Version date: 19 May 2018
Welcome to Stergiou Limited and Stergioubooks.com privacy notice.
Stergiou Limited respects your privacy and is committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data when you visit our website stergioubooks.com (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.
If you believe that something is not clear, fair, transparent, lawful, or violates your rights, please contact us immediately.
1.1 This privacy notice (Privacy Notice) sets out the ways in which we, Stergiou Limited (we, us, our), collect and use your personal data (your personal information) in connection with our publishing business and our website stergioubooks.com (our site or website) or other controlled websites which clearly mention that owned and operated by Stergiou Limited (our site or website). It also explains what rights you have to access or change your personal data.
1.2 For the purpose of the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) (the Regulation), the data controller is Stergiou Limited. Our nominated representative for the purpose of the Regulation is Leonidas Stergiou.
2. ABOUT US
2.1 We are a company registered in England & Wales under company number 08112366, with our registered address as set out below.
2.2 You can contact us as follows:
FAO: Leonidas Stergiou, Director
Address: Suite A, 6 Honduras Street, London EC1Y 0TH, UK
Phone number: +44 (0) 20 7504 1325
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.
Stergiou Limited has registered with ICO.
3. INFORMATION WE MAY COLLECT ABOUT YOU
3.1 Information that you provide to us
3.1.1 We will collect any information that you provide to us when you:
(a) when you are making an enquiry over the phone or our site or corresponding with us by phone, email, post, or otherwise;
(b) subscribe to our mailing lists;
(c) submit or send manuscripts, images, audio files, designs or other works to us by post, email, via our site, or cloud;
(d) enter into a contract with us to publish, distribute, sell, resell your book, ebook, audiobook, music or other print and digital editions of your work (‘publishing contract’ or ‘publishing services’);
(e) order books, ebooks, audiobooks, music or other products and publishing services from our site, via email, or by phone;
(f) create an account to order books, ebooks, audiobooks, music or other products and services from our site, via email, or by phone;
(g) fill in forms on our site;
(h) submit an application for a job vacancy;
(i) have been defined by an author or another creator as beneficiary to receive their royalties, following written agreement (e.g., widow, heir).
3.1.2 The information you provide to us might include your name, address, email address, phone numbers, if you are ordering books and other products and publishing services you will also provide your payment details such as financial and credit card information, if you are a corporate customer you will also provide business details such as TAX ID contact person details of your business, if you are submitting a manuscript or other works for publishing, distributing and selling or job application you may also provide additional information about your academic and work history, references and any other such similar information as may be supplied such as Tax ID, address and identity verification documents, CVs, photo(s), references, certifications, publication history, reviews, opinions/comments.
3.1.3 From time to time we might ask if you would be willing to participate in our surveys; if you agree, we will also collect any information that you provide as part of that survey.
3.2 Information we collect about you
3.2.1 We will collect any information contained in any correspondence between us. For example, if you contact us using a query button on our website or by email or telephone, we will keep a record of that correspondence.
3.2.2 We will collect information that you upload or post to your website account and/or any correspondence or interactions that you may have with other website account holders.
3.2.3 We will also collect certain information about how you use our website and the device that you use to access our website. This might include your IP address, geographical location, device information (such as your hardware model, mobile network information, unique device identifiers), time zone settings, browser type and browser plugin types and versions, operating system and platform, information about your visit including the full Uniform Resourse Locators (URL), clickstream to, through and from our site (including date and time), referral source, length of visit to the website, number of page views, products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and similar information. This information may be collected by a third-party website analytics service provider on our behalf and/or may be collected using cookies. For more information on cookies please read paragraph 6 below and our cookies policy.
3.3 Information we receive from third parties
3.3.1 In certain circumstances, we will receive information about you from third parties. For example,(a) if you choose to register for a website user account you may choose to link this account to your social media account (such as Twitter or Facebook). By providing your social media account details you are authorising that third-party provider to share with us certain information about you;
(b) we may use third-party providers to verify information provided by you in connection with any manuscript or any type of work you submit to us for publication, distribution, sale and other activity related to our core business activities;
(c) we will receive information about you from third parties if they are referring you to us for publication. For example, if you are the co-author of a manuscript, your co-author will be required to provide us with information about you. Or if you have a literary agent making submissions on your behalf, your agent will provide us with information about you;
(d) if you are a job applicant we may contact your referees to provide information about you;
(e) Other information we receive about you if you use any of the other websites we operate or the other services we provide. In this case, we will have asked you when we collected that data if we intend to share those data internally and combine it with data collected on this site. We will also have told you for what purpose we will share and combine your data. We are working closely with third parties (including, for example, business partners, sub-contractors in technical (e.g. Shopify), distributors, self-publishing services (e.g., Amazon, Audible ACX, CreateSpace, Ingram/IngramSpark, Apple/iTunes, Author’s Republic), payment and delivery services such as HSBC, PayPal, Stripe, and DHL, respectively, advertising networks (e.g., Goolge) and marketing services (e.g., Maichimp, Yotpo), analytics providers (e.g., Google Analytics), search information providers (e.g. Google, Bing). We will notify you when we receive information about you from them and the purposes for which we intend to use that information.
(f) We may receive technical and usage information from third parties who provide cybersecurity, encryption and other systems security such as McAfee and Sophos in case of suspicious activity.
(g) We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice. We declare that we do not combine or connect Aggregated Data with your personal data to directly or indirectly identify you.
3.3.2 We might also receive information about you from third parties if you have indicated to such third party that you would like to hear from us.
3.3.3 We are not intended for children and we do not knowingly collect data relating to children.
3.3.4 We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
4. HOW WE USE INFORMATION ABOUT YOU AND RECIPIENTS OF YOUR INFORMATION
4.1 We will use your information for the purposes listed below either on the basis of:
4.1.1 performance of your contract with us and the provision of our services to you;
4.1.2 performance of legal obligations (e.g., taxation);
4.1.3 your consent (where we request it); or
4.1.4 our legitimate interests (see paragraph 4.3 below).
4.2 We may use your information for the following purposes:
4.2.1 to perform our legal obligations providing required and necessary information to authorities, regulators;
4.2.2 to provide you with access to our site in a manner convenient and optimal and with personalised content relevant to you including sharing your information with our website hosts and developers (on the basis of our legitimate interest to ensure our website is presented in an effective and optimal manner);
4.2.3 to enable receipt, review, editing, production and publication of your manuscript or any type of work including sharing your information with our editorial and production service providers, peer-reviewers, third-party manuscript readers (on the basis of performing our contract with you);
4.2.4 to administer your publishing contract, including payment of royalties and sharing your information with our royalty/accounting system software provider (e.g. Kashflow, Xero), payment service provider such as HSBC, PayPal, Stripe (on the basis of performing our contract with you);
4.2.5 to administer orders made from our website and sharing your information with our warehousing and distributors (Ingram/IngramSpark, Apple/iTunes, Audible ACX, Author’s Republic) and delivery service providers e.g. DHL (on the basis of performing our contract with you), or co-operative publishing or self-publishing service providers e.g. Amazon, CreateSpace, Ingram/IngramSpark;
4.2.6 to process any job applications you submit to us including sharing this with our third party recruitment agency;
4.2.7 to keep in contact with you about our news, events, new website features or services or new books any type of print and digital publication that we believe may interest you, provided that we have the requisite permission to do so, and sharing your information with our marketing services provider such as Mailchimp (either on the basis of your consent where we have requested it, or our legitimate interests to provide you with marketing communications where we may lawfully do so) or legal obligation to inform you about changes in regulations or changes in our policies, terms, businesss, services which affect you or our relationship;
4.2.8 to share your information with selected third parties such as publishing partners and authors, to enable them to contact you with information about things that may interest you (where we have your consent to do so);
4.2.9 to provide customer service and support (on the basis of our contract with you), deal with enquiries or complaints about the website and share your information with our website hosting provider (Shopify), cloud storage providers (e.g., Google, Adobe),, warehouse and delivery service provider (e.g. DHL), payment services provider (e.g., HSBC, PayPal, Stripe) as necessary to provide customer support (on the basis of our legitimate interest in providing the correct products and services to our website users);
4.2.10 to carry out aggregated and anonymised research about general engagement with our website (on the basis of our legitimate interest in providing the right kinds of products and services to our website users);
4.2.11 to protect, investigate, and deter against fraudulent, unauthorised, or illegal activity, including without limitation plagiarism and identity fraud (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so);
4.2.12 to enable us to comply with our policies and procedures and enforce our legal rights, or to protect the rights, property or safety of our employees and share your information with our technical and legal advisors (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so);
4.2.13 keep our site, cloud and offline storage systems safe and secure (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so);
4.2.14 to promote, market our authors, creators work and develop their brand (on the basis of our contract and legitimate interest to perform, manage and support our core business activities).
4.3 Where we refer to using your information on the basis of our “legitimate interests”, we mean our legitimate business interests in conducting and managing our business and our relationship with you, including the legitimate interest we have in:
4.3.1 personalising, enhancing, modifying or otherwise improving the services and/or communications that we provide to you;
4.3.2 detecting and preventing fraud and operating a safe and lawful business;
4.3.3 improving security and optimisation of our network, sites and services;
4.3.4 other usage data (about how you use our website, products and services), profile data (e.g., purchases or orders made by you, your interests, preferences, feedback and survey responses), marketing and communication data (e.g., your preferences in receiving marketing from us and your communication preferences, and technical data (e.g., IP address).
4.3.5 advertising campaigns, marketing, promoting our work, business, and our authors and creators work, e.g., by posting a small sample of your book publicly to attract the interest of your market group and audience (e.g., SoundCloud for music and audiobooks, Youtube for book trailers, music, and audiobooks, social media for new releases, book presentations, author’s interviews, et.c). All this type of marketing, advertising, promoting and publicity activities use limited personal data (such as name surname, and a small sample of their work), and the authors and creators reasonably expect and want to use their data in that way because they have clear benefit. Furthermore, all of this above activities are included in the publishing agreement (performance of contract).
4.4 Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you (legitimate interest assessment). Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation). If you have any concerns about our processing please refer to details of “Your Rights” in paragraph 9 below.
5. WHO WE MIGHT SHARE YOUR INFORMATION WITH
5.1 In connection with the purposes and on the lawful grounds described above and in addition to the recipients of your information as described above, we may share your personal information with third parties that we work with such as:
5.1.1 third parties we work with to deliver our business (including for example, hosting or operating the website (Shopify) and our databases (Google, Adobe), site analytics (Google), domain providers (Google), providing editorial production services (Adobe), providing technical assistance and support and providing fraud (McAfee, Sophos) and plagiarism (Grammarly) detection services;
5.1.2 any selected third party that you consent or agreed (publishing contract) to our sharing limited information (e.g., author’s name, book details, and a small sample of the book, author’s interviews, book trailers, etc) with for marketing purposes (e.g. Amazon’s Authors Central, Mailchimp, Yotpo, Google, Youtube, and social media such as Facebook, Twitter, Instagram);
5.1.3 any selected third party that you consent to our sharing information with for marketing purposes;
5.1.4 bank and payment processors (HSBC, Stripe, PayPal), accountants (Haines Watts) and other professional advisers;
5.1.5 any prospective seller or buyer of such business or assets, only in the event that we decide to sell or buy any business or assets; and
5.1.6 any other third parties (including legal or other advisors, regulatory authorities, courts and government agencies) where necessary to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law.
5.2 We require third parties to maintain appropriate security to protect your information from unauthorised access or processing.
6.2 If you do not wish for cookies to be installed on your device, you can change the settings on your browser or device to reject cookies. For more information about how to reject cookies using your internet browser settings please consult the “Help” section of your internet browser (or alternatively visit http://www.aboutcookies.org). Please note that, if you do set your Internet browser to reject cookies, you may not be able to access all of the functions of the website.
6.3 The names of the cookies used on our website and the purposes for which these cookies are used are set out in Cookies policy - Declaration and the cookie information provided by our hosting provider (Shopify):
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site.
7. HOW WE LOOK AFTER YOUR INFORMATION AND HOW LONG WE KEEP IT FOR
7.1 We operate a policy of “privacy by design” by looking for opportunities to minimise the amount of personal information we hold about you. We use appropriate technological and operational security measures to protect your information against any unauthorised access or unlawful use, such as:
7.1.1 anonymisation and encryption (storage, files, devices), and services which provide the highest security including pseudonymisation (replacing personally identifiable material with artificial identifiers) and encryption (encoding messages so only those authorised can read them (e.g., Sophos, Google, Adobe, Jotforms);
7.1.2 antivirus, and cyber protection services (e.g., McAfee, Sophos);
7.1.3 anti-hacking and malware protection, security for lost or stolen devices, reduction of human error (e.g., Sophos);
7.1.4 ensuring the physical security of our offices, warehouses or other sites;
7.1.5 ensuring the physical and digital security of our equipment and devices by using appropriate password protection, encryption, and monitoring;
7.1.6 maintaining a data protection policy for, and delivering data protection training to, our employees;
7.1.7 personal data are not grouped, combined, and kept on one database or cloud storage but they are separated in different lists, databases, systems, cloud storages and devices. For example, we may keep your name and email in one system, and your phone and financial details on another;
7.1.8 we only cooperate with tier 1, high-secured, and globally reputable third parties (e.g., Amazon, Apple, Adobe, Shopify, Google, Ingram, HSBC, PayPal, Stripe, McAfee, Sophos, DHL, Mailchimp, SoundCloud) or parties with tier 1 partnerships (e.g., Author’s Republic with, indicatively, Amazon, Audible ACX, Apple/iTunes, Barnes & Noble, Overdrive);
7.1.9 we do not provide, transfer or share personal data with social media such as Facebook, Twitter, Instagram, Pinterest, Youtube except limited information such as author’s or creator name, title of the work, and details about the work which may be included in a post with link to our site for marketing and promotional purposes only.
7.2 limiting access to our systems, devices, and your personal information to those in our company who need to use it in the course of their work.
7.3 We will retain your information for as long as is necessary to provide you with the services that you have requested from us or for as long as we reasonably require to retain the information for our lawful business purposes, such as for the purposes of exercising our legal rights or where we are permitted to do so for purposes of academic, literary expression and research purposes. We operate a data retention policy and look to find ways to reduce the amount of information we hold about you and the length of time that we need to keep it. For example,
7.3.1 we archive our email and paper correspondence regularly and destroy information older than 10 years;
7.3.2 we retain information relating orders, refunds and customer queries for approximately 7 years (UK tax law - HMRC);
7.3.3 we destroy unpublished manuscripts and related correspondence after 10 years, however, we may permanently keep a log recording brief details of these in the event of a legal claim;
7.3.4 we maintain a suppression list of email addresses of individuals who no longer wish to be contacted by us. So that we can comply with their wishes we must store this information permanently;
7.3.5 we maintain publishing and royalties agreements for decades and this period may last up to 70 years after the author’s death, according to legislation about copyrights (see IPO Information Centre). Indicatively:
(a) Written, dramatic, musical and artistic work: 70 years after the author’s deat
(b) Sound and music recording: 70 years from when it’s first published
(c) Films: 70 years after the death of the director, screenplay author and composer
(d) Broadcasts: 50 years from when it’s first broadcast
(e) Layout of published editions of written, dramatic or musical works: 25 years from when it’s first published.
8. INTERNATIONAL TRANSFERS OF YOUR INFORMATION
8.1 Our company is located in the UK.
8.2 Your information will be processed outside of the European Economic Area (EEA) in the circumstances listed below and we will take all steps necessary to ensure that any of your information is adequately protected and processed in accordance with this Privacy Notice, including but not limited to by using all appropriate cross-border transfer solutions such as the European Commission's Standard Contractual Clauses or the EU-US Privacy Shield Framework:
8.2.1 we supply your name and email address to marketing campaign service providers (Mailchimp) for reviews in the USA via the EU-US Privacy Shield Framework when we are permitted to send you marketing emails;
8.2.2 we share customer details, transactions and fulfilments, and order details which placed on our site to ask for your reviews to Yotpo in the USA via the EU-US Privacy Shield Framework. You have no obligation to leave a review and you can opt-out;
8.2.3 we supply your manuscript to an editing, proofreading and plagiarism checker provider (Grammarly) in the USA via the EU-US Privacy Shield Framework;
8.2.4 we share your financial details (name, surname, address, card numbers, account numbers) to global yet highly-reputable and secure banks and payment processors (HSBC, UK; Stripe, UK, and Paypal, Luxemburg);
8.2.5 we store your contact details and transactions (including orders, payments, Tax ID, bank accounts), emails, correspondences, marketing and analytics data to a global yet highly-secure and reputable provider (Google) in, EEA, the USA via the EU-US Privacy Shield Framework and other countries through Google’s sub-processors with compliance to GDPR.
8.2.6 we share your contact, financial, usage, profile, marketing, communication, and technical data to our hosting provider (Shopify) in Ireland (EEA), USA via the EU-US Privacy Shield Framework, and Canada, a territory which the European Commission has deemed has adequate protections in place for your personal data: (http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm);
8.2.7 we provide contact details, order details to global distributors, wholesalers and self-publishing service providers (e.g., Amazon, Ingram, IngramSpark, Apple) in the UK, the USA via the EU-US Privacy Shield Framework, and Australia following the rules of the GDPR to fulfil your book orders or publishing and self-publishing services.
8.2.8 we share technical, usage data and orders details to global yet reputable online and cybersecurity and anti-fraud providers (Sophos, UK) and McAfee in the US (EU-US Privacy Shield Framework) and Canada, a territory which the European Commission has deemed has adequate protections in place for your personal data: (http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm)
8.2.9 we share data to third parties with global presence, activities and data centers such as Google, Apple, and we take all necessary steps that any of your information is adequately protected and processed in accordance with this Privacy Notice, including but not limited to check our data processors about their appropriate cross-border transfer solutions such as the European Commission's Standard Contractual Clauses or the EU-US Privacy Shield Framework, or US-Swiss Privacy Shield Framework, or their policies and proceeding safeguards including if they proceed to standard Contractual Clauses and other security measures with sub-processors in third countries, and they are compliant to GDPR and othe privacy protection regulations. In these cases, our data processors inform us each time they add a new vendor or third-party with their details.
8.3 Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
8.4 Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. See our Information Security Policy and Data Protection Policy.
9. YOUR RIGHTS TO THE INFORMATION WE HOLD ABOUT YOU
9.1 You have certain rights in respect of the information that we hold about you, including:
9.1.1 Request access to your personal data.
9.1.2 Request correction of your personal data.
9.1.3 Request erasure of your personal data.
9.1.4 Object to processing of your personal data.
9.1.5 Request restriction of processing your personal data.
9.1.6 Request transfer of your personal data.
9.1.7 Right to withdraw consent.
If you wish to exercise any of the rights set out above, please contact us: email@example.com (full details: section 2.2)
9.2 You may exercise your rights above by contacting us using the details in paragraph 2 of this Privacy Notice, or in the case of preventing processing for marketing activities also by checking certain boxes on forms that we use to collect your data to tell us that you don’t want to be involved in marketing or by updating your marketing preferences via your account with us.
9.3 Please note that we may need to retain certain information for legal, our own record-keeping and research purposes. We may also need to send you service-related communications relating to your website user account or the service or product you have purchased from us even when you have requested not to receive marketing communications.
9.4 You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
9.5 From 25 May 2018, in accordance with new data protection laws which will be in force from that date, you will have certain additional rights (as mentioned in 9.1) in respect of the information that we hold about you, including:
9.5.1 the right to lodge a complaint about us to the UK Information Commissioner’s Office (https://ico.org.uk/) or the relevant authority in your country of work or residence;
9.5.2 the right to withdraw your consent for our use of your information in reliance of your consent (refer to paragraph 4 to see when we are relying on your consent), which you can do by contacting us using any of the details at the top of this Privacy Notice;
9.5.3 the right to object to our using your information on the basis of our legitimate interests (refer to paragraph 4 above to see when we are relying on our legitimate interests);
9.5.4 the right to receive a copy of any information we hold about you in connection with the performance of our contract with you or on the basis of your consent (or request that we transfer this to another service provider) in a structured, commonly-used, machine-readable format; and
9.5.5 the right to ask us to limit or cease processing or erase information we hold about you in certain circumstances.
9.6 You may contact us with the details at the top of this Privacy Notice if you wish to action any of these additional rights and we will comply with your requests unless we have a lawful reason not to do so.
10. CHANGES TO THIS PRIVACY NOTICE
10.1 We may make changes to this Privacy Notice from time to time. We will post any changes to our site, or notify you of any material changes by e-mail.
This Privacy Notice was updated on 19 May 2015.