This Policy sets out how we, Pennine Community Power, collect and process data and your rights regarding how your personal information is used. This policy is compliant with the EU’s General Data Protection Regulations (GDPR).
All questions regarding this Policy should be sent to us at firstname.lastname@example.org
This Policy covers our website and any communications or services that we offer.
We will post any changes and updates to this Policy on this page so please visit this page regularly to make sure you are aware of any updates. We will communicate significant changes in this Policy to you by contacting you through the format to which you have agreed.
This policy was last updated in April 2018.
We will always make clear to you at the time when we collect any personal data the legal basis on which we will process that data. We will process your data on the basis of:
Your explicit consent eg if you sign up to our mailing list at an event or on-line via Mailchimp; or
A contractual relationship eg when you buy tickets for an event, or where you are employed or volunteer for us; or
Legitimate interest eg maintaining contact with our members, responding to enquiries, IT security, fraud prevention, maintaining “do not contact” lists; or
A legal obligation eg if we are required to disclose the information to regulatory or government bodies eg HMRC, or when required to do so by the courts
We only collect the data that we need including data that will help us improve and administer our services. We collect two kinds of information:
Information such as IP addresses (the location of the computer on the internet), pages accessed and files downloaded. This helps us to analyse how people use our website. We will not link this to you individually.
Personal information such as your name, the organisation you represent, email and postal address, phone number, job description.You don’t have to disclose this information to browse our site, however you may not be able to access some of our services unless you disclose some or all of this information.
Use of Data
We use your data only to provide the service that you have requested and communicate with you in the way that you have agreed to eg we will specifically ask you to consent to us contacting you by a particular method eg email, phone.
We may use third party processors through which we send out our newsletter, sell tickets and process and analyse the data we collect.
We will only share data where we are required to do so by law or with our third party processors. Personal data will not be transferred outside of the European Economic Area unless the country or territory that it is transferred to is considered to have adequate protection for the rights and freedoms of data subjects in relation to the processing of data as detailed in the guidance from the Information Commissioner’s Office (ICO) https://ico.org.uk/for-organisations/guide-to-data-protection/principle-8-international/
We will never sell or swap your information with other organisations to use for their marketing.
Third party processors
We currently use the following third party processors to help us collect, process and analyse data. Please refer to the Privacy Policies of these third party processors by clicking on their name.
Where do we store your data?
We have measures in place to prevent the loss, destruction, misuse, alteration, unauthorised disclosure of or access to your personal information. Information we collect can only be accessed by authorised personnel who agree to abide by this policy.
Unfortunately, the transmission of data across the internet is not completely secure and whilst we do our best to protect your information, we cannot guarantee that loss, misuse or alteration of data will not occur whilst data is being transferred.
How long will we keep your data?
We will keep your information only for as long as we need it to provide you with the services and information you have requested from us. This means eg for newsletters we will periodically review the consent that you have given us and if necessary ask for re-consent, and for delegates to events we will only hold personal data beyond the event in order to enable us to analyse delegate engagement and to help us improve future events.
If you would like any further information about how we use and store your information please contact us at email@example.com
Where we rely on your consent to process your personal data, you have the right to withdraw your consent at any time.
In addition you have the right to
- Rectification – if you believe our records of your personal information are inaccurate, you have the right to ask for those records to be updated.
- Restrict processing – you have the right to ask for processing of your personal data to be restricted if there is disagreement about its accuracy or legitimate usage.
- Right to data portability – you may ask us to provide your information to you – or another service provider – in a machine-readable format
Please contact us at firstname.lastname@example.org if you wish to exercise any of these rights.
Complaints about how we process your data should be make to the Information Commissioner’s Office.
What kind of cookies do we use?
We may use Google Analytics to help us to analyse how you use our site. The cookie generates information (including your IP address), and this information is stored by Google. Google may also transfer this information to third parties where required to do so by law, or when such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.
Links to third party websites
Social media sites