data (and would otherwise dispose of it) but you wish for us to continue storing it in order to enable you to establish, exercise or defend legal claims.
Please note that if for any reason we believe that we have a good legal reason to continue processing personal data that you ask us to stop processing, we will tell you what that reason is, either at the time we first respond to your request or after we have had the opportunity to consider and investigate it.
You can exercise this right at any time by writing to us at firstname.lastname@example.org and telling us that you are making a request to have us stop processing the relevant aspect of your personal data and describing which of the above conditions you believe is relevant to that request.
YOUR RIGHT TO PORTABILITY
Where you wish to transfer certain personal data that we hold about you, which is processed by automated means, to a third party you may write to us and ask us to provide it to you in a commonly used machine-readable format.
Because of the kind of work that we do and the systems that we use, we do not envisage this right being particularly relevant to the majority of individuals with whom we interact. However, if you wish to transfer your data from us to a third party we are happy to consider such requests.
EXERCISING YOUR RIGHTS
When you write to us making a request to exercise your rights we are entitled to ask you to prove that you are who you say you are. We may ask you to provide copies of relevant ID documents to help us to verify your identity.
It will help us to process your request if you clearly state which right you wish to exercise and, where relevant, why it is that you are exercising it. The clearer and more specific you can be, the faster and more efficiently we can deal with your request. If you do not provide us with sufficient information then we may delay actioning your request until you have provided us with additional information (and where this is the case we will tell you).