Important Information!

This page contains important information regarding the website Disclaimer, Data Protection and Privacy Policies for The Changing Man and Jumping Joint Ltd.

Download

The Changing Man

Download The Changing Man Data Protection and Privacy Policy information.

Download Now

Download

Jumping Joint Ltd.

Download Jumping Joint Ltd. Data Protection and Privacy Policy information.

Download Now

Any Questions?

Need clarification?

Confidentiality and privacy is most important – we are always available to help you.

Contact Us
Disclaimer
The Changing Man
Jumping Joint Ltd

IMPORTANT NOTICE:

COMPLEMENTARY CLINICAL PSYCHOTHERAPY AND HYPNOTHERAPY

Hypnosis, psychotherapy and counselling interventions are evidence based and are offered as complementary to orthodox medical advice. They are designed to work with and not instead of conventional medical treatment. Hypnosis will help stimulate your body and mind’s own natural healing and problem solving capacities.

Quentin receives regular clinical supervision for work with clients and is committed to continuous professional development. He is a member of the UK Association for Humanistic Psychology Practitioners and adheres to their ethical code and UKAHPP being a member of the Humanistic section of the United Kingdom Council for Psychotherapy to the UKCP code of ethics copies of which are available on their web sites or on request.

ALWAYS CONSULT YOUR DOCTOR FOR MEDICAL ADVICE

The Changing Man Data Protection and Privacy Policy

1. Summary and Overview
The Changing Man is a trading name and brand of Jumping Joint Ltd. This policy specifically
applies to counselling, therapy and coaching clients. For other interactions with Jumping
Joint brands please see the Jumping Joint Ltd Data Protection and Privacy Policy which will
be attached with this notice and available on their website at www.jumpingjoint.co.uk.
That policy also applies to contact via our brand website www.thechangingman.co.uk and
that contact is NOT covered here. For therapy and counselling clients where this document
varies from the policy of the generic Jumping Joint Data Protection and Privacy Policy this
document takes precedence. Where an area is not covered the generic Jumping Joint Data
Protection and Privacy Policy applies.

We try to keep our policy for clients as simple as possible however there are many areas to
cover. Our policy of confidentiality and privacy or clients will be presented in the first
assessment session and subsequently we will ask for your specific verbal consent and where
possible your written consent in the form of the therapeutic and business contracts.
Specifically, that covers the following:

All face to face sessions for young people and children (under 18) will be recorded. These
recordings will be stored securely and will only be played in the following circumstances:

1. When reviewing your treatment planning and case notes
2. For use in supervision where you would only be identified by your first name or a
pseudonym.
3. For use in assessment of professional development such as examination or approval
by a professional association such as the BACP. You again will only be identified by
your first name or a pseudonym.

All information from the sessions is confidential however we require the right to break that confidentiality:

1. As part of the supervision that our therapists and counsellors are required to
undertake by their contract with a professional associations (e.g. HIPS:UKCP). If used
for this purpose you will only be identified by your first name or an initial. This
supervision may include work in fulfilling accreditation criteria
2. If you give us any information that seemed to the therapist or counsellor to indicate
an immediate threat to your life or health or anybody else’s. We reserve the right to
report that information to your GP or to the police. We will only use this facility as a
last resort if we judge there is no other practical way to avoid these outcomes.
3. For use in assessment of professional development such as examination or approval
by a professional association such as the BACP. You again will only be identified by
your first name or a pseudonym.

You undertake that during the sessions you will not commit physical harm against yourself
or your therapist or cause damage to the room, fittings or furniture.
You agree not to come to any session while under the influence of alcohol or non-prescribed
drugs.

If these conditions are breached or are not acceptable then the counselling contract may be
immediately terminated and any breach reported to the appropriate authorities. Please see
also the section on Objectionable Content.

In summary our data protection and privacy policy is as follows:
We do not share any personal information we collect on you with any organisations or
individuals other than those agreed with you and for the successful provision of the services
that we are engaged for, e.g. premises and providers of therapy rooms, supervisors, etc.
We keep all information you provide to us completely confidential, no matter how or why
you provide it.

Only those employees and contractors we specifically employ with relevant business duties
may access personal information, and only to perform their duties. They are strictly
prohibited from any other use. For example, disclosure of information to a supervisor,
ethical governing body or insurer following a complaint.

No personal information will be provided to any third party, except when we are required to
do so by law or that you have permitted us to do so in writing or by e-mail.

We never use client data for marketing purposes however if you sign up via one of our
websites or company social media sites we may not be aware of you doing so and that sign
up is at your own risk and under the terms governed in the accompanying policy. We will
never knowingly accept requests for personal contact via email or social media, e.g.
individuals will never accept a Facebook friend request from a current or former client.

We are committed to complying with EU and U.K. data protection laws to the extent that
they apply to our use of personal information.

You have the right to ask us for a copy of your personal data. Requests must be submitted
in writing.

We currently retain data for 7 (seven) years from the date of last contact with a client or last
session whichever is later. This is to comply with:
– Company law for accounting etc (HMRC)
– Terms and conditions of our insurers (currently Towergate)
– Conditions of our ethical body (currently UK Association of Humanistic Psychology
Practitioners)

In case you would like to exercise any of your GDPR related rights (the right to access,
rectification, erasure, restriction of processing and right to data portability) please contact
us via email or contact us form that can be found on Contact us page on our website.

You have the right to lodge a complaint with the supervisory authority.

We do not use client data for marketing purposes in any circumstances.

On our website (www.thechangingman.co.uk ) we use a server-based log to collect
anonymous information about our website visitors. This data is only used to generate
statistical charts and will not be used in any other way.

By using the site, you have given us consent to use cookies.

Cookies are small text files that are stored on your computer when you visit a website. They
are mainly used as a way of improving the website functionalities or to provide more
advanced statistical data.

Our website uses Google Analytics which relies on cookies to generate more advanced
visitor charts and data mining reports. Similarly, to our server-based logs, Google Analytics
collects anonymous information that will not be used to identify our website visitors.

We will post any changes to this policy on our website. Those changes will then apply to any
future use by you of our website. In addition, we will contact current clients directly to
advise of these changes.

The policy in detail is set out in more detail in the sections immediately following FAQ’s.

2. Frequently Asked Questions
How do you consent to these terms?
By providing us with your personal data you are agreeing for us to use the information
received for the purposes of delivery therapy, counselling or coaching services to you and to
fulfil our legal obligations to certain third-parties such as but not limited to our insurers and
ethical governing body.

Who controls your personal data?
For the purposes of controlling your data Jumping Joint Ltd control the storage, sharing and
deleting of your data. However, we do use third party cloud services which are fully
encrypted and conform to GDPRs. Where therapy sessions take place via online services
such as video or messaging we will only use secure end-to-end encrypted services such as
Zoom, VSee and WhatsApp.

Who does this privacy policy apply to?
This privacy policy applies to all clients who engage us to supply therapeutic services.

What personal data do we collect and why?
Personal data means any information provided by you to us which we use for the purposes
of identification and satisfying your therapy needs which are contracted to explicitly in a
session or under the terms of disclosure agreed at the stage of therapy.

Do we use cookies?
Yes, we use cookies when you visit our website, like most websites, to provide you with the
best experience but it is always possible to disable these via your browser cookie settings.

What are cookies?
When you visit our website, our server sends and stores a unique identifier called a cookie
on your device. These are cookies allow us to distinguish you from other users and tailor
content to you. The cookies we use do not hold any personal data about you.

Where do we store your personal data?
All clients have their personal data stored electronically on secure servers that are password
protected. This is periodically archived to mobile storage such as CD, external hard drives or
and removed from the source machine. Clients who have finished therapy, i.e., have an
agreed end date, will have their data archived at the next scheduled opportunity, roughly
every 3 to 4 months. All client data is held using a reference number assigned at the start of
therapy and there is a single point of cross reference to that number and the client name
held in a password protected spreadsheet on a single server (though this is periodically
backed up to prevent data loss).

All mobile data storage units are held in a locked and secure cabinet to which only
authorised personnel have a key.

We do hold some records in paper form such as business and therapy contracts or an intake
questionnaire. Again these are held in a locked and secure cabinet to which only authorised
personnel have a key.

Email accounts containing contact data are password protected and these passwords
changed periodically and only held by authorised personnel.

How long will we retain your personal data?
Your personal data will be retained whilst you are a client of The Changing Man. Once this
ceases to be the case we will return or delete any data held within the legal time frames
applied by GDPRs or seven years or as required by legal bodies and our insurers to whom we
are accountable.

How is your data protected?
Your data is protected by us in physical form and electronically by our third-party cloud
account and software suppliers who have provided us with GDPRs statements.

What are your rights in relation to your personal data?
Your personal data is yours and you can ask us to allow you to view this at any time by
applying in writing or by email to info@thechangingman.co.uk or 5 Nutgrove Avenue,
Bristol, BS3 4QE marking your correspondence FOR THE URGENT ATTENTION OF THE DATA
CONTROLLER.

What happens if your personal data is compromised?
We always strive to be transparent with you so if we notice or are made aware that your
personal data is compromised we will notify you within 48 hours by email or telephone.

Will we notify of any changes to the privacy policy?
Yes, by email or during a scheduled session. Your continued use of our services after we
publish or send a notice to you means that you are consenting to the updated privacy policy.
We will not notify you of changes once you have ceased to be a client to respect your
privacy, however we will post any changes to this policy on our website, so we recommend
that you make periodic checks.

Is there a specific policy on the data of children (i.e. clients under the age of 18)?
Please see the section on Children in paragraph 3.

3. Data Held
Personal identification information
Clients submit data to us when engaging their therapist for sessions. This data must include Name.
Address, Contract Details and Doctor’s Name and Address (or Surgery Name) in order for us to be
able to carry out our ethical and legal obligations. Other data is collected as required during the
sessions for the purposes of contact about therapy or in support of the therapy. This may include a
questionnaire and does include the contract for business and for therapy. Notes may be made on
sessions held and these will only identify the client by their unique identification code allocated at
the start of the contract.

Non-personal identification information
We may collect non-personal identification information about clients which is used for business
analysis purposes or statistics that are required of us from time to time by our professional bodies in
support of accreditation or other membership issues.

Children
Normally contact will have been made through a parent or guardian and in those cases
specific consent will have been obtained to process data on the child or young adult,
including recordings of the session to protect both the therapist and the young person. In
rare cases a young person or child will make contact directly. This maybe because of
specific issues with the parents or guardian, including safe guarding.

Young people and children also have a right to privacy under the law and if they specifically
request it we will not contact the parent or guardian providing we consider the young client
to be Gillick Competent . This will usually be the case for all young people of secondary age
however it assessed on each individual case and may be overridden if there is a specific
safeguarding issue or there is a learning difficulty or disability that prevents the young client
making their own decisions.

4. Retention and Transfer of Data
In accordance with data protection laws and good commercial practice, we do not retain data in a
form that permits identification of the person(s) to whom it relates for any longer than is necessary.
Once the purpose for which information has been collected has been fulfilled, which is usually 7
(seven) years from the finish date of therapy. We will either permanently delete your personal
information or remove all identifiers within it so that it is no longer personal data. We may use such
anonymised data for research and/or business analysis purposes.

Where we obtain your personal data in relation to the use or purchase of our services or products,
or invoicing information, we are obligated by law to keep this for a minimum of 6 years.

International Data Transfers
Our servers are located in the European Union and the information that we collect directly from you
will be stored on these servers. We may also transfer your personal data to our third-party service
providers, many of whom may be located outside of the EU, operate from multiple locations
including non-EU based operations or engage sub-processors located outside the EU.

There are agreements in place to ensure that any international transfers of personal data to our
affiliates or third-party service providers have appropriate safeguards that meet the requirements of
EU data protection laws.

Such appropriate safeguards may include standard data protection clauses adopted by a data
protection regulator and approved by the European Commission, such as the European
Commission’s standard contractual clauses. Alternatively, where personal data is transferred to the
US, many of those US third party service providers are certified under the EU-US Privacy Shield
framework approved by the European Commission.

To find out more about the standard contractual clauses, please visit:
https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/modelcontracts-
transfer-personal-data-third-countries_en
To find out more about the EU-US Privacy Shield certification, please visit:
https://www.privacyshield.gov/Program-Overview

5. Web sites and browser cookies
Please see the Jumping Joint Ltd privacy and data protection policy on website use.

6. How we use collected information
We only use your personal identification data in support or providing the contracted therapy and
once that has ceased we will no longer use it. Non-personal data may be used for business analysis,
statistics and reporting.

We never use client data for marketing purposes.

7. Objectionable Content
If you send us objectionable content or behave in a disruptive manner when using our services, we
may process any personal information that you have submitted to us, including in your personal
messages, to respond to and stop such behaviour.

Purpose of the processing and legal basis for the processing
We will only process personal information in this way for the following legitimate interests:
– Ensuring that the use of our services is lawful and according to the therapeutic and business
contracts agreed;
– Ensuring that users do not disrupt or harass our staff, clients or other personnel such as
supervisors; and
– Enforcing our legal rights and complying with our legal obligations.

Who is this information shared with?
Where we reasonably believe that you are or may be in breach of the law (i.e the content you send
amounts to harassment or is defamatory), we may use your personal information to inform relevant
third parties about the content, such as:
– Your email or internet provider; or
– Law enforcement agencies.
Where we process personal information in this way, we will hold that personal information on our
systems for as long as is reasonably necessary to achieve these objectives.

8. How we protect your information
We adopt appropriate data collection, storage and processing practices and security measures to
protect against unauthorised access, alteration, disclosure or destruction of your personal
information, username, password, transaction information and data stored at our premises and on
our servers..

9. Sharing your personal information
We do not sell, trade, or rent Users’ personal identification information to others. We may share
generic aggregated demographic information not linked to any personal identification information
regarding clients with our business partners, trusted affiliates and professional bodies for the
purposes outlined above and below. We may use third party service providers to help us operate our
business and the Site or administer activities on our behalf, but your data will never be shared with
them. In some instances, this data sharing may involve the transfer of information outside the EU.

International Data Transfers
Our servers are located in the European Union and the information that we collect directly from you
will be stored on these servers. We may also transfer your personal data to our third-party service
providers, many of whom may be located outside of the EU, operate from multiple locations
including non-EU based operations or engage sub-processors located outside the EU.

There are agreements in place to ensure that any international transfers of personal data to our
affiliates or third-party service providers have appropriate safeguards that meet the requirements of
EU data protection laws.

Such appropriate safeguards may include standard data protection clauses adopted by a data
protection regulator and approved by the European Commission, such as the European
Commission’s standard contractual clauses. Alternatively, where personal data is transferred to the
US, many of those US third party service providers are certified under the EU-US Privacy Shield
framework approved by the European Commission.

To find out more about the standard contractual clauses, please visit:
https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/modelcontracts-
transfer-personal-data-third-countries_en

To find out more about the EU-US Privacy Shield certification, please visit:
https://www.privacyshield.gov/Program-Overview

10. Our Social Media Pages
We will never initiate contact via our Social Media Pages and therapists will never accept contact via
social media unless for specific purposes agreed during therapy and as part of the therapeutic
contract from current or former clients. Clients may choose to follow social media business pages
via Facebook, Twitter or Linked In however where we become aware of that we will terminate the
contact or get explicit permission from a supervisor and the former or current client.

11. Changes to this privacy policy
Jumping Joint Limited and The Changing Man have the discretion to update this privacy policy at any
time. We will email current and active clients regarding the change. Clients who have finished
therapy are encouraged to visit the relevant policy on our website so that they may stay informed
about how we are helping to protect the personal information we collect. You acknowledge and
agree that it is your responsibility to review this privacy policy periodically and become aware of
modifications.

Jumping Joint Ltd Data Protection and Privacy Policy

1. Overview
SongSmith, No Prima Donnas, The Changing Man, Songs of Katrina and The Genius of David Bowie
are trading and brand names of Jumping Joint Ltd . Jumping Joint Ltd is registered under the
UK’s Data Protection Act 1998 with reference A8343720.

Jumping Joint Ltd are committed to complying with the General Data Protection Regulation (GDPR)
and the Data Protection Act 2018.

This Privacy Policy governs the way Jumping Joint Ltd, uses, maintains and discloses information
collected from customers, who purchase goods and services from us, and users (both ‘Customers)’
of the Jumping Joint website (“Site”) . This privacy policy applies to the Site and all products and
services offered by Jumping Joint Ltd except for current therapy and coaching clients of The
Changing Man. That policy is available via The Changing Man website (see below) and is sent to all
current and new clients.

This privacy policy explains how we will process the data relating to you that you provide to us (or
that we may collect) when you visit our website at www.jumpingjoint.co.uk (Website), or at events,
or via email and applies to all the trading brands of Jumping Joint Ltd and their websites, including:

Jumping Joint Limited and SongSmith (www.jumpingjoint.co.uk)

SongSmith Studios (www.songsmithstudios.co.uk and www.songsmithstudios.com ) currently
inactive.

Songs of Katrina (www.songsofkatrina.com and songsofkatrina.co.uk )

No Prima Donnas (www.noprimadonnas.co.uk and noprimadonnas.com )

The Changing Man (www.thechangingman.co.uk and www.thechangingman.com )

The Angel’s’Share (no current website)

The Genuis of David Bowie (www.godbowie.co.uk) – currently under construction

Together, these make up the Jumping Joint trading websites and brands.

The Websites are operated by Jumping Joint Limited (we, us, our, Jumping Joint), a company
incorporated in England & Wales with registered company number 06455114 and registered office
at 5 Nutgrove Avenue, Bristol, BS3 4QE. Where we decide the purpose or means for the processing
of the personal data that you provide via our Website, we are the “data controller”. As data
controller, we will comply with all applicable data protection laws.

2. Data Held
Personal identification information
We may collect personal identification information from Customers in a variety of ways, including,
but not limited to, when Customers visit our web sites, place an order, subscribe to our newsletters,
respond to a survey, fill out a form, and in connection with other activities, services, features or
resources we make available on our Site or at events. Customers may be asked for, as appropriate,
name, town/city location, and email address. Customers may, however, visit our Site anonymously.
We will collect personal identification information from Customers only if they voluntarily submit
such information to us. Customers can always refuse to supply personally identification information,
except that it may prevent them from engaging in certain Site related activities or the supply of
some services and products.

Non-personal identification information
We may collect non-personal identification information about Customers whenever they interact
with our Site. Non-personal identification information may include the browser name, the type of
computer and technical information about Customers’ means of connection to our Site, such as the
operating system, browser type, IP address, the Internet service providers utilised and other similar
information.

3. Retention and Transfer of Data
In accordance with data protection laws and good commercial practice, we do not retain data in a
form that permits identification of the person(s) to whom it relates for any longer than is necessary.
Once the purpose for which information has been collected has been fulfilled, we will either
permanently delete your personal information or remove all identifiers within it so that it is no
longer personal data. We may use such anonymised data for research and/or business analysis
purposes.

Where you have provided us with personal information to set up an account with us, we will retain
those details for as long as your account remains active.

Where you have signed up to our mailing list, we will retain your details for as long as you remain on
that list. If you unsubscribe, we will remove your details from the list.

Where we obtain your personal data in relation to the use or purchase of our services or products,
including VAT or invoicing information, we are obligated by law to keep this for a minimum of 6
years.
If you would like us to stop using your personal information or restrict its use, please contact us at
jumpingjoint@gmail.com or write to 5 Nutgrove Avenue, Bristol, BS3 4QE marking your
communication for the urgent attention of the data controller.

Our servers are in the European Union and the information that we collect directly from you will be
stored on these servers. We may also transfer your personal data to our third-party service
providers, many of whom may be located outside of the EU, operate from multiple locations
including non-EU based operations or engage sub-processors located outside the EU.

There are agreements in place to ensure that any international transfers of personal data to our
affiliates or third-party service providers have appropriate safeguards that meet the requirements of
EU data protection laws.

Such appropriate safeguards may include standard data protection clauses adopted by a data
protection regulator and approved by the European Commission, such as the European
Commission’s standard contractual clauses. Alternatively, where personal data is transferred to the
US, many of those US third party service providers are certified under the EU-US Privacy Shield
framework approved by the European Commission.

To find out more about the standard contractual clauses, please visit:

https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/modelcontracts-
transfer-personal-data-third-countries_en

To find out more about the EU-US Privacy Shield certification, please visit:
https://www.privacyshield.gov/Program-Overview

4. Web sites and browser cookies
Our Site may use “cookies” to enhance User experience. Customers’ web browsers place cookies on
their hard drive for record-keeping purposes and sometimes to track information about them. A
User may choose to set their web browser to refuse cookies, or to alert the User when cookies are
being sent. If they do so, note that some parts of the Site may not function properly. You can read
more about cookies at the UK government’s ICO site »

When you visit our Websites, these analytics service providers may collect the following data, which
will almost always be anonymised and aggregated before reporting back to us:

– number of visitors to our Website
– pages visited while at the Website and time spent per page
– page interaction information, such as scrolling, clicks and browsing methods
– websites where visitors have come from and where they go afterwards
– page response times and any download errors
– date and time of the visit
– other technical information relating to end user device, such as IP address, access
status/HTTP status code, your operating system and interface or browser plug-in

We process this information to understand how visitors use our Websites and to compile statistical
reports regarding that activity (for example, your IP address is used to approximate the country from
which you access our Websites, and we aggregate this information whether most of the visitors to
our Websites come from the EU or from elsewhere).

This processing is crucial to the running of our online business and we therefore undertake such
monitoring in the pursuit of our legitimate interests in improving our Websites to provide a better
service and source of information to visitors.

This information is not used to develop a personal profile of you.

5. How we use collected information
We may collect and use Customers’ personal information for the following purposes:
– To improve customer service
– Information you provide helps us respond to your customer service requests and support
needs more efficiently.
– To personalise user experience
– We may use information in the aggregate to understand how our Customers as a group use
the services and resources provided on our Site and to improve our Sites.
– We may use feedback you provide to improve our products and services.
– To process payments
– We may use the information Customers provide about themselves when placing an order
only to provide service to that order. We do not share this information with outside parties
except to the extent necessary to provide the service.
– To send periodic emails
– We may use the email address to send Customers information and updates pertaining to
their order. It may also be used to respond to their enquiries, questions, and/or other
requests.

6. Marketing
Our Websites do not contain third party advertising other than content from our hosting company or
website builder where applicable.

We may collect information about you in order to send you our promotional or marketing
communications, such as;

– Your name (first and last);
– Your artist or company name (if applicable);
– Your email address;
– Your telephone number(s); and
– Any other personal information that you may provide in a message you submit to us.

While we do not permit third party advertising (or targeted advertising) on our Websites, if you do
link to one of our social media platforms you may be subject to targeted marketing via that site.

Purpose of the processing and legal basis for the processing

Where we provide you with information about our products, services, offers (such as via our e-newsletters) or if we contact you for market research purposes (such as surveys and feedback
requests), we will only use your personal information in this way in accordance with laws relating to
marketing directly to individuals, and in the pursuit of our legitimate interest of marketing our
business.

If you have asked to be added to our mailing list, we will provide your details to a third-party
company usually Mailchimp or Reverbnation, that helps us to produce and manage our newsletters.
We provide these communications on the basis that you have asked to receive these.

If you change your mind, you may opt-out at any time via the unsubscribe feature that appears in
our emails.

You may also be asked to opt in to receive updates or information about similar services from our
network of trusted third-party suppliers or to receive promotional material, including vouchers or
discount offers, from these suppliers.

Who is this information shared with?
We will not share with any third party the personal information that we obtain about you for the
purposes of marketing, except for as stated in this policy and only where those third parties have
agreed to make no independent or further use of that data and to maintain its confidentiality.

Children
We do not knowingly use our websites to solicit data from or market to children under the age of 13
or sell any of our products or services to such children.
If a parent or guardian becomes aware that his or her child has provided us with information or may
be receiving communications from us or has been otherwise interacting with us via our Websites
without consent of a parent or guardian, we ask that this be brought to our immediate
attention. We will make it our priority to address this situation and delete information relating to a
child as soon as practicable. In such an event, please contact us at 5 Nutgrove Avenue, Bristol, BS3
4QE or at jumpingjoint@gmail.com marking the communication as for the urgent attention of the
data controller.

7. Objectionable Content
If you send us objectionable content or behave in a disruptive manner when using our Websites or
other services, we may process any personal information that you have submitted to us, including in
your personal messages, to respond to and stop such behaviour.

Purpose of the processing and legal basis for the processing
We will only process personal information in this way for the following legitimate interests:

– Ensuring that the use of our Website is lawful;
– Ensuring that Customers do not disrupt or harass our staff, clients or other Website users;
and
– Enforcing our legal rights and complying with our legal obligations.

Who is this information shared with?
Where we reasonably believe that you are or may be in breach of the law (i.e. the content you share
on the Website amounts to harassment or is defamatory), we may use your personal information to
inform relevant third parties about the content, such as:

– Your email or internet provider; or
– Law enforcement agencies.

Where we process personal information in this way, we will hold that personal information on our
systems for as long as is reasonably necessary to achieve these objectives.

8. How we protect your information
We adopt appropriate data collection, storage and processing practices and security measures to
protect against unauthorised access, alteration, disclosure or destruction of your personal
information, username, password, transaction information and data stored on our Site.

9. Sharing your personal information
We do not sell, trade, or rent Customers’ personal identification information to others. We may
share generic aggregated demographic information not linked to any personal identification
information regarding visitors and users with our business partners, trusted affiliates and advertisers
for the purposes outlined above and below. We may use third party service providers to help us
operate our business and the Site or administer activities on our behalf, such as sending out
newsletters or surveys. We may share your information with these third parties for those limited
purposes if you have given us your permission. Please see section 3 for information on sharing data
outside the EU.

10. Third party websites
Customers may find advertising or other content on our Site that links to the sites and services of
our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control
the content or links that appear on these sites and are not responsible for the practices employed by
websites linked to or from our Site unless they are one of our trading brands. In addition, these sites
or services, including their content and links, may be constantly changing. These sites and services
may have their own privacy policies and customer service policies. Browsing and interaction on any
other website, including websites which have a link to our Site, is subject to that website’s own
terms and policies.

These third-party websites operate independently from us, and we cannot accept any responsibility
or liability for the privacy practices of such third parties nor the availability of these external sites or
resources. The appearance of such links on our Website is not an endorsement. Should you use any
of these websites, such use is at your own risk and we would advise that you review their respective
privacy policies.

11. Our Social Media Pages
– Our websites may contain links to our social media pages on Facebook, Hootsuite,
Reverbnation, Soundcloud, Instagram and Twitter.
– These third-party websites have their own respective privacy policies (which we would
advise you to read) for which those sites are solely responsible.
– Should you visit those social media pages and choose to follow us on Facebook, Twitter or
Instagram, Jumping Joint may receive personal information including:
  -Your name (first and last);
  -Your email address;
  – Your postal address;
  -Your telephone number(s);
  -IP address;
  -Location data;
  -Social Media account url;
  -Your login details;
  -Your date of birth/age;
  -Your gender; and/or
  -Your general interests.

Purpose of the processing and legal basis for the processing
– If we do receive any personal information about you from these third party social media
sites, we will not process your information for the purposes of direct marketing unless you
have provided your consent, or it is otherwise lawful for us to do so.
– We may use this information to find out more about our digital community so that we can
better understand and serve our customers and website visitors (for example, to create
bespoke content by analysing general interests).
– If you have opted-in to receive such communications, please see our section on Marketing”.

Who is this information shared with?
– We may share your personal information with these social media sites to enable them to
provide targeted marketing messages where you have indicated your agreement to receive
these message, from them or where it is otherwise lawful to do so.
– We will not otherwise share with any other third party the personal information that we
obtain about you for the purposes of marketing, unless you have provided your consent, or
it is otherwise lawful for us to do so.
– If you would like us to delete the personal information that we have received about you
from these sites, please contact us at Jumping Joint Ltd, 5 Nutgrove Avenue, Bristol, BS3 4QE
or jumpingjoint@gmail.com marking your communication as for the urgent attention of the
data controller.
– If you not want us to receive further information about you from these sites, you should also
contact the sites directly to turn off the ‘follow’ settings.
– If you would like to have deleted the personal data that you’ve shared with the social media
accounts that you have joined or that you follow, please contact the social media providers
directly.

Third Party Processing
In addition to the processing that we undertake ourselves, we also use third party processors to
collect, export, store and otherwise process our data, include personal data, on our behalf. The
processors that we engage include (without limitation):

Paypal Services (PayPal (Europe) S.à r.l. et Cie, S.C.A.)(Payment Services)
Location: EU
https://www.paypal.com/uk/webapps/mpp/ua/privacy-full
Google LLC (for Google Drive) (Cloud Storage)
Location: US (EU-US Privacy Shield certified)

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
We Transfer (Cloud Storage and Data Transfer)
Location: EU
https://wetransfer.com/legal/privacy

Facebook, Inc. (Social Media Platform)
Location: US (EU-US Privacy Shield certified)
https://www.privacyshield.gov/participant_search

Twitter (Social Media Platform)Location: Ireland (for non-US customers)
https://twitter.com/en/privacy

Instagram (subsidiary of Facebook, Inc.) (Social Media Platform)
Location: US (EU-US Privacy Shield certified)
See above for Facebook, Inc. EU-US Privacy Shield certification link

The Rocket Science Group LLC (d/b/a MailChimp) (CRM Tools)
Location: US (EU-US Privacy Shield certified)
https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active

Google LLC (for Google Analytics) (Web Management Tools)
Location: US (EU-US Privacy Shield certified)
See above for Google LLC EU-US Privacy Shield certification link

12. Our Purchasing Sites (E-Stores, Merchandising and Ticket Sales)
Type of information
– Via our Websites, we may offer you the opportunity to purchase music of our featured
musicians or to purchase tickets to our featured concerts, workshops and events.
– If you chose to make a purchase, we may collect and store any personal information you
provide when making this transaction, including the following billing details:
  – Your name (first and last);
  – Your company’s name (if applicable);
  – Your email address;
  – Your postal address (billing address);
  – An alternative postal address (delivery address), if applicable;
  – Your country location;
  – Your telephone number(s);
  – Login details (e.g Username and Password)
  – IP address
  – Your gender;
  – Your age;
  – Your payment details (including credit card number, expiry date and CVC).

Purpose of the processing and legal basis for the processing
– We collect and process your contact and financial details to provide you with our products
and services for which you have placed an order. We process this personal data in order to
perform our sales contract with you and to meet our legal obligations or legitimate interests
as a music production, record and promotion business.
– We may contact you about your purchase (for example with details on your tickets or your
attendance at an event), and we may create and store a record of your purchase history.
– Financial transactions via our e-store are handled by our third-party payment service
provider. Occasionally payment may be taken at Jumping Joint and the provider which we
use is Paypal, Music Glue, Bristol Ticket Shop or Ents24..

Who is this information shared with?
– When you opt to make a purchase via our third-party payment services provider, we may
share some personal information with them, and may receive some of the financial
information that you provide to them.

13. Changes to this privacy policy
Jumping Joint Limited have the discretion to update this privacy policy at any time. We encourage
you to frequently check our Site for any changes, so that they may stay informed about how we are
helping to protect the personal information we collect. You acknowledge and agree that it is your
responsibility to review this privacy policy periodically and become aware of modifications. Where
significant and material changes are made we will endeavour to let you know about these.

Have any questions?

Your privacy and protection is of paramount importance, so please do not hesitate in asking any questions.