UK General Data Protection Regulations
Definitions
FOSS means Friends of Sway Station
The ‘UK-GDPR’ means General Data Protection Regulation in the United Kingdom (under the UK Data Protection Act).
The terms ‘Personal Data’, ‘Data Controller’ and ‘Data Subject’ are used in this document as they are defined in the UK-GDPR.
Data Controller
FOSS is the Data Controller of all Personal Data that is stored by FOSS.
What Personal Data FOSS holds.
FOSS stores the following categories of Personal Data:
Website login account information – user name, email address, login records
Electronic Mail – email address, name
Web site logs – IP address, time, URL visited
Member Relationship Management – email address, name, mailing address, phone number(s)
All this data is held either by explicit permission from the individual, or for performance of normal service by FOSS, or compliance with legal obligations.
This Personal Data is subject to the rights listed below.
What FOSS uses Personal Data for
To provide services related to FOSS.
Who Has Access to This Personal Data?
The FOSS members, service providers and legal or other professional advisers to FOSS may be given access to Personal Data held by FOSS. This is required to fulfill FOSS obligations of support to its membership and support to users of FOSS services.
FOSS may provide Personal Data to Government authorities, regulatory authorities, law enforcement bodies, for the purposes of compliance with legal requirements, or for the exercise or defence of legal claims.
Security of Personal Data
FOSS has strict security procedures for storing Personal Data to protect it against loss or damage. All Personal Data stored by FOSS is protected by TLS (Transport Layer Security) / (SSL) Secure Sockets Layer to the same level used by most banking and financial institutions, and database encryption.
FOSS may disclose Personal Data to its agents or subcontractors for the purposes set out in this privacy policy. We require all our agents and subcontractors to have appropriate technical and operational security measures in place to protect your personal data, in line with United Kingdom legislation.
Retention of Data
FOSS deletes web site login records, WWW logs and email logs after 6 months.
FOSS maintains (encrypted) backups of all data systems and maintains these backups for no more than 13 months.
Rights to Your Personal Data
Data Subjects have the following rights in relation to Personal Data stored by FOSS:
Right of access – You have the right to request a copy of the data that we hold about you.
Right of rectification – You have the right to request FOSS to correct any inaccurate or incomplete Personal Data that FOSS holds about you.
Right to be forgotten – In many situations, you have the right for your personal data to be deleted from our records. There may be situations where FOSS is unable to comply with an erasure request, in particular where FOSS is required to continue to hold certain Personal Data due to legal obligations or where holding the Personal Data is necessary for the exercise or defence of legal claims, or where it is impossible or unreasonably difficult to remove your personal data.
Right of restriction – This means that your personal data may, with the exception of storage, only be processed with your consent for the establishment, exercise or defence of legal claims, for the protection of the rights of another natural or legal person or for reasons of public interest.
Right of portability – You have the right to receive your personal data in structured, commonly used and machine-readable formats, or have the data we hold about you transferred to another data controller.
Right to object – You have the right to object to the processing of your Personal Data in certain circumstances. You also have the absolute right to stop your data from being used for direct marketing.
Right to object to automated processing – You have the right not to be subject to decisions based solely on automated processing, including profiling.
Right to judicial remedy – You have the right to an effective judicial remedy where you consider that your rights under the UK-GDPR have been infringed as a result of the processing of your personal data in non-compliance with the UK-GDPR.
Our Privacy Policy may be updated from time to time. Any changes to our policy will be communicated to you either by e-mail or a notice on our website.
Cookies
This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers.
Contact information
All communications concerning privacy related issues should be sent by using the contact form on this website (using the contact menu option at the bottom of this page).
FOSS will respond to and, where appropriate, act on privacy-related communications within one calendar month.
This privacy policy was last updated on 30th July 2024.