Privacy and Data Policy

In case you haven’t met me yet, I’m Ruth Grant. Tinta Viva Translation is my trading name.

I will be the ‘controller’ of any personal data you provide to me, or any information gathered through this website. You can also read my full Privacy and Data Security Policy as a pdf here.

You can contact me by email at info@tintavivatranslation.com or by phone on +44(0)1367 560 732.

This notice is effective as of 25 May 2018. It will be updated as necessary to reflect my business practices and developments in data protection law.

As with almost all websites, when you visit tintavivatranslation.com your IP address and other browser data will be automatically collected and shared with my hosting company, which is based in the UK and fully GDPR compliant. This data may include your MAC address, device manufacturer, model and operating system version, internet service provider, browser type and language, country and time zone and device metadata. Logging this information is essential for security purposes and to monitor the general health of my website — collecting it helps protect the site from attack and unauthorised interference and ensures that it is able to function correctly.

It is not used for any other purpose and no attempts are made to identify you as an individual through your IP address.

This data is held securely on servers located in the UK for a maximum of 35 days.

This website also has a number of measures in place to protect it against malware and other malicious activity. This includes a firewall which monitors site traffic and activity on a daily basis, routes EU-based traffic through servers located within the EU and scans the site for security problems. It also includes a security plugin that protects it from attacks. The companies that provide these services may collect and temporarily store your IP address and other data transmitted by your browser as needed for these measures to operate effectively. This may include your device manufacturer, model and operating system version, internet service provider, browser type and language, protocol and version, response code, user agent, country and time zone and device metadata. They may also log the pages you visit while you are exploring the website. Again, this information is used only to keep my website safe and no attempts are made to identify you as an individual.

It may be transferred outside of the EEA (European Economic Area), including to the USA, subject to the provisions of the Data Processing Agreements in place between myself and these companies. Under these agreements, they are bound to use your data only for the stated purposes and to implement rigorous measures to keep it safe, providing a level of protection equivalent to that assured in the EU. This data will be deleted within a maximum of 90 days, provided that it is not associated with an ongoing attack.

Under the GDPR, this data is collected on the grounds of ‘legitimate interest’; it keeps my website safe and working properly, which is essential to my ability to run my business and protect visitors to my site.

Please bear in mind that if you follow any links from tintavivatranslation.com to other websites, the data-gathering practices and privacy policies of those sites will apply. You are advised to check those policies for yourself before accepting cookies from, or providing personal data to these sites.

Cookies are small text files that websites place on your computer or device, and which allow a site and/or its services to recognise you as a unique user. They can then be used to understand how the site is being used and to improve your browsing experience.

‘Session cookies’ expire and are automatically erased as soon as you close your browser. ‘Persistent cookies’ remain on your computer or device until they expire or are deleted. Some cookies are classed as ‘strictly necessary’, which means they are needed for the site to function correctly. ‘Strictly necessary’ cookies do not collect any personal data and can be placed on your device without your consent. For all other types of cookies, websites are legally required to ask for your prior consent.

You can control your general cookie preferences by adjusting your browser settings.

This website currently uses no cookies of any kind and so no cookie consent is required.

When you contact me, I collect basic contact details (name, email address, telephone number and in some cases postal address) so that I can respond to your query and, potentially, work with you on a project.

If your enquiry does not lead to us working together, I will keep your information for up to one year from our last contact, after which time it will be securely deleted. I will collect only the information necessary to run my business and manage my working relationship with you, so I can:

a) provide you with the information you ask me for;
b) undertake and deliver translation, editing, proofreading or other language services as agreed with you;
c) ask for or provide additional relevant information;
d) keep you informed about my terms and conditions; and
e) provide you with other important updates about my business that might affect you (e.g. changes in my availability or pricing).

In terms of the GDPR, my lawful grounds for collecting, using and storing this data are:

a) consent (you have given me this information for these purposes);
b) legitimate interest (to run my business, I need to be able to communicate with clients and exchange the information we need to work together or discuss a potential project — and having a record of our communications is essential for accountability);
c) (in some cases) performance of a contract (if we agree to work together); and
d) (in some cases) legal requirement (if our communications include business records, such as invoices or purchase orders).

I will never sell or swap your data or pass it to any other organisation or individual unless I am legally required to do so. I will not use your information for bulk marketing purposes without your specific and explicit consent (although my current clients may get some kind of festive greeting from me, either by email or post). You will, of course, have the right to modify or withdraw that consent at any time.

If you commission me to work on a project for you, I am required by law to keep your basic contact details (name, address, telephone number and email address) for six years. After this period, if we have had no further contact, this information will be deleted.

If you send me material to be translated, edited, proofread or transcribed, and this material contains your personal data, I will process it (i.e. securely store it and, if relevant, translate it) in order to carry out the work you have contracted me to do. If the project materials contain personal information belonging to someone else, I will need to be satisfied that you have lawful grounds for passing that information to me under the General Data Protection Regulation (GDPR). I will ask you to confirm this by signing my terms and conditions before I begin work on your documents.

In terms of the GDPR, my lawful grounds for collecting, using and storing this data are:

a) performance of a contract;
b) legal requirement (by law, I need to keep records of my business activities for six years).

Identifiable personal data will be deleted from the project files and my translation memories one month after the project invoice has been paid, unless:

a) the text is already in the public domain, for example as with references in an academic paper or a blog post; or
b) you have asked for a certified translation for official purposes. In this case, the full text of the document will be retained for six years so that I can respond to any claims or queries arising in relation to my work. This also comes under the category of ‘legitimate interest’ under the GDPR.

All project files will be stored securely in accordance with my data security policy (see below).

I never outsource my work, so you can rest assured that your documents will not be passed to anyone else. I never use machine translation services or cloud-based work environments, unless my client asks me to use their own trusted systems.

When it comes to paying your invoice, I accept either bank transfers (BACS or SWIFT) or PayPal. If you choose to pay through PayPal, please be aware that the data you provide will be processed by PayPal in accordance with its own privacy policy and data management practices.

All of the data you provide is processed by me directly and stored in the UK. Whenever possible, personal data is stored in electronic rather than paper form, and I take rigorous measures to keep it safe and private.

Files containing personal data (and all documents relating to a translation, editing or proofreading project) are encrypted and stored on password-protected drives to which only I have access. To protect your data from accidental loss, theft or unauthorised access, they are backed up to secure, end-to-end encrypted cloud storage which only I can access, located on servers inside the EU. If personal data must be stored in paper form, it is kept in locked files in my private office.

My emails are all encrypted and stored in secure servers in Switzerland.

I keep emails relating to projects I work on for six years (in order to comply with tax laws and in case of any query or claim relating to the work). After this time, they are securely deleted.

If you send me an enquiry and you don’t ultimately commission work from me, I will keep this information for one year before deleting it. If I contact you to suggest working together, I will keep our correspondence for three years before deleting it. However, you can ask me to delete this information at any time (please see ‘Your Rights’ below).

Under the GDPR, I retain email communication on the lawful grounds of:

a) legal requirement; and/or
b) legitimate interest (a record of recent enquiries helps me communicate with you more effectively in future and stops me from sending the same information twice).

To read more about how I protect your data, please read my full Privacy and Data Security Policy.

You have the right to see any data I hold about you at any time. To do this, just get in touch using the contact details below. After acknowledging receipt of your request, I will provide you with a copy of your data within a maximum of 21 calendar days. If at any point you believe the information I hold on you to be incorrect, you have the right to ask me to amend it. If you would prefer me not to be holding any of your data at all, you can ask me to delete it. Please note that this will not always be possible, as in some cases I need to retain your data to comply with my own legal obligations. Again, I will respond and take the appropriate action within a maximum of 21 calendar days.

If you have asked me to delete all of your personal data, I will need to hold on to your name for the sole purpose of keeping a record of the request. I will not charge you any fee for providing you with a copy of your data, amending your information or deleting it.