What personal data we collect and why we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Contact and sign up forms

If you sign up as a member, we will collect your name and contact information so we can get in touch with you and so you can maintain your account.

We do not share these details with anyone.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

Like most websites this website use ‘cookies’. These are small data files which are stored on your device in order to improve the functionality and management of the site.

Below is an explanation of the cookies we use on this site and elsewhere, and how we manage this information. As these cookies are commonly used across the web, we recommend disabling cookies in your browser if you do not wish them to be installed on your device.

Google Analytics

We use Google Analytics to record anonymised data about how this website is used. This enables us to measure how many people use the website, how they reach the site, and what pages they visit.

This information helps us improve the website by understanding how people use it, and also enables us to report to funders about how well the site is performing.

Google Analytics does not allow us to view individual user details; it only enables us to analyse patterns of behaviour across multiple users. It collects users’ IP addresses, but solely for the purpose of analysing where in the world people are using this site.

WordPress

This website is built with WordPress. This relies on cookies for basic management tasks, such as identifying whether a user is logged into the website.

The Cookie Consent plugin uses cookies to identify whether a user has seen the pop-up notification.

The WooCommerce extension which runs our online shop and membership, uses cookies to remember basket information.

Comments

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day

 

Social media

If you connect or integrate any social media services with services we provide, you may receive social notifications either from us or from third party companies providing social media services on our behalf. You can manage these social notifications through changing your privacy settings on the relevant social media site or discontinuing any interaction. If you register and provide information to a forum or blog on our Website, the information you provide will be published and will be publicly available on our Website. It will not be used for any other purpose.

 

Content from other websites

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates.  If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.  Please check these policies before you submit any personal data to these websites.

 

What third parties we receive data from

We collect information about you during the checkout process on our store (NDACA Wing Booking system).

What we collect and store

While you visit our site, we’ll track:

  • Booking types you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
  • Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping

We’ll also use cookies to keep track of cart contents while you’re browsing our site.

When you book with us, we’ll ask you to provide information including your name, email address, phone number  and optional account information like username and password. We’ll use this information for purposes, such as, to:

  • Send you information about your account and order
  • Respond to your requests, including cancellations and complaints
  • Comply with any legal obligations we have
  • Improve our service
  • Send you marketing messages, if you choose to receive them

If you create an account, we will store your name, address, email address which will be used to populate the checkout for future bookings.

We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it.

We will also store comments or reviews, if you choose to leave them.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

  • Order information like what was purchased, when it was purchased and where it should be sent, and
  • Customer information like your name and email address

Our team members have access to this information to help fulfill orders, process cancellations and support you.

Who we share your data with

We use the personal information you provide us to ensure that any services or information you have requested can be fulfilled.

We do not share your personal information with anyone.

If you asked to receive more information about our activities and news, we will use the personal contact information you provided to stay in touch with you.

 

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Data protection laws provide you with the following rights to:

  • request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it;
  • request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
  • request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below);
  • request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it; and
  • request a copy of your personal information which you have provided to us, in a structured, commonly used and machine-readable format and the right to transfer it, or to require us to transfer it directly, to another controller; and
  • You also have the right to object to the processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • You will not have to pay a fee to access your personal information (or to exercise any of the other rights above). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
  • We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
  • Where we rely on your consent to process your personal data, for example if we need your consent to send you any direct marketing, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact us using any of the details set out below in the “Contacting Us” section. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
  • If you are unhappy about how your personal data has been used please refer to our complaints policy. You also have a right to complain to the supervisory authority, which in the United Kingdom is the Information Commissioner’s Office https://ico.org.uk/, which regulates the processing of personal data.

Additional information

How we protect your data

Your data is secured by encryption, firewalls and Secure Socket Layer (SSL) technology.  This is industry standard encryption technology which manages the security of messages transmitted across the internet.  When we receive your data, we store it on secure servers which can only be accessed by the web developer Surface Impression.

What data breach procedures we have in place

Data breaches are rare but in the case of this happening they will pinpoint the exact  details of the breach including the time, where it happened on the system, the cause of the breach, and the extent of the damage.

Additional security measures are monitored by the hosting provider.