We are committed to safeguarding the privacy of our Orpington 1st email subscribers.
This policy applies where we are acting as the data controller with respect to the personal data of Orpington 1st email subscribers.
This policy will cover how we process your data, our policy on data transference, and your rights as a data subject in compliance with the EU GDPR [25th May 2018].
In this policy, “we”, “us” and “our” refer to Orpington 1st
Personal data is obtained for a specified purpose which is outlined on our sign-up forms.
Personal data is acquired through legal methods where we have been given consent of the data subject via a positive opt-in.
We collect the minimum personal data necessary to enable us to keep you updated with the content which you have signed up for.
Our lawful basis for processing your personal data is that we have been given consent by the user when they completed the relevant sign-up form.
We will only process your data for the purposes which are explicitly outlined in our email sign-up form(s).
Personal data is processed safely & securely, and unauthorised access will not be permitted.
Personal data will be completely removed from all data storage points as soon as the data is no longer required or if the individual puts in a request (see 6. Your rights).
We will not transfer personal data outside of the European Union, to third countries or international organisations.
Personal data acquired from the Orpington 1st email sign-up form is not permitted to be shared with third parties for marketing or any other purpose.
Where confidential information is legally required to be shared, the file(s) will be encrypted and securely protected with a strong password in line with ICO security protocol.
We will log the date, time, recipient, filename, format, method of transfer and classification of the data in the transference log.
Individuals have the right to be informed of about the collection and use of their personal data.
Individuals have the right to access their personal data and verify the lawfulness of the processing.
Individuals have the right to rectify and amend any personal data being kept on them such as a change in email address or name.
Individuals have the right for their data to be erased entirely from the Orpington 1st database.
Individuals have the right to restrict processing of their data.
Individuals have the right to data portability, which allows individuals to obtain and reuse their personal data for their own purposes across different services.
Individuals have the right to object to: processing based on legitimate interests or the performances of a task in the public interest/exercise of official authority (including profiling); direct marketing (including profiling); and processing for purposes of scientific/historical research and statistics.
Individuals have the right to complain to the ICO if they feel that data is being mishandled or misused by us in any way.
You will not be charged should you decide to exercise any of the individual rights outlined above; such as requesting access to your data.
To exercise any of these rights contact email@example.com with your request.
Requests will be responded to within 1 month.
Breach of Data
We work to ensure that all personal data is kept safely & securely, however we are also required to have an action plan in the event of a personal data breach by an unauthorised third party.
We are required to report any personal data breach to the ICO within 72 hours of its occurrence.
If a data breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, we are required to notify those individuals without undue delay.
Data Protection Officer
Our data protection officer’s contact details are: E: firstname.lastname@example.org
Enter your email address below to receive regular updates directly to your inbox.