11 Greenroyd Court,
Sutton In Craven,
England, BD20 7NY
Tel: 0113 328 0606
Company number 09526314
Information Collection and Use
UK-Bright-Ideas LTD is the sole owner of the information collected on this site. We will not sell, share, or rent this information to others in ways different from what is disclosed in this statement. UK-Bright-Ideas LTD collects information from our users at a number of different points depending on how you use and interact with our website.
Log File Analytics & Google Analytics
Our web server records IP addresses and writes these to log files that allow us to analyse visitor numbers on this website, track user’s movement around the website and from page to page, we use this information to see how visitors use and interact with our website.
Google Analytics is implemented on this website and collects various data points from visitors to the website. IP Addresses are used to distinguish visitor numbers to the website. Google Analytics will record the country you access this website from using your IP Address. Data gathered by Google Analytics allows us to analyse visitor numbers on this website, track user’s movement around the website and from page to page, we use this information see how visitors use and interact with our website. Google Analytics data is stored for a period of 26 months which allows us to build a year upon year picture of visitor numbers to our website.
Data gathered by Google Analytics may be stored outside of the European Union in line with its undertakings through the EU-US Privacy Shield Program. Further information can be found at https://policies.google.com/privacy/frameworks?hl=en&gl=de
You can find out more about Google’s position on privacy as regards its analytics service at https://support.google.com/analytics/answer/6004245?hl=en-GB
Contact Form & Email Submissions
If you submit an enquiry through our contact form or via email, that enquiry will be emailed to a mailbox monitored by employees of UK-Bright-Ideas LTD, the email is then stored securely on our email server which enables us to respond to your enquiry.
Your enquiry may be forwarded to one or multiple mailboxes within UK-Bright-Ideas LTD to ensure it is dealt with and acted upon by the apprioriate person. If you submit an enquiry through our contact form or via email a copy of that message will be stored on our web server and will be deleted after 14 days or once the enquiry is effectively dealt with.
This website utilises SSL encryption. Secure Sockets Layer (SSL) is a standard security technology for establishing an encrypted link between a server and a client—typically a web server (website) and a browser, or a mail server and a mail client (e.g., Outlook).
SSL allows sensitive information such as credit card numbers, social security numbers, and login credentials to be transmitted securely.
This website is backed up on a regular basis for security and disaster recovery purposes. The backups are stored securely with Dropbox. Dropbox may store these backups outside of the European Union in line with its undertakings through the EU-US Privacy Shield Program. Further information can be found at https://www.dropbox.com/privacy
Website backups will be stored for a maximum of 30 days before being deleted.
Services & Contracts
When you order a product with UK-Bright-Ideas LTD, the company or individual details provided to us will be entered in to our accounting system. The details entered are Company or Individual Name, Contact Name, Contact Address, Contact Email Address.
It is important to note that accounting records relating to orders for products placed with UK-Bright-Ideas LTD will be stored for a period in line with U.K. tax and accounting regulations. This period is set by the U.K. Government and is currently 6 years, or longer if the records show a transaction that covers more than one accounting period.
Links to other websites
This website contains links to other websites. Please be aware that UK-Bright-Ideas LTD is not responsible for the privacy practices of such other websites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every website that collects information. This privacy statement applies solely to information collected by this website.
Embedded content from other websites
Notification of Changes
Accessing & Updating Your Information
You have the right to access, update and delete your personal information. You retain all rights to your personal information and data and can access it at anytime. UK-Bright-Ideas LTD will take reasonable steps to allow you to correct, amend, delete, or limit the use of your personal information.
If you would like to access your personal data or know what data UK-Bright-Ideas LTD holds about you, please contact us using the details below:
Phone: 0113 328 0606
Write to us at:
11 Greenroyd Court,
Sutton In Craven,
England, BD20 7NY
We aim to acknowledge data access requests within five working days of receipt. We aim to fully respond to access requests within 30 days.
Credit Card Security Policies
PCI DSS 3.0
Version 1.0 – 07/04/2016
This document is the property of UK-Bright-Ideas LTD; it contains information that is proprietary, confidential, or otherwise restricted from disclosure. If you are not an authorized recipient, please return this document to the above-named owner. Dissemination, distribution, copying or use of this document in whole or in part by anyone other than the intended recipient is strictly prohibited without prior written permission of UK-Bright-Ideas LTD.
|Initial Publication||Christopher McLean||07/04/2016|
This document explains UK-Bright-Ideas LTD’s credit card security requirements as required by the Payment Card Industry Data Security Standard (PCI DSS) Program. UK-Bright-Ideas LTD management is committed to these security policies to protect information utilized by UK-Bright-Ideas LTD in attaining its business goals. All employees are required to adhere to the policies described within this document.
Scope of Compliance
The PCI requirements apply to all systems that store, process, or transmit cardholder data. Currently, UK-Bright-Ideas LTD does not store cardholder data in electronic format, nor does it process or transmit any cardholder data on their systems or premises. Retention of cardholder data, if any, shall be limited to paper reports or receipts.
Due to the limited nature of the in-scope environment, this document is intended to meet the PCI requirements as defined in Self-Assessment Questionnaire (SAQ) A, ver. 3.0, released February, 2014. Should UK-Bright-Ideas LTD implement additional acceptance channels, begin storing, processing, or transmitting cardholder data in electronic format, or otherwise become ineligible to validate compliance under SAQ A, it will be the responsibility of UK-Bright-Ideas LTD to determine the appropriate compliance criteria and implement additional policies and controls as needed.
Requirement 9: Restrict Physical Access to Cardholder Data
Physically Secure all Media Containing Cardholder Data
Hard copy materials containing confidential or sensitive information (e.g., paper receipts, paper reports, faxes, etc.) are subject to the following storage guidelines:
All media must be physically secured. (PCI requirement 9.5)
Strict control must be maintained over the internal or external distribution of any kind of media containing cardholder data. These controls shall include: (PCI requirement 9.6)
Media must be classified so the sensitivity of the data can be determined. (PCI Requirement 9.6.1)
Media must be sent by a secure carrier or other delivery method that can be accurately tracked. (PCI Requirement 9.6.2)
Any transfer of media must be explicitly approved by an appropriate member of management. (PCI Requirement 9.6.3)
Strict control must be maintained over the storage and accessibility of media containing cardholder data. (PCI Requirement 9.7)
Destruction of Data
All media containing cardholder data must be destroyed when no longer needed for business or legal reasons. (PCI requirement 9.8)
Hardcopy media must be destroyed by shredding, incineration or pulping so that cardholder data cannot be reconstructed. Any container storing information prior to destruction must be secured (locked) to prevent unauthorized access to the contents. (PCI requirement 9.8.1)
Requirement 12: Maintain a Policy that Addresses Information Security for Employees and Contractors
UK-Bright-Ideas LTD shall implement and maintain policies and procedures to manage service providers. (PCI requirement 12.8)
This process must include the following:
- Maintain a list of service providers (PCI requirement 12.8.1)
- Maintain a written agreement that includes an acknowledgement that the service providers are responsible for the security of the cardholder data the service providers possess (PCI requirement 12.8.2)
- Implement a process to perform proper due diligence prior to engaging a service provider (PCI requirement 12.8.3)
- Monitor service providers’ PCI DSS compliance status (PCI requirement 12.8.4)
- Maintain information about which PCI DSS requirements are managed by each service provider, and which are managed by the entity. (PCI requirement 12.8.5)