Homer Creative Limited is committed to a policy of protecting the rights and privacy of individuals, voluntary and community group members, volunteers staff and others in accordance with The Data Protection Act 1998. The policy applies to all voluntary and community group members and staff at the community Centre. Any breach of The Data Protection Act 1998 or The Community Centre Data Protection Policy is considered to be an offence and in that event, disciplinary procedures apply.
As a matter of good practice, other organisations and individuals working with the Centre, and who have access to personal information, will be expected to have read and comply with this policy. It is expected that any staff who deal with external organisations will take responsibility for ensuring that such organisations sign a contract agreeing to abide by this policy.
Data are protected by the Data Protection Act 1998, which came into effect on 1 March 2000. Its purpose is to protect the rights and privacy of individuals and to ensure that personal data are not processed without their knowledge, and, wherever possible, is processed without their consent.
The Act requires us to register the fact that we hold personal data and to acknowledge the right of ‘subject access’ – voluntary and community group members and staff must have the right to copies of their own data.
Managing Data Protection
We will ensure that our details are registered with the Information Commissioner.
Purpose of data held by the Community Association
Data may be held by us for the following purposes:
1. Staff Administration
2. Accounts & Records
3. Client Relationship Management
Data Protection Principles
In terms of the Data Protection Act 1998, we are the ‘data controller’, and as such determine the purpose for which, and the manner in which, any personal data are, or are to be, processed.
SECTION 1 - WHAT DO WE DO WITH YOUR INFORMATION?
When you commission our design or web services, we collect relevant personal information and company details. This includes your name, company address, company name, company email address and company phone number. We use this solely for means to contact you in relation to the commissioned project, to communicate new services and update you on what we are doing and to enable us to deal with relevant financial implications of being commissioned to carry out design or web design and development services.
When you browse our website we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system. This enables us to improve our service to our clients.
SECTION 2 - CONSENT
How do you get my consent?
When you commission our design, web services, visit our website or contact us regarding these services we imply that you consent to us collecting the data outlined above.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at firstname.lastname@example.org or mailing us at: Homer Creative Ltd 208/209 The Greenhouse, The Custard Factory, Gibb Street, Digbeth, Birmingham B9 4DJ, United Kingdom
SECTION 3 - NOT KEPT LONGER THAN NECESSARY
We discourage the retention of data for longer than it is required. All personal data will be deleted or destroyed by us after 6 years for former staff/employees or 3 years for clients/customers if we have not continued to maintain a working relationship with them.
SECTION 4 - DISCLOSURE
We may disclose your personal information if we are required by law to do so.
SECTION 5 - THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways, individual websites and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
When you click on links on our website, website's or shops, they may direct you away from the original site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
SECTION 6 - SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
Different sites have different cookies, the cookies are mainly used for browser sessions, these usually include laravel-session and a xsrf token, this is for user security and identification.
SECTION 7 - AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
If our website, our built websites or stores is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
SECTION 9 - DATA BREACHES
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at email@example.com or by mail at Homer Creative Ltd.
[Re: Privacy Compliance Officer]
[208/209 The Greenhouse, The Custard Factory, Gibb Street, Digbeth, Birmingham, B9 4DJ, United Kingdom]