My name is Alison Exley and I provide freelance translation, revision, review, proof-editing, localisation and copywriting services in the United Kingdom.

I am committed to protecting your personal data and respecting your privacy. This privacy notice outlines how I collect and use your personal data, why I may disclose it to others and how I keep it secure.

Potential clients and clients

I collect, store and use your personal data to issue a quote, provide translation, revision, review, proof-editing, localisation, copywriting or related services that you request or to comply with legal requirements.

Personal data collected may include your name, postal address, email address, phone number, ID and/or tax number, payment and delivery conditions, financial and bank account details. Personal data may also include special categories, but only if you send me this data for the specific purpose of translating it. All data is processed on password-protected computers and is not accessible by third parties.

The lawful basis for processing your data is to perform the services you request or to take necessary steps before fulfilling that request (“contract”) and complying with legal requirements (“legal obligation”).

The lawful basis for processing special categories of personal data is your explicit consent for me to translate, revise, review or proof-edit that information (“consent”).

If you do not accept my quote or I do not accept your job offer, I will delete your email and any attachment and related documents and personal data within one week.

If I perform a job for you, I will keep your personal data only throughout our business relationship or for seven years to comply with tax obligations. I keep records of the invoices I send you, including printouts stored in my office, and the payments you make. I will delete emails after five years.

I do not use your personal data for marketing purposes.

If I cannot perform the job myself or if I want my work for you to be revised or proof-edited, I will seek a trusted colleague to help me. All the collaborators who provide translation, revision, review or proof-editing services for me must sign a confidentiality agreement (NDA) before they are sent any document for a quote. They will be advised of their legal obligations in relation to confidentiality and professional secrecy.

Other parties may have access to your personal data for administrative purposes, including my cloud backup and file and email hosting services. All these parties are GDPR-compliant or, in the case of US companies, are self-certified under the US Privacy Shield framework.

Security measures

I take precautionary measures to ensure your personal data is protected. The devices I use to store and process personal data are password protected and updated when updates become available. Anti-virus software is installed on these devices to prevent the theft or destruction of this information. This anti-virus software is updated when updates become available. Firewalls are in place on all devices used for storing or processing personal data to avoid remote unlawful third-party access.

Breaches of personal data

In the event of a security breach of personal data, due to theft, unlawful access or data sent to the wrong email address, for example, I will notify the Information Commissioner’s Office (ICO) within 72 hours of this security breach if it is likely that there will be a risk to people’s rights and freedoms. This notification will include all information necessary to clarify the circumstances under which this happened. Notification will be done electronically via the ICO website. If a breach is likely to result in a high risk to the rights and freedoms of individuals, I will inform those concerned directly and without undue delay. A record will be kept of all breaches regardless of whether they are reported to a supervisory authority or not.

Your data access rights

In accordance with the European General Data Protection Regulation (EU) 2016/679, you are entitled to request a copy of your personal data that I hold. You are also entitled to ask me to rectify, erase and restrict processing of your personal data and you can also object to this processing. I will respond to your requests and concerns as soon as possible and no later than one month after receiving notification of your request and/or concerns. My contact details can be found at the end of this privacy notice.

Your right to make a complaint

If you have any concerns about how I process your personal data, you have the right to make a complaint with the ICO in the United Kingdom where I am based or with the supervisory authority in the country where you live.

Changes to this privacy notice

This privacy notice will be reviewed as necessary. It was last updated on 1 November 2022.