Privacy Policy

Your privacy matters

Ctrl-Shift's philosophy is to put you in control of your data and your service wherever possible so that you can use it to make better decisions. The following words are longer and more complicated than we'd like because we have to be legally covered. But we’ve worked hard to align them to our philosophy so we’d love you to read them.

This policy was updated in January 2012 as a result of our research into best practice for privacy policy statements. A small update was made in May 2012 to add in more details about how our cookies work.

The principles that we operate under are:

* That you the user decide how you want to interact with us.

* That the level of personal data entered on this site is minimal and that which is essential.

* That we won't sell or rent your details to anyone.

* That your information is yours, even though it may have been created or stored on our site.

* Our responsibility is to provide you with the privacy tools for you to be able to control your information, to comply with relevant regulations, and yet to help you easily access valuable content, functionality or information.

0. Who are you dealing with and where are we?

You are dealing with the company Ctrl-Shift. We are UK based and our website is hosted in the United Kingdom and the majority of your data is held in the UK. However, we use a US based email distribution centre and a copy of your email address (and some preferences) are held in the United States.

We also use sites based outside the EU to manage our finances. For example, we use Paypal to take payments for goods and services and we have no control over where the data is sent and stored by them. Paypal’s own privacy policy can be found here. We are keen to make you aware that some of the data we store about you is held outside the EU because we can’t control the standards to which data is kept in other countries. However, as far as we can possibly ascertain, all the services that we use can only survive if they keep personal data safe and secure.

1. Data sharing

We do not pass your details onto any third parties for sales and marketing purposes. However, we do pass on your details - where strictly necessary - to third parties solely to deliver our products and services. For example in taking payment on the website we will pass essential details (your email address) to Paypal or, if you attend one of our events, we may have to pass your name to the venue to allow you entry.

2. Managing your account

If you register with us, you will create your own account and we expect you to maintain your own record. We will add any purchases to your account but that is it!

If you wish to get a copy of our monthly newsletter you can sign up here. The default for getting the newsletter is that you must Opt In to get it.

If you wish to delete your account, you must email us to request this. If you wish to unsubscribe from the newsletter list but retain your account, simply click here.

If you are a corporate subscriber, you can manage more detailed preferences in your account. For corporate subscribers, the maintenance of the account is subject to a corporate account management process. For example, your access to our system will cease if the subscription expires or if you leave your current employment (even if your email address remains valid).

3. Data retention

We keep your details on our website systems for as long as you are active with us. In practice we will contact you every 12 months to see if you still want to be on our records. If not, we will delete you from our website systems.

If you make a purchase from us that involves money (or an exchange of services with more than a nominal value), then the details of that purchase will be kept by us for a period of up to seven years. We do this because this appears to be the legal standard (to make sure that any case against or by us has all the necessary evidence). Our financial data is managed by Xero, a New Zealand based company, whose privacy policy is here and, as you will see, where your data is stored is outside our control.

If you wish to have a copy of the information we hold about you, simply drop us an email and we’ll email you back a copy of that information. This is, of course, a legal right and although the law permits us to charge you £10, that’s not necessary. If you wish to write us an actual letter about your data, please use the contact us address at the foot of the website - and please mark it for the attention of the Data Controller.

4. Tracking you

Like all businesses we need to know if the services we are offering deliver what our customers need. For this reason we use three types of tracking.

4.1 We use Google analytics to understand how our website works. This does not capture personally identifiable data (although we acknowledge that, for example, monitoring IP addresses can lead to personal identification). The site uses four Google analytics cookies which are __utma, __utmb, __utmc, and __utmz

The __utma cookie

This cookie is what’s called a “persistent” cookie. It expires after two years after the last visit you make. This cookie keeps track of the number of times a visitor has been to the site, when their first visit was, and when their last visit occurred. Google analytics uses the information from this cookie to calculate things like Days and Visits to purchase.

The __utmb and __utmc cookies

The b and c cookies working together to calculate how long a visit takes. __utmb takes a timestamp of the exact moment in time when a visitor enters a site, while __utmc takes a timestamp of the exact moment in time when a visitor leaves a site. __utmb expires at the end of the session. __utmc waits 30 minutes, and then it expires. This is because __utmc has no way of knowing when a user closes their browser or leaves a website, so it waits 30 minutes for another pageview to happen, and if it doesn’t, it expires. We use this information to get data about, for example, time on page, pages per session and how long a session lasts on average. 

The __utmz cookie

The z keeps track of where the visitor came from, what search engine was used, what link was clicked on, what keyword was used, and where they were in the world when they land. It expires after six months. This cookie is how Google Analytics knows to whom and to what source / medium / keyword to assign the credit for an e-commerce transaction.

To opt out of Google Analytics click here (clicking this link won't opt you out, it will take you to a page where you can download a browser add-on to opt out).

4.2 We use a “ci_session” cookie for registered user accounts so you stay logged in between pages. To verify the login session it records and matches IP address and user agent (eg Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en), and expires when the browser closes. It also stores the last activity as a timestamp so it can be automatically removed and log the user out after a period of inactivity for security.

This session cookie is essential but it applies only to registered users. Without it you can't use your registered account. 

4.3 We use a blank gif to track the open rates on our newsletters (which we use to monitor how well read our newsletters are). If you do not wish this, please select the plain text version of the newsletters. We also use personalised URL tracking in our newsletter links which help us to understand what individual users are interested in.

We acknowledge the legal requirement that placing cookies that are not strictly necessary to provide a service requested by the user requires the consent of the user. If you wish to avoid using cookies, and for more about cookies, go here. If you want to switch off cookies we suggest that you read this since most modern browsers have a way of preventing cookies being stored on your computer.

If you continue to use our site after reading this notice, we believe that we have done our best to comply with the EU rules. However, the only way of complying with this would be to provide you with a “tick box” to tell us that you agree to accept cookies. But the only way we can use that information is either to store it as a cookie or to store the information in the preference module. But to do that you would have to register to even browse our site. We don’t think that is right or necessary.

We do not use behavioral targeting. Behavioural targeting technologies use cookies and pixel tracking technologies to track which web sites consumers visit, what pages they visit within a web site, the amount of time they view each page, the links they click on, the searches they make and the things that they interact with. Capturing this data allows sites to create a profile that links the user’s behaviour to their web browser. The same technologies can be used to personalise web pages thereby improving users’ experience, or to generate advertising targeted at the user’s behavioural profile. However, we believe that this process is contrary to the principle that the user is in control.

5. Changes to this Privacy Policy

Ctrl-Shift may amend this policy from time to time. If policy changes are made, which would materially and adversely affect the privacy of individuals to whom this policy applies, we will endeavour to give notice of such changes to all individuals concerned. Registered readers and newsletter recipients will be alerted to any future changes via email. Browsers of this site will have to check here for updates (sorry but if we don't know who you are we can't inform you ahead of time!).

6. Contact Details:

Ctrl-Shift Limited, Exchange at Somerset House, South Wing. London, WC2R 1LA Registered Number in England: 06800865.

Registered Office: 4A Gildridge Road, Eastbourne, East Sussex, BN21 4RL VAT number 971118034

Telephone 0207 0001 907. www.ctrl-shift.co.uk

This document was correct as of 20 January 2012 (and updated with a new address on February 3 2012). The previous version was posted in March 2011 (with a minor changes in January 2012 and May 2012).