Privacy Policy

The Privacy Policy below discloses our practices regarding information collection and usage solely for the web site located at www.angeliclittleones.com (the “Web Site”).

By using or accessing the Web Site, you signify your agreement to be bound by our Privacy Policy. If you do not agree to this Privacy Policy then you may not access or otherwise use this Web Site.

Personally Identifiable Information

Angelic Little Ones does not collect personally identifiable information about you unless you voluntarily submit that information to us through one of our contact pages, by e-mail or other means. The personally identifiable information which you may provide to us could include your name, email address and telephone number.

Non-Personal or Aggregate Information

When you visit the Web Site, we may automatically collect certain non-identifying information about you, such as the type of browser or computer operating system you use or the domain name of the web site from which you linked to us.

Information Usage

We will only use your personally identifiable information as described below, unless you have specifically consented to another type of use, either at the time the personally identifiable information is collected from you or through some other form of consent from you or notification to you:

• We may use your personally identifiable information to respond to your direct

                inquires or to provide you with the services that you have requested.

• We will use your personally identifiable information to add you to our mailing lists and to send you emails from time to time.
• We may permit our vendors and subcontractors to access your personally identifiable information, but they are only permitted to do so in connection with performing services for us. They are not authorized by us to use the information for their own benefit.
• We may disclose personally identifiable information as required by law or legal process.
• We may disclose personally identifiable information to investigate suspected fraud, harassment or other violations of any law, rule or regulation, or the Terms and Conditions for the Web Site.
• We may transfer your personally identifiable information in connection with the sale, merger or change of control of Angelic Little Ones or the division responsible for the services with which your personally identifiable information is associated.

Non-personal or aggregate information may be shared with any number of parties, provided that such information shall not specifically identify you.

Cookies

We may store some information on your computer’s hard drive as a “cookie” or similar type of file. We use this information internally, to help us enhance the efficiency and usefulness of the Web Site and to improve customer service. “Cookies” are pieces of information that may be placed on your computer by a web site for the purpose of facilitating and enhancing your communication and interaction with that web site. We may use cookies to customise your visit to the Web Site and for other purposes to make your visit more convenient or to enable us to enhance our service. You may stop or restrict the placement of cookies on your computer or flush them from your browser by adjusting your web browser preferences.

Security

The security of your information is very important to us. We attempt to provide for the secure storage of your information by utilising generally accepted industry practices. However, due to the inherent open nature of the Internet, we cannot guarantee that communications between you and Angelic Little Ones or information stored on the Web Site or our servers will be free from unauthorised access by third parties such as hackers and your use of the Web Site demonstrates your assumption of this risk. We have put in place reasonable physical, electronic, and managerial procedures to safeguard the information we collect. Only those personnel who need access to your information in order to perform their duties are authorized to have access to your personally identifiable information.

Third-Party Web Sites

As a convenience to you, we may provide links to third party web sites from within the Web Site. We are not responsible for the privacy practices or content of these third party sites, and by providing a link we are not endorsing or promoting such third party sites. When you link away from our Web Site, you do so at your own risk.

Social Media Platforms

The Web Site may contain links to our presence on various social media platforms. We do not operate or control such platforms. You should be aware that personally identifiable information which you voluntarily include and transmit online in a publicly accessible blog, social network or otherwise online may be viewed and used by others. We are unable to control such uses of your personally identifiable information, and by using such services you assume the risk that the personally identifiable information provided by you may be viewed and used by third parties.

Communications with Angelic Little Ones

Any communication or material you transmit to us by email or otherwise, including any data, questions, comments, suggestions, or the like is, and will be treated as, non-confidential and nonproprietary. Except to the extent expressly covered by this policy, anything you transmit or post may be used by us for any purpose, including but not limited to, reproduction, disclosure, transmission, publication, broadcast and posting.

Protection for Children

We do not seek to collect personally identifiable information from children under the age of 13. When we become aware that personal information from a child under 13 has been collected without such child’s parent or guardian’s consent, we will use all reasonable efforts to delete such information from our database.

Privacy Policy Changes

We reserve the right, at our discretion, to change, modify, add, or remove portions from this Privacy Policy at any time. However, if at any time in the future we plan to use personally identifiable information in a way that materially differs from this Privacy Policy, including sharing such information with third parties, we will inform you of such changes and provide you the opportunity to opt-out of such differing uses. Your continued use of the Web Site following the posting of any changes to this policy means you accept such changes.

Terms and Conditions

This Privacy Policy and the use of the Web Site is subject to our Terms & Conditions.

Effective Date

This Privacy Policy was last updated on December 1st, 2020.

Our details

This website is owned and operated by Angelic Little Ones

Angelic Little Ones

88 Winsor Road Halesowen West Midlands B63 4BH

DATA / GDPR

These Angelic Little Ones Data Processing Terms ( “Data Processing Terms”) apply when Angelic Little Ones  and Customer have entered into a Processing Contract that incorporates these terms by reference. Any capitalized terms are either defined herein or have been defined in other applicable Angelic Little Ones terms or policies.

1. Agreement to Process

These Data Processing Terms supplement the Processing Contract and any other agreements and agreed-upon terms or policies between the parties. Collectively, these documents reflect the parties’ agreement to the processing or subprocessing (hereinafter referred to simply as "processing") of Personal Data in connection with the GDPR.

2. Duration of these Data Processing Terms

These Data Processing Terms will take effect on the date Customer executes the Processing Contract and remain in effect until, and automatically expire upon, deletion of all Personal Data by Angelic Little Ones as described in these Data Processing Terms.

3. Application of these Data Processing Terms

3.1 Application of GDPR. These Data Processing Terms will only apply to the extent that the GDPR applies to the processing of Personal Data, including if:

• the processing is in the context of the activities of an establishment of Customer in the EEA; and/or
• Personal Data is personal data relating to data subjects who are in the EEA and the processing relates to the offering to them of goods or services or the monitoring of their behavior in the EEA.

3.2 Application to Processor Services. These Data Processing Terms will only apply to the processor services identified in the Processing Contract and its attachments ("Processing Services").

4. Processing of Data

4.1 Roles and Regulatory Compliance; Authorization.

4.1.1 Processor and Controller Responsibilities. The parties acknowledge and agree that:

• The Processing Contract describes the subject matter and details of the processing of Personal Data;
• EMG Publishing Ltd is a processor of Personal Data under the GDPR;
• Customer is a controller or processor, as applicable, of Personal Data under the GDPR; and
• each party will comply with the obligations applicable to it under the GDPR with respect to the processing of Personal Data.

4.1.2 Consent from Data Subject. Customer warrants that it has obtained and maintained any required consents necessary to permit the processing by Angelic Little Ones of Personal Data relating to End Readers.

4.1.3 Authorization by Third Party Controller. If Customer is a processor, Customer warrants to Angelic Little Ones that Customer’s instructions and actions with respect to Personal Data, including its appointment of Angelic Little Ones as another processor, have been authorised by the relevant controller

4.2 Customer’s Instructions. By entering into these Data Processing Terms, Customer instructs Angelic Little Ones to process Personal Data only in accordance with applicable law: (a) to provide the Processor Services and any related technical support; (b) as further specified via Customer’s use of the Processor Services (including in the settings and other functionality of the Processor Services) and any related technical support; (c) as documented in the Processing Contract, these Data Processing Terms, or any other agreement between the parties; and (d) as further documented in any other written instructions given by Customer and acknowledged by Angelic Little Ones as constituting instructions for purposes of these Data Processing Terms.

4.3 Angelic Little Ones Compliance with Instructions. Angelic Little Ones will comply with the instructions described in Section 4.2 (Customer’s Instructions) (including with regard to data transfers). However, if Angelic Little Ones believes an instruction infringes the GDPR or other Union or Members State data protection provisions, Angelic Little Ones will immediately notify Customer (unless that law prohibits Angelic Little Ones from doing so on important grounds of public interest).

5. Data Deletion

5.1 Deletion During Term

5.1.1  Processor Services With Deletion Functionality. During the Term, if:

• the Angelic Little Ones interface associated with the Processor Services includes the option for Customer to delete Personal Data;
• Customer uses the interface to delete certain Personal Data; and -the deleted Personal Data cannot be recovered by Customer (for example, from the “trash”),

then Angelic Little Ones will delete such Personal Data from its systems as soon as reasonably practicable and within a maximum period of 180 days, unless any laws to which Angelic Little Ones is subject requires storage.

5.1.2 Processor Services Without Deletion Functionality. If the functionality of the Angelic Little Ones interface associated with the Processor Services does not include the option for Customer to delete Personal Data, then Angelic Little Ones will comply with:

• any reasonable request from Customer to facilitate such deletion, insofar as this is possible taking into account the nature and functionality of the Processor Services and unless EU or EU Member State law requires storage

Angelic Little Ones may charge a fee (based on Angelic Little Ones reasonable costs) for any data deletion under Section 5.1.2(a). Angelic Little Ones will provide Customer with further details of any applicable fee, and the basis of its calculation, in advance of any such data deletion.

5.2  Deletion on Term Expiration. On expiration of the Term and discontinuation of the processing services, Angelic Little Ones will, at the choice of Customer, either delete or return all Personal Data (including existing copies) from Angelic Little Ones systems in accordance with applicable law. Given the nature of the Services, Customer is responsible for informing Angelic Little Ones when it has discontinued the processing services, triggering this clause. Angelic Little Ones will comply with this instruction as soon as reasonably practicable and within a maximum period of 180 days, unless EU or EU Member State law requires storage.

5.3  Requests from End Readers. Angelic Little Ones will promptly forward to Customer any requests received from End Readers relating to the deletion or modification of relevant Personal Data.

6. Data Security

6.1 Angelic Little Ones Security Measures and Assistance.

6.1.1 Angelic Little Ones Security Measures. Angelic Little Ones will implement and maintain technical and organizational measures to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access as described in the Security Measures. The Security Measures include measures: (a) to help ensure the ongoing confidentiality, integrity, availability, and resilience of Angelic Little Ones systems and services; (b) to help restore timely access to personal data following an incident; and (c) for regular testing of effectiveness. Angelic Little Ones may update or modify the Security Measures from time to time, provided that such updates and modifications do not result in the degradation of the overall security of the Processor Services.

6.1.2 Security Compliance by Angelic Little Ones Staff. Angelic Little Ones will take appropriate steps to ensure compliance with the Security Measures by its employees, contractors, and Subprocessors to the extent applicable to their scope of performance, including ensuring that all persons authorized to process Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

6.1.3 Angelic Little Ones Security Assistance. Customer agrees that Angelic Little Ones will (taking into account the nature of the processing of Personal Data and the information available to Angelic Little Ones) assist Customer in ensuring compliance with any obligations of Customer in respect of security of personal data and personal data breaches, including (if applicable) Customer’s obligations pursuant to Articles 32 to 34 (inclusive) of the GDPR, by:

• implementing and maintaining the Security Measures in accordance with Section 6.1.1 (Angelic Little Ones Security Measures); and
• complying with the terms of Section 6.2 (Data Incidents).

6.2 Data Incidents.

6.2.1 Incident Notification. If Angelic Little Ones becomes aware of a Data Incident, Angelic Little Ones will notify Customer in accordance with Section 9 of its Security Measures.

6.2.2 Delivery of Notification. Angelic Little Ones will deliver its notification of any Data Incident to the notification email address provided by Customer or, at Angelic Little Ones discretion (including if Customer has not provided a notification email address), by other direct communication (for example, by phone call or an in-person meeting).

6.3 Customer’s Security Responsibilities and Assessment.

6.3.1 Customer’s Security Responsibilities. Customer agrees that, without prejudice to Angelic Little Ones obligations under Sections 6.1 (Angelic Little Ones Security Measures and Assistance) and 6.2 (Data Incidents):

• Customer is solely responsible for its use of the Processor Services, including:
• making appropriate use of the Processor Services to ensure a level of security appropriate to the risk in respect of Personal Data; and
• securing the account authentication credentials, systems, and devices Customer uses to access the Processor Services.
• Angelic Little Ones has no obligation to protect Personal Data that Customer elects to store or transfer outside of Angelic Little Ones and its Subprocessors’ systems.
• Angelic Little Ones has no obligation to protect personal or sensitive data contained within Content generally published through the Service to End Readers using Angelic Little Ones content distribution network.

6.3.2 Customer’s Security Assessment. Customer acknowledges and agrees that (taking into account the state of the art, the costs of implementation, and the nature, scope, context, and purposes of the processing of Personal Data as well as the risks to individuals) the Security Measures implemented and maintained by Angelic Little Ones as set out in Section 6.1.1 (Angelic Little Ones Security Measures) provide a level of security appropriate to the risk in respect of Personal Data.

6.4 Reviews and Audits of Compliance.

6.4.1 Customer’s Audit Rights. Angelic Little Ones will allow Customer or a third party auditor appointed by Customer to conduct audits (including inspections) to verify Angelic Little Ones compliance with its obligations under these Data Processing Terms in accordance with Section 6.4.2 (Additional Business Terms for Audits). Angelic Little Ones will contribute to such audits as described in this Section 6.4 (Reviews and Audits of Compliance). As part of any such audit, Angelic Little Ones will further make available to Customer all information necessary to demonstrate its compliance with the obligations laid down in Article 28 of the GDPR.

6.4.2 Additional Business Terms for Audits.

(a) Customer will send any request for an audit under Section 6.4.1 to Angelic Little Ones as described in Section 11.1 (Contacting Angelic Little Ones).

(b) Following receipt by Angelic Little Onesof a request under Section 6.4.2(a), Angelic Little Onesand Customer will discuss and agree in advance on the reasonable start date, scope and duration of, and security and confidentiality controls applicable to, any audit under Section 6.4.1.

(c) Angelic Little Ones may charge a fee (based on Angelic Little Ones reasonable costs) for any audit under Section 6.4.1. Angelic Little Ones will provide Customer with further details of any applicable fee, and the basis of its calculation, in advance of any such audit. Customer will be responsible for any fees charged by any third party auditor appointed by Customer to execute any such audit.

(d) Angelic Little Ones may object to any third party auditor appointed by Customer to conduct any audit under Section 6.4.1 if the auditor is, in Angelic Little Ones reasonable opinion, not suitably qualified or independent, a competitor of Angelic Little Ones, or otherwise manifestly unsuitable. Any such objection by Angelic Little Ones will require Customer to appoint another auditor or conduct the audit itself.

(e) Nothing in these Data Processing Terms will require Angelic Little Ones either to disclose to Customer or its third party auditor, or to allow Customer or its third party auditor to access:

• any data of any other customers of Angelic Little Ones;
• any Angelic Little Ones internal accounting or financial information;
• any trade secret of Angelic Little Ones;
• any information that, in Angelic Little Ones reasonable opinion, could: (a) compromise the security of any Angelic Little Ones systems or premises; or (b) cause Angelic Little Ones to breach its obligations under the GDPR or its security and/or privacy obligations to Customer or any third party; or
• any information that Customer or its third party auditor seeks to access for any reason other than the good faith fulfillment of Customer’s obligations under the GDPR.

7. Impact Assessments and Consultations

7.1  Angelic Little Ones Assistance. Customer agrees that Angelic Little Ones will (taking into account the nature of the processing and the information available to Angelic Little Ones) assist Customer in ensuring compliance with any obligations of Customer in respect of data protection impact assessments and prior consultation, including (if applicable) Customer’s obligations pursuant to Articles 35 and 36 of the GDPR, by:

• providing the information contained in these Data Processing Terms; and
• providing or otherwise making available, in accordance with Angelic Little Ones standard practices, other materials concerning the nature of the Processor Services and the processing of Personal Data (for example, help center materials).

7.2  Reasonable Fee. Angelic Little Ones may charge a fee (based on Angelic Little Ones reasonable costs) for any assistance under Section 7.1. Angelic Little Ones will provide Customer with further details of any applicable fee, and the basis of its calculation, in advance of any such assistance.

8. Data Subject Rights

8.1 Responses to Data Subject Requests. If Angelic Little Ones receives a request from a data subject in relation to Personal Data, Angelic Little Ones will advise the data subject to submit his/her request to Customer, and Customer will be responsible for responding to such request.

8.2 Angelic Little Ones Data Subject Request Assistance. Customer agrees that Angelic Little Ones will (taking into account the nature of the processing of Personal Data and, if applicable, Article 11 of the GDPR) assist Customer in fulfilling any obligation of Customer to respond to requests by data subjects, including (if applicable) Customer’s obligation to respond to requests for exercising the data subject’s rights laid down in Chapter III of the GDPR, by:

• providing the functionality of the Processor Services;
• complying with the commitments set out in Section 8.1 (Responses to Data Subject Requests).

9. Data Transfers

9.1 Data Storage and Processing Facilities. Except for Personal Data covered by Angelic Little Ones GDPR or EEA-Only Data Processing Addendum addressed in Section 9.2, Customer agrees that EMG Publishing Ltd may store and process Personal Data in any country in which Angelic Little Ones has clients.

9.2 EEA-Only Data Processing. If Customer has executed a Angelic Little Ones EEA-Only GDPR Data Processing Addendum, certain Personal Data relating to End Readers will be collected, stored, and processed only in the EEA, using Angelic Little Ones infrastructure and personnel located in the EEA, and avoid an international transfer of End Reader Data.

9.3 Data Center Information. Information about the locations of Angelic Little Ones Data Centers is available in Angelic Little Ones Security Measures.

10. Subprocessors

10.1 Consent to Subprocessor Engagement. Customer authorizes Angelic Little Ones to engage Subprocessors, as generally described in the Security Measures, to assist in processing Personal Data (“Subprocessors”).

10.2 Requirements for Subprocessor Engagement. When engaging any Subprocessor, Angelic Little Oneswill:

• ensure via a written contract that:
• the Subprocessor only accesses and uses Personal Data to the extent required to perform the obligations subcontracted to it, and does so in accordance with the Processing Contract (including these Data Processing Terms); and
• if the GDPR applies to the processing of Personal Data, the data protection obligations set out in Article 28(3) of the GDPR are imposed on the Subprocessor.
• remain fully liable for all obligations subcontracted to, and all acts and omissions of, the Subprocessor.

10.3 Opportunity to Object to Subprocessor Changes.

• When any new Subprocessor is engaged during the Term, Angelic Little Ones will, at least 30 days before the new Subprocessor processes any Personal Data, inform Customer of the engagement (including the name and location of the relevant subprocessor and the activities it will perform).
• Customer may object to any new Subprocessor by terminating the Processing Contract immediately upon written notice to Angelic Little Ones, on condition that Customer provides such notice within 90 days of being informed of the engagement of the new Subprocessor as described in Section 11.3(a). This termination right is Customer’s sole and exclusive remedy if Customer objects to any new Subprocessor.

11. Contacting EMG Publishing Ltd; Processing Records

11.1 Contacting Angelic Little Ones. Customer may contact Angelic Little Ones in relation to the exercise of its rights under the Processing Contract or these Data Processing Terms via the below contact information or via such other means as may be provided by Angelic Little Ones from time to time.

11.2 Angelic Little Ones Processing Records. Customer acknowledges that Angelic Little Onesis required under the GDPR to: (a) collect and maintain records of certain information, including the name and contact details of each processor and/or controller on behalf of which Angelic Little Ones is acting and (if applicable) of such processor’s or controller's local representative and data protection officer; and (b) make such information available to the supervisory authorities. Accordingly, Customer will, where requested and as applicable to Customer, provide such information to Angelic Little Ones via the user interface of the Processor Services or via such other means as may be provided by Angelic Little Ones, and will use such user interface or other means to ensure that all information provided is kept accurate and up-to-date.

12. Liability

The total liability of the parties under or in connection with these Data Processing Terms will be subject to the exclusions and limitations of liability in the Agreement.

13. Changes to these Data Processing Terms

13.1 Changes to Data Processing Terms. Angelic Little Ones may change these Data Processing Terms if the change:

• is expressly permitted by these Data Processing Terms;
• reflects a change in the name or form of a legal entity;
• is required to comply with applicable law, applicable regulation, a court order, or guidance issued by a governmental regulator or agency; or
• does not: (i) result in a degradation of the overall security of the Processor Services; (ii) expand the scope of, or remove any restrictions on, Angelic Little Ones processing of Personal Data, as described in Section 4.3 (Angelic Little Ones Compliance with Instructions); and (iii) otherwise have a material adverse impact on Customer’s rights under these Data Processing Terms, as reasonably determined by Angelic Little Ones

13.2 Notification of Changes. If Angelic Little Onesintends to change these Data Processing Terms under Section 13.1(c) or (d)Angelic Little Ones will inform Customer at least 30 days (or such shorter period as may be required to comply with applicable law, applicable regulation, a court order, or guidance issued by a governmental regulator or agency) before the change will take effect by either: (a) sending an email to the notification email address; or (b) alerting Customer via the user interface for the Processor Services. If Customer objects to any such change, Customer may terminate the Processing Contract by giving written notice to Angelic Little Ones within 90 days of being informed by Angelic Little Ones of the change. 

The General Data Protection Regulation, or “Regulation (EU) 2016/679”, became law on 27 April 2016, but businesses were given just over 2 years to become compliant. Therefore, GDPR will be enforceable as of 25 May 2018.

GDPR applies to processing of data of EU subjects.

Data controller means the organisation that determines the purposes for which, and the manner in which any personal data are, or are to be, processed. Angelic Little Ones (‘we’) is the data controller of all personal data used in our business for our own commercial purposes.
 

Processing of data means any set of operations performed on personal data including collection and storage, and contacting. Data means information stored electronically or in certain paper-based filing systems.
 

Personal data is any data that identifies an individual person, not generic company data.

In preparation for GDPR, Angelic Little Ones acknowledges its responsibility to develop and maintain business-wide awareness of the rights of individuals to be empowered and protected in terms of data privacy.

We have consulted broadly and implemented processes, procedures and training to ensure that a legal basis for the processing of personal data underpins all business practices at Angelic Little Ones

We recognise that there are some circumstances in which personal data may be processed and that the GDPR clarifies the responsibilities of companies as far as the processing (collection, storage, maintenance and use) of personal data is concerned.

Angelic Little Ones is actively working on its strategy in relation to data protection, and considers this to be an ongoing endeavour that will continue to be operational beyond the enforcement date of 25 May 2018. We will continually strive to ensure that personal data privacy is embedded as routine practice on a perpetual basis.

Angelic Little Ones has undertaken to ensure that all staff receive training in the concepts and requirements of data protection law. Staff will be expected to embrace the ethos of data protection law and to adopt practices in the workplace that reflect the company’s commitment to ensuring that the rights of individuals are respected and protected at all times.

Angelic Little Ones internal policy for data protection requires any products, services or systems adopted by the company (relating in any way to the processing of personal data) to undergo an assessment to establish that they do not contravene the company’s policies to maintain compliance with the GDPR. We also strive to ensure that our suppliers, where relevant (for example, mailing and fulfilment businesses), have appropriate policies in place to safeguard personal data and that the data is transferred securely.

Angelic Little Ones has implemented training and processes to enable staff to recognise and respond to Data Subject Access Requests (‘SARs’). We have also reviewed our current work processes and records in detail, before 25 May 2018, to be sure existing consents meet the GDPR standard.