Genes Reunited Legal
Your privacy is a top priority for Findmypast. We are dedicated to looking after your Personal Information in a way you feel is 100% safe and secure, handling it in a responsible manner and complying with data protection laws.
When it comes to your privacy, we follow 3 main principles:
Transparent. We want to be transparent about the personal information we collect, why we collect it and how we process it.
Control. We give you control over the Personal Information you provide to us. We let you choose how and when it is used, shared, kept or deleted.
Our full Privacy Statement is below and we suggest you take the time to read and understand it.
This policy includes:
- 1. About us
- 2. The information we gather and track
- 3. Emails from Genes Reunited
- 4. Sharing with other websites and applications.
- 5. Sharing and use of information
- 6. Family Tree
- 7. What if I don't provide some or all of the information requested?
- 8. What grounds (legal basis) are we processing the data under?
- 9. Sharing your information with third parties
- 10. Sale of the Business
- 11. Cookies
- 12. How we protect your personal information
- 13. Your rights regarding your personal information
- 14. Right of complaint to the Regulator for Data Protection
- 15. How long we hold your data for
- 16. Removing your profile from the Genes Reunited Service
- 17. Links to third-party websites
- 18. Privacy notice for residents of California
- 19. Nevada resident rights
- 21. Contacting us
1. About us
This website https://www.genesreunited.co.uk/ is owned and operated by Findmypast Limited (FMP), a company registered in England and Wales no. 04369607, having its registered offices at The Glebe, 6 Chapel Place, Rivington Street, London, EC2A 3DQ.
Genes Reunited is committed to protecting your privacy and maintaining the security of any personal information received from you. We strictly adhere to the requirements of the data protection legislation in the UK and we are registered on the Data Protection Public Register number Z6639808. Our Data Protection Officer will be happy to deal with any queries or requests regarding the data we hold about you. They can be contacted at firstname.lastname@example.org or by post to Data Protection Officer, The Glebe, 6 Chapel Place, Rivington Street, London, EC2A 3DQ.
2. The information we gather and track
We always aim to gather only the information that we need in order to provide you with the service you have subscribed to.
Registration and other information. When you register for the Genes Reunited Service, you provide your name (including a previous name, where relevant), your email address, your gender, your year of birth and country of residence and some optional information about yourself such as place of birth. They are available to you, and capable of being changed, through the My Account page. We also receive information from you when you pay for a product, get in contact with us, and sometimes when you reply to a survey. Sometimes, we may ask you to provide other contact details to carry out our surveys, such as phone number or address. You will always be given the option to withhold additional contact details at the time you complete the survey.
Information you choose to share. If you create content on the website, which may include uploading personal information in the My Account section or uploading family trees, photos, videos, comments and notes, we also receive that information. This may include personal information about you and other people (for example, details about other individuals in your family tree). More information about tree settings is available in Section 6.
Information other members share about you. We may also receive information from other members, such as when they upload content relating to you or post comments in relation to your uploaded content.
Other information we receive about you. We do not collect sensitive information (also known as special categories of information) about you except when you specifically knowingly provide it and have consented to this. Examples are adding your religious belief to a family tree. More details about the privacy of the family tree are available below.
We also receive some information about the computer or other device you use to access your service, such as your IP address, the browser you use, your location, how big your screen is, or the pages you visit.
When you upload a photo or video, we may also receive additional information through metadata about where that photo or video was taken, such as the time, date and location.
We may also receive statistical information that does not personally identify you from our advertising partners who work with us to deliver more relevant, higher quality advertising to you on the website and to understand online activity.
In order to purchase a subscription or credits for Findmypast you must be over 18 years old. More information about our age restrictions can be found in our terms and conditions.
3. Emails from Genes Reunited
You are probably most interested in how we will use your email address to communicate with you, so here's our email promise, in plain English.
Service Emails. The team at Genes Reunited hate spam and will never send you unsolicited emails. But there are some emails that we will need to send you to provide you with a good Genes Reunited service. These include notifications that you have a message from another member, reminders about your membership expiring and guides on how to use the site. A full list of the types of emails you will receive to help you use the service most effectively (which we call Service Emails) are shown below:
- Welcome emails - this series of emails provide all the information you need to get started on Genes Reunited.
- Payment receipt - this is sent if you upgrade to Full Membership
- Renewal notices - these remind you to renew your Full Membership
- Automatic Full Membership renewal alerts - if you have selected automatic renewal of your Full Membership, we will alert you before this happens
- Key service messages - if we need to notify you about changes to the service
- New message notification and reminders - when you receive messages from other Subscribed Members
- Service suspension notices - if you break the house rules
Newsletters. When registering, you are given the option to receive our occasional newsletters. We use these to notify you about new features on the site, ask your opinion, and tell you about services you might not be using yet. We only send a newsletter when there is something worthwhile to tell you about. Generally, you'll get a newsletter about once a month.
Email Preferences. If you decide you no longer want to receive these emails - or if you aren't currently receiving it and want to - all you need to do is change your email preferences. You'll find this in the My Account area once you're logged in.
4. Sharing with other websites and applications
Logging into the website using Facebook. You can log in to the website using the Facebook Platform. When you log in using Facebook, Facebook shares selective information with us, such as your gender, date of birth, name and location, but we do not share information we hold about you with Facebook through your use of this facility.
Sharing links from Genes Reunited. By using the 'Share' links which may be available on the website, you can share links to certain content with non-members using Facebook, Twitter and email. The content will remain at all times on the website and only the link and other limited information will appear on Facebook and Twitter, or in the email. There are restrictions on the sharing of content that we provide to you on the website. You can find out more about these restrictions in our terms and conditions.
5. Sharing and use of information
- Managing the website (including your account);
- Providing advanced website features to you;
- Suggesting and providing relevant content to you on the website;
- For analysis to understand your needs to help us improve the website;
- Improving search results;
- Understanding website usage to help us improve our marketing or the way we do business;
- Sending you emails and other communications;
- We may show you relevant advertising on third party sites (e.g. Facebook, Google, and Twitter);
- We may use and disclose information in aggregate (so no individuals are identified) for marketing and strategic development purposes.
- We use IP addresses and device identifiers to identify the location of users, to establish the number of visits from different countries, to limit/cap adverts of a certain type, and to personalise content and emails.
- You give us permission to use your information for the above purposes in relation to our current service, and also in relation to any new products and features which we may provide to you in the future as part of our service.
The over-riding principles we apply are these:
- We, and (where relevant) our credit card processing agents will not supply your information to a third party for commercial exploitation - thus, you can rest assured that we will not sell the lists of our Members' email addresses to a third party;
- We occasionally use third-party companies to process information that you provide us with: for example, when you complete a survey or make a payment. When we do, we keep the amount of personal information they hold to an absolute minimum, have contracts in place to stop them using your information except on our behalf and require them to ensure they are as careful with your information as we are; and
Registration and Family Tree Information. The details you provide on Registration and the details of those you enter into your family tree are only available to you. Search results from your tree will only be associated with you by your first name (which will be displayed together with the search results). Your email address is never revealed.
Emailing through the Genes Reunited Service. We do not directly make your email address available to anyone on any screen of the Genes Reunited Service. The only legitimate way of making contact with a Member on the Genes Reunited Service is for a subscribed Member to enter a message that we will send on the Member's behalf. We will notify the addressee Member, using the email address he/she has provided to us, that Genes Reunited is holding an email for him/her, and the Member can collect the email when logged in to the Genes Reunited Service. Members may check and (if required) change the email address we hold for them at any time through "My Account/Email Address". Members' personal notes must not include their email address. Sent and received email may appear in a Member's Inbox on the Genes Reunited Service for an indefinite period - we do not delete it after any specific period. However, this does not mean that we will retain your email forever; there may come a time when we will need to delete some or all of it, for technical or other reasons. In this event, we will endeavour to give you advance warning that we are going to do so.
Advertising. The Genes Reunited Service may include interactive advertising for other businesses. We may use, and provide to third parties, anonymised demographic data provided by Members to target this advertising more appropriately. Please see our cookies policy for more information.
Credit or debit card information. We use Worldpay plc and Datacash as our payment providers. Both operate a secure server, to process our card payments. They encrypt Members' credit or debit card information and authorise payment directly. This means that Members' full card details are never revealed to or held by us. Worldpay plc or Datacash may transfer to, process and hold your card information in countries either within or outside the European Economic Area in connection with performing their duties.
Companies in the Genes Reunited group. We may share data supplied by you (or collected about you) with our subsidiaries and other companies in our group (meaning Genes Reunited Limited, Findmypast, and any of their subsidiaries from time to time), but only for the purposes described in this policy or if we are required or otherwise permitted to do so by law. In general, we try to make sure that people only have as much access to your information as they need to carry out their job.
6. Family Tree
Family Trees are one of the most valuable resources for the genealogical community. Many people, often unknown to each other, share common ancestors within a few generations, and those people know different parts of the family tree. By joining forces and connecting this knowledge, we can all discover new parts of our family history – parts we never had access to before.
The names, year of birth and place of birth for you and those in your tree are searchable by other Members. Details in your family tree can be shared with other members at your discretion. If you would like to hide details of all living relatives in your family tree, you can do so by visiting the 'MyAccount' page and choosing Yes in the 'Hide Living Relations' drop-down menu. Hiding Living Relations will not hide individuals from search results. Search results will display the person's name, year of birth and place of birth.
If you add the names of living individuals to your family tree you must have their permission. We reserve the right (at our own discretion) to remove any personal data which you have included in your family tree about people who are living if we are alerted to the fact that this personal data was used without that person's permission.
If you become aware that your personal information has been included in somebody else's tree without your permission or is being misused in any other way on the website, please contact our Customer Support at email@example.com with details and we will investigate and, if necessary, remove this information.
When you create your family tree or upload a GEDCOM, the privacy settings are set to share deceased ancestors will be set to Yes by default. We provide you with privacy controls to manage your family tree and control who can see the information in it within the Tree Settings page. You should familiarise yourself with how these controls work as you are responsible for using them.
- i. When sharing Deceased Ancestors is switched on
All personal information about living people outside of what is described above remains private to you
Information on deceased ancestors may be offered to GenesReunited and Findmypast members as a hint if their tree appears to share common ancestors with your tree.
For deceased ancestors, the following information may be offered as part of a hint:
- Facts and events – together with sources and attached records
- Photographs and media will not be shared. In the future, we will introduce more granular privacy controls to enable selective sharing of photographs.
If your ancestors are not marked as deceased, but were born more than 110 years ago we will assume they are deceased. Please contact firstname.lastname@example.org if this is incorrect.
- When sharing Deceased Ancestors is switched off
Other users will not be able to receive hints from deceased ancestors in your tree.
7. What if I don't provide some or all of the information requested?
The impact of this will depend on what information you withhold, but the main impacts may be:
- We will not be able to process or fully process your order.
- We will not be able to contact you to let you know of problems regarding your order or the goods/services provided.
- We will not be able to respond fully to requests and queries you may have.
- We cannot personalise the service you receive. So, if you are online you will have to search more for the content type you normally view or for similar/related products.
- We won't be able to limit online adverts to products or services you have shown interest in and so you may receive adverts that are not related to your interests.
8. What grounds (legal basis) are we processing the data under?
There are a number of grounds we process your data under. These are:
- Contractual – we need the information to perform the contract for goods or services you have requested/ordered including payment, delivery etc.
- Legal – should we be legally required to contact you concerning a purchase or service.
- Legitimate interest – this means the processing is in Genes Reunited's interest. It allows us to manage the customer relationship effectively and efficiently and improve the goods and/or services we provide by better understanding how our online provisions are used and which goods are popular with which groups of individuals.
- Consent – where you have given us consent to market to you.
9. Sharing your information with third parties
We may from time to time provide your personal information to third parties for the purposes of providing you with our services. These third-party providers include payment processors, providers of card validation services, and credit referencing providers. This is necessary for the performance of the contract. We do not keep a record of your credit or debit card details in our systems. Our payment processors do not decide what is done with your data and only process it on our behalf. These third parties may be located outside the European Economic Area; however, we only use providers that provide adequate protection for your information at all times.
When transferring and storing any personal information outside the EEA we only do so under one of the legally recognised transfer mechanisms for ensuring the data is safeguarded. These are:
- The country in question has been deemed safe for data transfer by the European Commission. Also known as an adequacy finding.
- The contract for data processing contains the standard contractual clauses laid down by the European Commission to safeguard the transfer of personal data.
- Binding corporate rules – this is where a large company's own internal processes for international data transfer have been signed off and agreed by the European Commission as safeguarding the data.
- If the data is going to the USA it can be safely transferred to a company that is certified under the EU-US Privacy Shield.
- Appropriate certification schemes
- We will disclose your personal data in order to comply with any legal obligation. This includes disclosing information to organisations for the purposes of fraud protection, credit risk reduction, or the order of a court or regulator.
We also share your details with service providers who assist us with hosting our marketing campaigns and surveys, but only in cases where you have consented to marketing or surveys. We will not provide your data to other third parties for marketing purposes unless you have specifically consented to this when you first provided your data to us. You are entitled to decline receiving such third-party communications by not selecting the appropriate box on the web form that collects your details or at any subsequent time by logging into your account and adjusting your preferences, by contacting us by email at email@example.com or by post to Genes Reunited, 6 Chapel Place, Rivington Street, London EC2A 3DQ.
10. Sale of the Business
All of your personal information that we collect may be transferred to a third party if we undergo a merger, acquisition, bankruptcy or other transaction in which that third party assumes control of our business (in whole or in part). Should one of these events occur, we will make reasonable efforts to notify you before your information becomes subject to different privacy and security policies and practices.
We do collect some information from cookies and similar software that allows us to understand how you arrive on our websites and use and navigate around them so we can improve the sites. We obtain some information from Google Analytics and Facebook. The Facebook information provided is limited to your email address and only that which you have previously agreed with Facebook that they may share.
12. How we protect your information
We follow strict security procedures in the storage and disclosure of information which you have given us, to prevent unauthorised access to, and loss, misuse or alteration of your personal information in accordance with UK data protection legislation. These include firewalls and virus-checking procedures.
You are responsible for keeping secret any confidential passwords or other login or access details that you select or which we allocate to you. While we take steps to ensure the security of your information, there is a risk that any information transmitted over the Internet and stored on a computer may be intercepted or accessed by an unauthorised party. It remains each Member's responsibility:
- to protect against unauthorised access to Your Details;
- to ensure no-one else uses the Genes Reunited Service on that Member's machine while it is "logged on" to the Genes Reunited Service;
- to log off or exit from the Genes Reunited Service when not using it; and
- to keep his/her password secret.
If you think that someone has accessed your information held by us without your permission or gained unauthorised access to your login details, you must notify us at firstname.lastname@example.org
We also recommend that if you use a shared computer or a computer in a public place such as a library that you close your browser when you have finished your session.
13. Your rights regarding your personal information
Under the Data Protection law, you have a number of rights with respect to your personal information, which are:
Correcting your Information
You are entitled to have your personal information updated to ensure it is up to date and accurate. In order to maintain the accuracy of the information we hold, you can update your personal details through your 'My Account' page or by sending us an email to email@example.com.
You have the right to withdraw your consent to any processing that is currently being done under your consent, such as marketing. Consent can be withdrawn by updating your preferences in the email preference centre or through 'My Account'. You can also email to firstname.lastname@example.org.
Obtaining a copy of your Information
You have the right to receive a copy of the personal information we hold about you. You can do this by contacting email@example.com from the email address attached to your account, providing the full name attached to your account.
Deleting your information
You can request that we delete personal information in certain circumstances. These will be specific to each case. You can do this by contacting firstname.lastname@example.org from the email address attached to your account, providing the full name attached to your account
You have the right to ask us to transfer the personal information that you have given us to another controller.
You can request a restriction on the processing of your data in some limited circumstances. Examples are concerns over data accuracy or we no longer need to hold your data but you have requested its retention by us to aid you in a legal matter. You can do this by contacting email@example.com from the email address attached to your account, providing the full name attached to your account.
Right to object to processing
You have the right to request that we stop processing your data for marketing purposes and in other limited circumstances such as asking us not to process your data by wholly automated means or not to analyse your information for targeted content etc. (also known as profiling).
You can action any of these rights by contacting our Customer Support Team or by contacting us by email at firstname.lastname@example.org or by post to Data Protection Officer, Genes Reunited, 6 Chapel Place, Rivington Street, London EC2A 3DQ.
14. Right of complaint to the Regulator for Data Protection
The data protection laws in the UK are regulated and enforced by the Information Commissioner's Office (ICO). Each individual has the right to raise a concern/complaint to the ICO if they have any concerns about how their personal information and/or privacy is treated. You can do this via the ICO’s website, follow the links or have an online Live Chat.
Call the ICO helpline on 0303 123 1113
Postal address: Information Commissioner's Office
15. How long we hold your data for
Some of the information you provide to us will be necessary to carry out repeated tasks, such as verifying your identity or payment details when signing in to use an account, providing our services to you or when you are using an online checkout. We will keep this information for as long as you remain a registered user of any of our sites and for so long as reasonably necessary. After this time, we may need to hold your personal data in order to meet our financial obligations or identify or resolve issues or causes of action.
If your account is inactive for more than ten years and you are no longer paying for a service, we reserve the right to delete any information you have provided to us, including all information in your family tree. We will send an email to the address attached to your account before deleting the information in your family tree.
16. Removing your profile from the Genes Reunited Service
You may remove your profile from the website by clicking here. Any public content you have added to the website will remain; however, your profile page will not be accessible, and other subscribed Members will not be able to contact you. Any content you chose to share publicly, understandably, may be copied or stored by other subscribed Members even after your profile has been removed. When your profile has been removed, we will archive and store your information for a reasonable time period for legal and administrative reasons and for the purposes of re-activating your account with us, if you wish to do so.
17. Links to third-party websites
18. Privacy Notice for Residents of California
- Personal Information We Collect
We collect a variety of personal information about our visitors, users and other people who reside in California. For the purpose of this Section 17, as defined by the CCPA, "personal information" means information that identifies, relates to, describes or references a particular consumer, household or device. It can also include information that could be associated or linked with a particular consumer, household, or device. However, personal information does not include:
- Publicly available information from government records, or
- Information that cannot be used to identify a consumer, household or device because it has been anonymised.
In particular, we have collected the following categories of personal information from our consumers within the last twelve (12) months:
Category of personal information
Where we source this information
Why we process this information
Third parties we share this information with
Information that relates to characteristics that are protected under California or federal law
Professional or employment-related information
Inferences drawn from other personal information
Personal information categories per
The California Customer Records statute (Cal. Civ. Code § 1798.80(e))
Some personal information included in this category may be covered in other categories. Examples include:
- Sharing Personal Information
We may disclose your personal information to a third party for a business purpose. When we do this, we enter into a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract or as otherwise permitted under the CCPA.
We share your personal information with the following categories of third parties:
- Analytics Partners.These parties provide analytics on web traffic or usage of the products or service. They include:
- Companies that track how users found or were referred to the products or services
- Companies that track how users interact with the product or services
- Companies hosting our technology such as our databases, customer relationship management system and document storage
- Companies who help us to keep our technology and services secure and to prevent and detect fraud
- Companies who process payments on our behalf
- Companies who support our marketing and advertising activity
- Companies who help us to conduct consumer surveys
- Our parent company (D.C. Thomson & Co. Ltd, a UK-registered company)
- Law enforcement agencies, if we are legally required to do so.
- Parties you authorise, access or authenticate
Disclosures of Personal Information for a Business Purpose
In the past 12 months, we have disclosed the following categories of personal information for a business purpose:
- Information that relates to characteristics that are protected under California or federal law
- Commercial information
- Biometric information (limited to a summary of the geographical make-up and origins of your genes)
- Internet activity
- Geolocation data
- Sensory data
- Professional or employment-related information
- Inferences drawn from other personal information
- Personal information categories per The California Customer Records statute
For business purposes we disclose your personal information to the categories of third parties listed in the table under "Personal Information We Collect", above – see the column "Third parties we share this information with".
Sales of Personal Information
In the past 12 months, we have not sold personal information.
Data that is not personal information
We may create aggregated, de-identified or anonymised data from the personal information we collect, including by removing information that makes the data personally identifiable to a particular user. We may use such aggregated, de-identified or anonymised data and share it with third parties for our lawful business purposes, including to analyse, build and improve our products and services and promote our business, provided that we will not share such data in a manner that could identify you.
Security and Retention
We seek to protect your personal information from unauthorised access, use and disclosure using appropriate physical, technical, and administrative security measures and storage and processing practices based on the type of personal information. For example, our website uses industry standard HTTPS protocols which encrypt your connection to us and the personal information you provide to us using Transport Layer Security (TLS) technology. Although we work to protect the security of your account and other data that we hold in our records, please be aware that no method of transmitting data or storing data over the Internet is completely secure. We cannot guarantee the complete security of any data you share with us, and except as expressly required by law, we are not responsible for the theft, destruction, loss or inadvertent disclosure of your information or content.
We retain personal information about you in accordance with Section 15 of this privacy notice, to comply with our legal obligations, resolve disputes, or as otherwise permitted or required by applicable law, rule or regulation. We may further retain information in an anonymous or aggregated form where that information would not identify you personally.
- Your Rights and Choices
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
Your Right to Know
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive your request and verify that it's from you (see "How to exercise your rights"), we will disclose to you:
- The categories of personal information we have collected about you
- The categories of sources from which we collected the information
- Our purposes for collecting the information
- The categories of third parties with whom we share the information
- The specific pieces of personal information we collected about you
- If we sold or disclosed your personal information for a business purpose, two separate lists showing:
- Sales we made, identifying the personal information categories that each category of recipient purchased; and
- Disclosures we made for a business purpose, identifying the personal information categories that each category of recipient received.
Your Right to Request Deletion
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive your request and verify that it's from you (see "How to exercise your rights"), we will delete your personal information from our records, unless an exception applies. We will also ask our service providers to delete any personal information we have disclosed to them.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the personal information, provide a product or service that you requested, take actions you would reasonably expect as part of our ongoing relationship with you (e.g. resolving a question or complaint), fulfil the terms of a written warranty or product recall, or do anything else required to honour our contract with you
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities
- Debug products to identify and repair errors that adversely affect how they function
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.)
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, if you have previously consented to this and if deleting the information would significantly affect the research
- Comply with a legal obligation
- Make internal use of the information for purposes that are lawful and that you would reasonably expect when you provided the information (e.g. quality control)
Your Right to Non-Discrimination
At Genes Reunited we are committed to treating consumers fairly and we will not discriminate against you for exercising any of your rights under the CCPA, for example by charging you a higher price or denying you access to our products and services.
How to Exercise your Rights
To exercise your rights as described above, please submit your request to us by:
- Calling us at +1 (855) 246-8234, or
- E-mailing us at email@example.com
Only you, or someone legally authorised to act on your behalf, may make a request related to your personal information and you may only make two requests within a 12-month period.
To help us respond to your request, please ensure it is clear, specific and detailed enough that we can understand it and provide what you require. Please also note that we will be unable to respond or provide any personal information unless we can verify that your request is genuine (and if you are making the request on someone else's behalf, that you are legally authorised to do so). To enable us to act on your request, we will need you to provide sufficient information to verify your identity. For Genes Reunited users, this may include the following:
- If we are able to verify your request through a password-protected account, we may do so, and we will ask you to re-authenticate yourself before we disclose or delete your data.
- If we are not able to verify your request through a password-protected account, we will require additional information to verify your identity. Such information will depend on the type of request and the sensitivity of the personal information. For example, we may ask you to confirm your current subscription plan and details, information from your family tree, and/or other identifying information associated with your use of Genes Reunited that allows us to verify your identity before we act on your request.
- If your request is for specific pieces of personal information, we may also require a signed declaration under penalty of perjury to verify your identity.
If you have an account with Genes Reunited, you can also access personal information associated with your account through your account settings once you are logged in.
You may also authorize an agent (an "Authorized Agent") to exercise your rights on your behalf. To do this, you must provide your Authorized Agent with written permission to exercise your rights on your behalf, and we may request a copy of this written permission from your Authorized Agent when they make a request on your behalf. We may deny requests from Authorized Agents if we do not receive sufficient proof of authorization on your behalf.
When and How we will Respond
We will endeavour to respond to a request we have been able to verify within 45 days of receiving it. If for any reason we are unable to comply or if we need more time (up to additional 45 days), we will let you know and explain why in writing. We will deliver our response electronically unless you ask us otherwise; please note that as we are UK-based, a postal response will take longer to reach you. If you are requesting personal information from your family tree(s), we will provide you with instructions so you can download the information in a GEDCOM file, which is a standard file format used by genealogical organisations.
We will not charge you a fee for making a request unless your request(s) is excessive, repetitive or manifestly unfounded.
Other California Rights
California residents are entitled to contact us to prevent disclosure of personal information to third parties for such third parties' direct marketing purposes, under California Civil Code Sections 1798.83-1798.84. If you would like to submit such a request, please contact us at firstname.lastname@example.org
19.Nevada Resident Rights
If you are a resident of Nevada, you have the right to opt-out of the sale of certain personal information to third parties who intend to license or sell that personal information. You can exercise this right by contacting us at email@example.com with the subject line "Nevada Do Not Sell Request" and providing us with your name and the email address associated with your account. Please note that we do not currently sell your personal information as sales are defined in Nevada Revised Statutes Chapter 603A.
20. Updates to this policy
We may update this policy at any time without notice. We will tell you that we have updated the policy by emailing you at the email address you have provided to us and/or by posting an announcement on the website. By continuing to use the website after we have emailed you or posted a notice informing you of an update, you accept the changes to this Policy.
Privacy statement last updated 29 September 2020.
21. Contacting us
If you have any questions about privacy, or wish to update your details or have them removed from our mailing list at any time, please contact us at:
Post: Data Protection Officer
6 Chapel Place
London EC2A 3DQ