- General policy
- Scope of our data collection and storage
- Access to our data and data security
- Cookie Statement
- How to contact us.
Bird’s Eye Communications is committed to data privacy and digital security. In general, we aim to use secure and encrypted tools and services, service providers in the EU, limit our use of privacy-diminishing companies such as Facebook and Google, and we are diligent about safekeeping our data.
That said, operating in today’s market, on which many clients, audiences, suppliers and service providers have more relaxed policies, requires us to make compromises on a regular basis.
Scope of our data collection and storage
Bird’s Eye Communications collects and stores personal data by interacting with its clients, contacts, suppliers, and audiences. This statement lists various types of personal data that we collect and store for the purpose of:
- Our communications;
- Company book keeping;
- Web visitor statistics;
- Online polling;
- Press release distribution.
1. Communications — As is to be expected, both we and our e-mail, phone and technology providers collect and store all sorts of personal information and meta data as (by) product of our communications with clients, suppliers and other types of contacts.
Data collections that may include personal data include e-mail- and text messages, log files, voice mail and other audio recordings, and written and digital notes. They may contain many types of personal information, including names; e- mail-, ip-, postal- and visiting addresses, phone and fax numbers, bank account numbers and everything else that has been part of our research, work and communications.
These data collections are used to operate our company, maintain outside relations, provide services and protect us and clients from unwanted or malicious (digital) communications (e.g. ‘spam’, computer viruses, trojan horses or ransomware).
Data collections are stored at various places, including remotely at the servers of outside service providers (outlook.com, google.com, bhosted.nl, signal.org, whatsapp.com and others). They are governed by rules and policies outside of our control. We access parts of these collections through password-protected web interfaces.
Data collections are also stored locally on password-protected computers in our offices and mobile phones.
All data collections are stored for as long as we think they are necessary for providing our services effectively and efficiently.
2. Company book keeping — We collect and store data on clients and suppliers to send and/or pay invoices and to maintain sound book keeping, banking and fiscal records. This data may include names, (e-mail) addresses, phone numbers, BTW/VAT numbers, trade register numbers, and bank account numbers.
It is stored locally at our offices (on paper and/or on password-protected computers), while copies may also be stored at password-protected ‘cloud’ servers (onedrive.com) in and outside of the EU.
Our bookkeeping records are stored for between five and ten years. Whenever needed, they are shared with our accountant and /or fiscal authorities through secure channels (paper binders and encrypted cloud services).
3. Web visitor statistics — Our website(s) and hosting provider (bhosted.nl) collect anonymized, non-personal metadata from online web visitors and transfer them to 3rd parties (statcounter.com and google.com) who store this data for up to two years. We can access this information through password-protected web services.
Only non-personal and/or anonymized data of web visitors are shared, including dates and times of visits, anonymized ip addresses, browser software, operating system, device type, screen size, and ip addresses of their internet providers. No personal information (such as names, addresses, email addresses or exact ip addresses) of web visitors are stored or shared.
Collecting and sharing non-personal metadata allows us to generate anonymous statistics by which we analyze interest in our and clients’ websites and further improve our sites’ user-friendliness. It also helps us protect ourselves and clients against malware. As part of these processes, our website(s) place ‘cookies’ on devices used by visitors or our website(s) (see Cookie Statement below.)
4. Online polling — As part of our services to clients, we occasionally carry out online polls through external providers (such as google.com). In the course of such polls, various kinds of information from poll participants are collected, explicitly and/or implicitly, and stored locally, in our offices on password-protected computers, and/or remotely at password-protected ‘cloud’ servers (onedrive.com) in and outside of the EU, for as long as we find it necessary or useful.
Poll participants, after being explained whether and how their responses will be shared, are typically asked to visit one or more web pages and submit answers to questions. That web page will register their visit using cookies and other technologies (see: 3. Web visitor statistics’).
5. Press release distribution — As part of our services to clients, we may occasionally collect names, e-mail addresses, phone numbers, names of media outlets and/or professional interests of reporters and editors and add them to digital databases.
These databases are stored locally in our offices on password-protected computers and/or remotely at password-protected ‘cloud’ servers (dropbox.com, mega.com, syncplicity.com, onedrive.com) in and outside of the EU, as long as we find them useful for future operations.
Information in the databases may be used to e-mail press releases to persons who we expect, based on their field of work, to be interested in the message our client wants to share.
E-mailed press releases will include a link for ‘unsubscribing’ from this service. Clicking that link enables journalists to add their name and e-mail address to a separate database that will exclude them from future mailings. We do not e-mail press releases to journalists who we suspect or know don’t want to receive them, if only because we think doing so would be counterproductive.
Access to our data and data security
Wherever possible we use secure, encrypted methods and services. Access to password-protected local and remote storage is limited to employees of Bird’s Eye Communications. In some cases we give clients access to project-related server areas in order to streamline our collaboration.
We are diligent in keeping all software on routers, computers, smart phones and online services up to date, including several layers of security software. We use unique passwords for software and remote servers and store them only in encrypted password vaults.
Copies of the encrypted vaults may be stored on password-protected cloud servers to enable us to help our clients when we are out of the office. We create new passwords whenever and as soon as notices or news articles suggest there might have been a data breach. We install software patches as soon as they become available.
When we think it prudent, we communicate over the internet through virtual private networks (VPN).
We employ two 3rd-party services (Statcounter and Google Analytics) who use ‘cookies’ (tiny digital files) and similar technologies to help us analyze web visits in order to learn from them and evaluate and improve our website(s).
Because of how we have set up our collaborations with these providers, they do not collect any ‘personal data’ which could be shared with other companies or used for personalized advertising. Under our Google Ads Data Processing Terms agreement, only non-personal, anonymous and encrypted data are shared. They do collect data such as time and length of visit, pages visited, referring site, Google search keywords that led to our site, type of web browser, type and language setting of operating system, screen resolution, screen color processing ability, originating network and anonymized IP address (of which the last four digits is stripped). We do not combine Google Analytics data with other data.
All of this allows us to see, for example, how many of our visitors use mobile phones to visit our site, how we rank in various Google searches, and how many of our visitors were with us before.
The non-personal data related to visits to our site(s) can be stored on a user’s devices in the form of ‘cookies’, which do not contain personal data either. Left undisturbed these cookies may remain on a device for 2-5 years.
The EU’s General Data Protection Regulation (GDPR) does not require us to ask a visitor’s consent for using cookies that do not contain any personal data.
Visitors who prefer not to receive these non-personal cookies have various methods available to them. For example, they can set their web browsers to refuse 3rd-party cookies, install cookie-blocking software or browser extensions (e.g. in Mozilla Firefox or Google Chrome), and/or place a ‘blocking cookie’ on their device that will block all Statcounter cookies. This will reduce our ability to learn from their visits.
How to contact us
In case of questions or concerns regarding these policies, please contact us by using this form: