Quiet Spaces Privacy Policy
Quiet Spaces Privacy PolicyUnder the General Data Protection Regulations (GDPR), Quiet Spaces (as Data Controller) are required to inform all customers (the Data Subjects) of our contact details, all types and sources of customer data that we keep, the purpose and legal basis for keeping that data, how long we keep it, who it is shared with and whether it is transferred to another country.
The GDPR also gives customers (Data Subjects) certain rights including the right to be informed, have access, rectification, erasure, to restrict processing, data portability, the right to object, along with rights regarding automated profiling
This Privacy Policy relates to this website only
Please note our website has SSL(Secure Sockets Layer) This is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.
The Categories of Personal Data Obtained
CUSTOMER DATA - Name, telephone number, email address obtained in person, by phone, by email, and also through the online Mailchimp subscription form on this website
The Purpose of Processing
To reply to emails and provide information requested. To email relevant information regarding the operation of Quiet Spaces Plymouth, to receive the Quiet Spaces Newsletter.
The Lawful Basis of Processing
The lawful basis we rely on for processing is your consent under article 6(1)(a) of the UK GDPR
The Source of the Personal Data
Data is provided by the data subject
Who the Data is Shared with
Data is not shared outside of Quiet Spaces other than processing by Mailchimp who we use for our Newsletter
The Details of Transfers of the Personal Data to any Third Countries or International Organisations
Emails and other information may be kept on Google servers and Weebly (who host this website). Newsletters are processed buy Mailchimp. These are located outside of the EU and UK are in accordance with the GDPR https://privacy.google.com/businesses/compliance https://www.weebly.com/uk/privacy https://mailchimp.com/legal/terms/
The Retention Periods for the Personal Data
All personal data will be erased within 30 days of any request to remove it.
Data Breaches
The GDPR introduces a duty on all organisations to report certain types of personal data breach to the relevant supervisory authority. We must do this within 72 hours of becoming aware of the breach, where feasible. If the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, we will also inform the individuals affected without undue delay. We will keep a record of any personal data breaches, regardless of whether we are required to notify.
YOUR RIGHTS
If you are a European or UK resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.
Right of Access
Individuals (data subjects) have the right to access their personal data and supplementary information. We are required to provide you a copy within one month. If you would like to access your personal data, please do so in writing or by email.
Right of Rectification
Individuals have the right to request that inaccurate personal data is rectified or completed if it is incomplete. An individual can make a request for rectification verbally, in writing or by email.
Right of Erasure
Individuals have the right to request erasure. All personal data will be erased within 30 days of the request. Please contact us in writing or by email
Right to Restrict Processing
Individuals have the right to request the restriction or suppression of their personal data except when needed for protection in case of the establishment, exercise or defence of legal claims. Should you wish to request this please do so in writing by sending an email.
Right to Data Portability
Individuals have the right to data portability. This allows individuals to obtain and reuse their personal data for their own purposes across different services. It allows them to move, copy or transfer personal data easily from one environment to another in a safe and secure way, without hindrance to usability. Should you wish to request this please do so in writing by sending an email. This will be provided within one month
Right to Object
Individuals have the right to object to processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); direct marketing (including profiling); and processing for purposes of scientific/historical research and statistics. We do not process your data in any of these ways.
The Right to Withdraw Consent
You have the right to withdraw consent for the processing of data.
The Right to Lodge a Complaint with a Supervisory Authority
Without prejudice to any other administrative or judicial remedy, every data subject has the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes this Regulation. If you have a concern about the way we are handling your personal information you may contact the Information Commissioner’s Office and report your concerns. This can be done online at https://ico.org.uk/concerns/handling/ or by telephoning the ICO on 0303 123 1113
Name and Contact Details of our Organisation and Representative
Rev Judith Greenfield
Email: [email protected]
PLEASE NOTE THIS WEBSITE CONTAINS LINKS TO OTHER WEBSITES. ONCE YOU HAVE CLICKED ON THE LINK YOU WILL THEN BE GOVERNED BY THAT WEBSITES PRIVACY AND COOKIE POLICY AND YOU WILL HAVE TO PERFORM YOUR OWN DUE DILIGENCE IN DECIDING ON WHETHER TO BROWSE OR USE THAT WEBSITE
COOKIES are used on this website – please read our Cookies Policy
The GDPR also gives customers (Data Subjects) certain rights including the right to be informed, have access, rectification, erasure, to restrict processing, data portability, the right to object, along with rights regarding automated profiling
This Privacy Policy relates to this website only
Please note our website has SSL(Secure Sockets Layer) This is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.
The Categories of Personal Data Obtained
CUSTOMER DATA - Name, telephone number, email address obtained in person, by phone, by email, and also through the online Mailchimp subscription form on this website
The Purpose of Processing
To reply to emails and provide information requested. To email relevant information regarding the operation of Quiet Spaces Plymouth, to receive the Quiet Spaces Newsletter.
The Lawful Basis of Processing
The lawful basis we rely on for processing is your consent under article 6(1)(a) of the UK GDPR
The Source of the Personal Data
Data is provided by the data subject
Who the Data is Shared with
Data is not shared outside of Quiet Spaces other than processing by Mailchimp who we use for our Newsletter
The Details of Transfers of the Personal Data to any Third Countries or International Organisations
Emails and other information may be kept on Google servers and Weebly (who host this website). Newsletters are processed buy Mailchimp. These are located outside of the EU and UK are in accordance with the GDPR https://privacy.google.com/businesses/compliance https://www.weebly.com/uk/privacy https://mailchimp.com/legal/terms/
The Retention Periods for the Personal Data
All personal data will be erased within 30 days of any request to remove it.
Data Breaches
The GDPR introduces a duty on all organisations to report certain types of personal data breach to the relevant supervisory authority. We must do this within 72 hours of becoming aware of the breach, where feasible. If the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, we will also inform the individuals affected without undue delay. We will keep a record of any personal data breaches, regardless of whether we are required to notify.
YOUR RIGHTS
If you are a European or UK resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.
Right of Access
Individuals (data subjects) have the right to access their personal data and supplementary information. We are required to provide you a copy within one month. If you would like to access your personal data, please do so in writing or by email.
Right of Rectification
Individuals have the right to request that inaccurate personal data is rectified or completed if it is incomplete. An individual can make a request for rectification verbally, in writing or by email.
Right of Erasure
Individuals have the right to request erasure. All personal data will be erased within 30 days of the request. Please contact us in writing or by email
Right to Restrict Processing
Individuals have the right to request the restriction or suppression of their personal data except when needed for protection in case of the establishment, exercise or defence of legal claims. Should you wish to request this please do so in writing by sending an email.
Right to Data Portability
Individuals have the right to data portability. This allows individuals to obtain and reuse their personal data for their own purposes across different services. It allows them to move, copy or transfer personal data easily from one environment to another in a safe and secure way, without hindrance to usability. Should you wish to request this please do so in writing by sending an email. This will be provided within one month
Right to Object
Individuals have the right to object to processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); direct marketing (including profiling); and processing for purposes of scientific/historical research and statistics. We do not process your data in any of these ways.
The Right to Withdraw Consent
You have the right to withdraw consent for the processing of data.
The Right to Lodge a Complaint with a Supervisory Authority
Without prejudice to any other administrative or judicial remedy, every data subject has the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes this Regulation. If you have a concern about the way we are handling your personal information you may contact the Information Commissioner’s Office and report your concerns. This can be done online at https://ico.org.uk/concerns/handling/ or by telephoning the ICO on 0303 123 1113
Name and Contact Details of our Organisation and Representative
Rev Judith Greenfield
Email: [email protected]
PLEASE NOTE THIS WEBSITE CONTAINS LINKS TO OTHER WEBSITES. ONCE YOU HAVE CLICKED ON THE LINK YOU WILL THEN BE GOVERNED BY THAT WEBSITES PRIVACY AND COOKIE POLICY AND YOU WILL HAVE TO PERFORM YOUR OWN DUE DILIGENCE IN DECIDING ON WHETHER TO BROWSE OR USE THAT WEBSITE
COOKIES are used on this website – please read our Cookies Policy