New Leads Marketing Ltd and the GDPR
Privacy and Security Contact
Steve Rushton
steve@net-effect.co.uk
02030867502
34 New House, 67-68 Hatton Garden, London, London, England, EC1N 8JY
As part of our ongoing efforts to protect the security and privacy of our users, we are working to meet or exceed the GDPR (General Data Protection Regulation). This site contains information on what steps we are taking, their progress, and who to contact for any security concerns. Please see our FAQ for more information.
Data Processing Addendum
If you need a signed DPA, please use the button below to cross sign and download your copy of our DPA.
Make A Data Request
We respect the rights of individuals to know how their data is being used, export it or request that it be deleted.
Data Processing Partners
We rely on a number of trusted 3rd parties to assist with our operations. Depending on the exact nature of your account and what you've requested we do, your data may be shared with one of these partners. We carefully evaluate each to make sure they're handling your personal data with the utmost of respect, security, and privacy.
| Services | ||||
|---|---|---|---|---|
| Partner | Locale | Data Shared | Purpose | |
| Campaign Monitor Widget |  |
IP Address | Newsletter and email signup functionality from Australian based Campaign Monitor. |
|
| CDN JS | |
IP Address | CloudFlare's CDN with popular javascript frameworks available. |
|
| CKEditor | |
IP Address | Web-based HTML text editor with powerful formatting capabilities. Previously known as FCKeditor. |
|
| Cloudflare | |
IP Address | Automatically optimizes the delivery of your web pages so your visitors get the fastest page load times and best performance. |
|
| Cloudflare Hosting | |
IP Address | Supercharged web hosting service. |
|
| CloudFront | |
IP Address | Amazon CloudFront is a web service for content delivery. It integrates with other Amazon Web Services to give developers and businesses an easy way to distribute content to end users with low latency, high data transfer speeds, and no commitments. |
|
| Continually | |
IP Address | Automated chat tool system. |
|
| Crisp | |
IP Address | Multi-channel customer support platform for startups and SMBs. |
|
| Digital Ocean | |
IP Address | SSD VPS hosting environment. |
|
| DoubleClick.Net | |
IP Address | DoubleClick enables agencies, marketers and publishers to work together successfully and profit from their digital marketing investments. |
|
| Drip | |
IP Address | Drip is an ecommerce CRM that is built to help online brands by using on-site consumer behavior data to deliver personalized and scalable marketing journeys. |
|
| Facebook CDN | |
IP Address | This page has content that links to the Facebook content delivery network. |
|
| Facebook Conversion Tracking | |
IP Address | Conversion tracking functionality from Facebook, allows a user to track advertisement clicks. |
|
| Facebook Custom Audiences | |
IP Address | Custom Audiences from your website makes it possible to reach people who visit your website and deliver the right message to them on Facebook. |
|
| Facebook for Websites | |
IP Address | Allows a user to make a website more sociable and connected with integrations from the hugely popular Facebook website. |
|
| Facebook Pixel | |
IP Address | Facebook Pixel is Facebooks conversion tracking system for ads on Facebook to websites. |
|
| Facebook SDK | |
IP Address | JavaScript SDK enables you to access all of the features of the Graph API via JavaScript, and it provides a rich set of client-side functionality for authentication and sharing. It differs from Facebook Connect. |
|
| Google Analytics | |
IP Address | Google Analytics offers a host of compelling features and benefits for everyone from senior executives and advertising and marketing professionals to site owners and content developers. |
|
| Google Analytics Classic | |
IP Address | Classic Google Analytics - sites that are using non-universal analytics code. |
|
| Google Apps for Business | |
IP Address | Web-based email, calendar, and documents for teams. Renamed to Google Apps for Work, but now known as G Suite From Google Cloud. |
|
| Google Font API | |
IP Address | The Google Font API helps you add web fonts to any web page. |
|
| Google Hosted Libraries | |
IP Address | Google Hosted Libraries is a globally available content distribution network for the most popular, open-source JavaScript libraries. |
|
| Google Hosted Prototype | |
IP Address | Prototype hosted at Google. |
|
| Google Universal Analytics | |
IP Address | The analytics.js JavaScript snippet is a new way to measure how users interact with your website. It is similar to the previous Google tracking code, ga.js, but offers more flexibility for developers to customize their implementations. |
|
| GoSquared | |
IP Address | See who's reading, commenting, joining, or buying on your website right now. |
|
| GStatic Google Static Content | |
IP Address | Google has off-loaded static content (Javascript/Images/CSS) to a different domain name in an effort to reduce bandwidth usage and increase network performance for the end user. |
|
| Help Scout | |
IP Address | Scalable customer support software. |
|
| Intercom | |
IP Address | Intercom is a customer relationship management and messaging tool for web app owners |
|
| OSS CDN | |
IP Address | Open Source Software CDN from MaxCDN. |
|
| Popcorn Metrics | |
IP Address | Send user data direct to mixpanel, KISSmetrics, Customer.io, Intercom.io, Google Analytics, Trak.io and Segment - without writing custom code. |
|
| reCAPTCHA | |
IP Address | Anti-bot CAPTCHA widget from Google. |
|
| SWFObject | |
IP Address | SWFObject is a small Javascript file used for embedding Adobe Flash content. The script can detect the Flash plug-in in all major web browsers (on Mac and PC) and is designed to make embedding Flash movies as easy as possible. |
|
| TrustLogo | |
IP Address | Realtime website identity assurance. |
|
| Ubuntu | |
IP Address | Ubuntu is a free, Debian derived Linux-based operating system, available with both community and professional support. |
|
| Wistia | |
IP Address | Wistia is a video marketing, sales, and collaboration application. |
|
| YouTube | |
IP Address | Embedded videos from YouTube. |
|
Compliance Tasks
GDPR Compliance requires maintenance and ongoing work. We are tracking our efforts here.
| Application Site Security | |
|---|---|
| Status | Name |
| Completed | SSL (TLS) Deployed on App Site |
| Completed | HSTS (HTTP Strict Transport Security) added to SSL/TLS of App Site |
| Completed | Ensure Backups are Stored in on Encrypted File Storage |
| Completed | Ensure internal employees and contractors behaviors around personal data are documented. |
| Completed | Restrict Personal Data at Signup to the Minimum Necessary |
| Completed | Ensure Intrusion Detection Systems are in Place |
| Completed | Ensure Web Application Firewall enabled and blocking common attacks |
| Completed | Ensure Access to Backups is Restricted |
| Completed | Inform Users about the GDPR Page |
| Privacy Procedures | |
|---|---|
| Status | Name |
| Completed | Get Management Approval for GDPR Efforts |
| Completed | Nominate a Data Protection Lead or Data Protection |
| Completed | Process established for subject data requests |
| Completed | Procedure established to allow for people to request that inaccuracies in their data are fixed. |
| Security Procedures | |
|---|---|
| Status | Name |
| Completed | Publish statement on public website on how to report security and data issues. |
| Completed | Data Breach Notification Policy has been established |
Frequently Asked Questions
If you have any concerns not answered here, please reach out to our contact (listed above) and we'll be happy to assist.
Do Non EU Companies need to comply with the GDPR?
While it remains to be seen if the EU has the legislative power to levy fines and enforcement against organizations around the globe, GDPR compliance is being sought by non EU companies for a variety of reasons.
- Customers and Prospects are making it a requirement
- It's a solid framework for improving the handling of personal information and complying with the GDPR requirements improves our own security.
How Do I Report a Security Issue?
We take all security reports seriously. Please email our security contact (information listed above) with any information you have regarding any potential data breaches, vulnerabilities or concerns.
What's the GDPR?
The General Data Protection Regulation (GDPR) is a new piece of privacy legislation enacted by the European Union. It represents a significant change in how personal (IP Addresses, Emails, Names) and sensitive (religion, ethnic origin, health, orientation) data is handled by companies.