What personal data we collect and why we collect it
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
Contact and sign up forms
If you sign up as a member, we will collect your name and contact information so we can get in touch with you and so you can maintain your account.
We do not share these details with anyone.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Like most websites this website use ‘cookies’. These are small data files which are stored on your device in order to improve the functionality and management of the site.
Below is an explanation of the cookies we use on this site and elsewhere, and how we manage this information. As these cookies are commonly used across the web, we recommend disabling cookies in your browser if you do not wish them to be installed on your device.
We use Google Analytics to record anonymised data about how this website is used. This enables us to measure how many people use the website, how they reach the site, and what pages they visit.
This information helps us improve the website by understanding how people use it, and also enables us to report to funders about how well the site is performing.
Google Analytics does not allow us to view individual user details; it only enables us to analyse patterns of behaviour across multiple users. It collects users’ IP addresses, but solely for the purpose of analysing where in the world people are using this site.
This website is built with WordPress. This relies on cookies for basic management tasks, such as identifying whether a user is logged into the website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
If you connect or integrate any social media services with services we provide, you may receive social notifications either from us or from third party companies providing social media services on our behalf. You can manage these social notifications through changing your privacy settings on the relevant social media site or discontinuing any interaction. If you register and provide information to a forum or blog on our Website, the information you provide will be published and will be publicly available on our Website. It will not be used for any other purpose.
Content from other websites
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Third party plugins
What personal data we collect and why we collect it
We collect information about you during the signup process as well as some basic activities such as the dates you make purchases, login to the site, or cancel/pause/resume your subscriptions with us.
What we collect and store
When you subscribe with us, we’ll ask you to provide an email address. We’ll use this information for purposes, such as, to:
- — Send you information about your account and subscriptions. This may include payment receipts, password reset emails, and payment reminders.
- — Create your membership account
How long we retain your data
We store information about you for as long as your account exists.
Who on our team has access
Members of our team have access to the information you provide us. For example, site Owner/Administrators can access:
- — Order information such as your membership subscriptions, payment dates and amounts, and username / email address.
Any additional information added in your Member Profile can also be visible to the Administrator(s).
We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.
Who we share your data with
We use the personal information you provide us to ensure that any services or information you have requested can be fulfilled.
We do not share your personal information with anyone.
If you asked to receive more information about our activities and news, we will use the personal contact information you provided to stay in touch with you.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Data protection laws provide you with the following rights to:
- request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it;
- request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
- request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below);
- request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it; and
- request a copy of your personal information which you have provided to us, in a structured, commonly used and machine-readable format and the right to transfer it, or to require us to transfer it directly, to another controller; and
- You also have the right to object to the processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- You will not have to pay a fee to access your personal information (or to exercise any of the other rights above). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
- We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
- Where we rely on your consent to process your personal data, for example if we need your consent to send you any direct marketing, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact us using any of the details set out below in the “Contacting Us” section. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
- If you are unhappy about how your personal data has been used please refer to our complaints policy. You also have a right to complain to the supervisory authority, which in the United Kingdom is the Information Commissioner’s Office https://ico.org.uk/, which regulates the processing of personal data.
How we protect your data
Your data is secured by encryption, firewalls and Secure Socket Layer (SSL) technology. This is industry standard encryption technology which manages the security of messages transmitted across the internet. When we receive your data, we store it on secure servers which can only be accessed by the web developer Surface Impression.
What data breach procedures we have in place
Data breaches are rare but in the case of this happening they will pinpoint the exact details of the breach including the time, where it happened on the system, the cause of the breach, and the extent of the damage.
Additional security measures are monitored by the hosting provider.