Privacy Policy

Thank you for visiting the Disciple Media website. The protection of your privacy is very important to us. We believe transparency and data subject control are at the core of our relationship with our customers and the foundation for building trust in us as a business.

This Privacy Policy has been created to help you understand the personal data which we may collect, how we intend to securely process and store that data, and the rights you have in relation to your personal data in accordance with the requirements of the General Data Protection Regulation (EU GDPR 2016/679) and the UK Data Protection Act 2018.

Along with our Terms and Conditions of Use, this Privacy Policy makes up our agreement with you as a visitor to our website, and we need to ensure you understand that agreement.

Summary Privacy Policy

  • Data Controller: Disciple Media Limited
  • We will only collect personal information that you have voluntarily decided to provide to us or we have recorded from your visits to our website
  • Depending on how you choose to interact with us we may collect your name, email, phone number, IP address or any other contact details which you have provided to us
  • We will use this personal information
    • to respond to contact initiated by you (answering your questions, providing additional information you have requested, troubleshooting issues you have reported, etc);
    • to contact you with relevant information about our products and services, you can unsubscribe at any time.
    • to analyse, improve and promote our Website and its content
  • We will always ask you before processing your personal data in any other ways
  • We will use an anonymised version of your personal data, from which you cannot be identified, to prepare statistics so we can learn and improve our service. For example, data related to how many emails we received in a week, the average time we take to reply to queries etc
  • We will only share your personal information with our declared data processors
  • We may transfer your data to authorised data processors outside of the EEA but will make sure that there are appropriate safeguards in place and you are advised in advance. By voluntarily submitting your personal data to Us you consent to these transfers.
  • We will never sell, rent or give away your personal data to other third parties
  • We will only keep your information for as long as needed to answer your query or as required by applicable legislation or regulations
  • We will use appropriate technical and organisational measures to ensure the safety, security and accuracy of your personal data
  • We use anonymous cookies to help us improve visitors experience of Our Website
  • You have important rights in relation to the use of your personal data, listed in
  • We do not knowingly request or store sensitive or children’s information
  • You should contact our Data Protection Manager if you have any questions about this Privacy Policy or the collection, processing and storage of your personal data

Full Privacy Policy

1. INTRODUCTION

This Privacy Policy will help you to understand what information We collect and process using the Disciple Media website, hereinafter referred to as “the Website”, and the choices and rights you have in connection with your personal information.

In this Privacy Policy when we refer to ‘Disciple Media’, ‘Disciple’, ‘We’, ‘Us’ or ‘Our’ we are referring to Disciple Media Limited, 86-90 Paul Street, London, EC2A 4NE, email address dpm@disciplemedia.com, the “Data Controller” for the Website.

The Data Controller is responsible for determining what, if any, personal data to collect, the processing purposes of that data, and the content and related services or features which are made available to you from using this Website.

2. DATA PROTECTION FRAMEWORK

Disciple Media Limited is a company registered in England and Wales (company number 08075740) and is registered with the Information Commissioner’s Office (ICO) as a Data Controller under the Data Protection Act of 2018 (registration number ZA147341).

3. WHAT IS THE PURPOSE OF THE WEBSITE?

The purpose of the Website is to:

  • Provide information on the community empowerment platform that Disciple Media has built and offers as a software-as-a-service product
  • Allow visitors to contact Disciple Media if they are interested in learning more about the product or have questions about our Company

4. WHERE DO WE COLLECT PERSONAL INFORMATION ABOUT YOU FROM?

We may collect personal data about you from the following sources:

  • Directly from you. This is information you have voluntarily provided whilst entering your personal details onto the Website.
  • Publicly available information, in certain circumstances we will obtain information about you from certain publicly accessible sources, both EU and non-EU, such as Companies House, online customer databases, business directories, media publications, social media, and websites (including your own website if you have one).

5. WHAT INFORMATION DO WE COLLECT AND WHY?

We will only ever collect the information We need to enable us to undertake the specific personal information processing activities noted later in this section. We collect and process two distinct kinds of information:

  • non-personal information, such as the pages you have accessed, helping Us to determine how many people use Our Website, how many people visit o3n a regular basis, and how popular each of Our pages are. This information doesn’t tell Us anything about who you are or where you live. It simply allows Us to monitor and improve Our service.
  • personal information such as your name, email address, phone number, IP address, and approximate location and any optional information you may choose to provide to Us while contacting Us through a Website form or online chat session.

The information we collect and process is dependant on how you choose to interact with us:

People who visit Our Website

  • When someone visits Our Website, our third-party hosting provider, WP Engine, collect(s) and store(s) server logs to help Us to ensure that our IT infrastructure and networks are appropriately secured and operating correctly. This includes the analysis of log files to help Us to identify and prevent unauthorised access to our network, the distribution of malicious code, denial of services attacks and other cyber attacks, by detecting unusual or suspicious activity. Unless We are investigating suspicious or potential criminal activity, We do not make, nor do We allow our hosting provider to make, any attempt to identify you from the information collected via server logs.
  • Legal basis for processing: Our legitimate interests (Article 6(1)(f) of the General Data Protection Regulation)
  • Legitimate interest(s): ensuring the security of our network and the information it contains
  • When someone visits Our Website We use Google Analytics to collect standard non-personal log information and details of visitor behaviour. This allows Us to learn about the number of visitors to various parts of Our Website. When any of this information is processed it is done in a way which does not identify anyone. We do not attempt to find out the identities of those visiting our website.
  • Legal basis for processing: Our legitimate interests (Article 6(1)(f) of the General Data Protection Regulation)
  • Legitimate interest(s): improving our website for our website users and getting to know our website users’ preferences so our website can better meet their needs and desires.

People who use the ‘more information’ or ‘call booking’ forms

  • When someone requests more information through the Website or Social Networks we may ask for the following information:
    • Name
    • Email
    • Role
    • Company Name
    • Company Industry
    • Company Size
    • Preference on subscribing to our marketing communications
    • Phone Number
  • We collect these details to allow Us to follow up on any enquiries made and to provide more information about Our products and services.
  • We will contact you by email and/or phone to discuss your needs and We will send you emails with more information about Our products and services.
  • Legal basis for processing: Our legitimate interests (Article 6(1)(f) of the General Data Protection Regulation)
  • Legitimate interest(s): responding to enquiries and messages we receive and keeping records of correspondence.

People who use the ‘Disciple Community App’

People who use the ‘The Collective Community App’

People who use our social media analysis tools

  • When someone uses our social media analysis tools with any of their social media accounts, they grant us permission to access data about them via the relevant social network interfaces. Such data can include email address and analytics data points about their profile and the pages they manage. By authenticating our tools with the social networks, the networks will show in a dialog what access you are granting.

People who sign up for our paid services

  • When someone signs up for our paid services we will ask for the following information:
    • Email
    • Billing Address
    • Payment method
  • We collect these detail to allow us to create your account with us and to bill you for the paid services provided (via our sub-processors)

Legal basis for processing: compliance with a legal obligation (Article 6(1)(c) of the General Data Protection Regulation).

  • Legal obligation: we have a legal obligation to issue you with an invoice for the goods and services you purchase from us where you are VAT registered and we require the mandatory information collected by our checkout form for this purpose. We also have a legal obligation to keep accounting records, including records of transactions
  • Legal basis for processing: our legitimate interests (Article 6(1)(f) of the General Data Protection Regulation).
  • Legitimate interests: The ability to provide adequate customer service and management of your customer account.
  • Legal basis for processing: necessary to perform a contract (Article 6(1)(b) of the General Data Protection Regulation).
  • Reason why necessary to perform a contract: to fulfil your contractual obligation to pay for the goods or services you have ordered from us.

People who sign up to receive marketing communications or join our events/webinars

  • When someone signs up to receive marketing communications We will collect your email address
  • We will use this information to send you marketing communications regarding offers, upgrades and feature announcements
  • Legal basis for processing: your consent (Article 6(1)(a) of the General Data Protection Regulation).
  • Consent: you give your consent to us sending you marketing communications by signing up to receive them. If you later wish to withdraw your consent you can do so with the ‘unsubscribe’ link that is included at the bottom of all of our newsletter emails.

People who Live Chat with Us

  • When someone contacts Us through the Live Chat We may ask for the following information:
    • Name
    • Email
    • Role
    • Company Name
    • Company Industry
    • Company Size
    • Phone Number
  • Legal basis for processing: our legitimate interests (Article 6(1)(f) of the General Data Protection Regulation)
  • Legitimate interest(s): responding to enquiries and messages we receive and keeping records of correspondence.

People who email Us

  • When someone emails Us at the email addresses available on Our Website, We will store the name, email address and content of the message received. This information will be processed to allow Us to respond to the enquiry.
  • Legal basis for processing: Our legitimate interests (Article 6(1)(f) of the General Data Protection Regulation)
  • Legitimate interest(s): responding to enquiries and messages We receive and keeping records of correspondence.
  • Legal basis for processing: necessary to perform a contract or to take steps at your request to enter into a contract (Article 6(1)(b) of the General Data Protection Regulation).
  • Reason why necessary to perform a contract: your message may relate to us providing you with our products or services or taking steps at your request prior to providing you with our products or services (for example, providing you with information about such products or services), we will process your information in order to do so.

People who contact Us by post

  • When someone contacts Us by post, We will collect any information you provide Us in that communication.
  • Legal basis for processing: Our legitimate interests (Article 6(1)(f) of the General Data Protection Regulation)
  • Legitimate interest(s): responding to enquiries and messages We receive and keeping records of correspondence.

People who apply for job openings

  • When people apply for job openings with us, we may ask you for the following personal information:
    • Your name
    • Contact details (like your address, phone number and email address)
    • Your work and educational history (usually covered in your CV)
    • Your current salary information and your notice period at your current employer
    • A form of identification, insurance numbers, immigration information and visa status
    • The country you are applying from
    • Your responses to application questions
    • References from your previous employer
    • Other information you voluntarily give us through the process, including through
      Interviews
  • Usually we will collect all of this information from you directly, but we may collection additional information from
    • Workplace references from your referees
    • Information about you from publicly available sources (e.g. your name and contact details)
    • We might receive your personal information from third-party recruitment firms
  • Legal basis for processing: Our legitimate interests (Article 6(1)(f) of the General Data Protection Regulation)
  • Legitimate interest(s): manage the recruitment process and appropriately evaluate a candidate’s suitability for a role and respond to and defend against legal claims..

We record the IP address you accessed the Website from so that We can protect the Website from malicious access. As part of this We may look up the approximate location of the IP address such as country and city.

We use tracking pixels (small graphic files) technology and tracked links in the emails we send. This allows us to measure the level of engagement our emails receive through datapoints such as delivery rates, open rates, click through rates and content engagement.
For more information about HubSpot and their use of tracking technology, see their privacy policy which is available here:https://legal.hubspot.com/privacy-policy

Your decision to disclose your personal information to Us is entirely voluntary.

6. DATA RETENTION

We will only retain your personal information for as long as required to fulfil the purposes outlined in this Privacy Policy. We comply with all legislative and regulatory information retention requirements and will securely and permanently delete your personal information where there is:

  • No justification for its further retention, or
  • You have asked Us to delete it.

We will not use your personal information for any other purposes. We will not share your personal information with any other organisation, other than the declared Data Processors recorded in Section 11.

7. SENSITIVE PERSONAL DATA

GDPR Article 9 specifies a set of special categories which are considered to be “sensitive personal data” (e.g. racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership) and which require special consideration and protection by Data Controllers. This Website does not knowingly collect or process any sensitive personal information unless you have chosen to voluntarily disclose and share such information during your use of the Website.

If you do decide to voluntarily share sensitive information with Us, you will be considered to have explicitly consented to Us processing that sensitive personal information under Article 9(2)(a) of the General Data Protection Regulation. We will use and process your sensitive personal information solely for the purposes of securely deleting it.

8. CHILDREN’S PERSONAL DATA

This Website, and any services available from it, are not directed to users under the age of 18 (save where any users between 13 – 18 years old have obtained prior parental or guardian consent). If you learn that a user under the age of 18 has provided Us with their personal information without having parental or guardian consent, please contact Us (see Section 15) immediately so that We can take appropriate action.

9. USER DATA RIGHTS

As prescribed within the UK Data Protection Act 2018 / EU General Data Protection Regulation, you have several rights connected to the collection, processing and storage of your personal information as a result of using the Website.

1. The right to be informed

You have the right to be provided with clear, transparent and easily understandable information about how We use your information and your rights. This is why We’re providing you with the information in this Privacy Policy.

2. The right of access

You have the right to obtain access to your personal information (if We’re processing it), and certain other information such as the reasons why we are processing or storing it. This is so you’re aware and can check that We’re using your personal information in accordance with data protection legislation and your agreement.

3. The right to rectification

You are entitled to request that your personal information is promptly corrected if it’s identified as being inaccurate or incomplete.

4. The right to erasure

This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information under certain circumstances where there’s no compelling reason for Us to keep using it. This is not a general right to erasure; there are exceptions.

5. The right to restrict processing

You have rights to ‘block’ or suppress further use of your personal information. When processing is restricted We can still store your information but may not be able to process it further. We maintain lists of people who have asked for further use of their personal information to be ‘blocked’ to make sure the restriction is respected in future.

6. The right to data portability

You have rights to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between Our IT systems and theirs safely and securely, without affecting its usability.

7. The right to object to processing

You have the right to object to certain types of personal data processing, including processing for direct marketing activities.

8. The right to lodge a complaint

You have the right to lodge a complaint about the way We have handled or processed your personal data with your national data protection regulator (the Information Commissioner’s Office within the UK)

9. The right to withdraw consent

If you have given your consent to anything We do with your personal data, you have the right to vary or withdraw your consent at any time (although if you do so, it does not mean that anything We have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw your consent to Us using your personal data for marketing purposes.

We usually act on validated requests and provide the requested information or activity free of charge, but by law we are allowed to charge a reasonable fee to cover Our administrative costs of providing the information for:

  • baseless or excessive/repeated requests, or
  • further copies of the same information.

Alternatively, there are reasons why We may be entitled to refuse to act on the request.

Please consider your request responsibly before submitting it. We’ll respond as soon as We can. Generally, this will be within one month from when We receive your validated request but, if the request is going to take longer to deal with, We will let you know.

To contact Us please see Section 15 below. If We do not address your request or fail to provide you with a valid reason why We are unable to do so, you have the right to contact the Information Commissioner’s Office to make a complaint. They can be contacted via their website (www.ico.org.uk) or by telephone 0303 123 1113.

10. DECLARATION OF PERSONAL DATA PROCESSORS

To make an informed decision on whether to provide your personal data to Us when using this Website, we need to make you aware of the organisations that act as Data Processors for Us, helping in the provision of the Website and its functionality.

A list of our Data Processors is available here

11. INTERNATIONAL TRANSFERS OF PERSONAL DATA

As We have described above, to be able to provide you with this Website We may transfer your personal data to partners in countries outside the EEA. These countries’ privacy laws may be different from those in your home country. By submitting your personal data, you agree to this transfer, storing or processing by us. If we transfer or store your information outside the EEA in this way, we will take steps to ensure that your privacy rights continue to be protected as outlined in this Privacy Policy.

12. USE OF COOKIES

Cookies are small text files sent by websites to your web browser and sent back to them each time you access or use the site and may be necessary for the site to function. They are unique to you or your web browser and may contain personally identifiable information as well as technical information (e.g. your device manufacturer and model, screen resolution, internet service provider, browser, and geo-location data). Session-based cookies last only while your browser is open and are automatically deleted when you close the browser. Persistent cookies last until you or your browser delete them, or until they expire.

Further information about cookies can be found at Interactive Advertising Bureau or Out- Law’s.

13. EXTERNAL LINKS

The Website includes relevant hyperlinks to external websites which are not directly controlled by Us. Whilst all reasonable care has been exercised in selecting and providing such links, you are advised to exercise caution before clicking any external links. We cannot guarantee the ongoing suitability of external links, nor do We continually verify the safety or security of the contents which may be provided to you. You are advised, therefore, that your use of external links is at your own risk and We cannot be responsible for any damages or consequences caused by your use of them.

14. CHANGES TO THIS PRIVACY POLICY

We may amend this Privacy Policy from time to time for example, to keep it up to date or to comply with legal requirements. You should regularly check this Privacy Policy for updates. If there will be any significant changes made to the use of your personal information in a manner different from that stated at the time of collection, we will notify you by posting a notice on our Website.

15. CONTACTING THE DATA CONTROLLER

If you have any questions about this Privacy Policy, would like to exercise any of your statutory rights or to make a complaint, please write to:

Data Protection Manager
Disciple Media Limited
86-90 Paul Street
London
EC2A 4NE

Email: dpm@disciplemedia.com

Community Stories

We’ve built beautiful apps for over 700 communities and helped them to engage over 2 million members. Find out how businesses like yours have used the Disciple platform to supercharge their communities!