This policy describes how we collect and use your personal data during your use of the Uncomfortable Oxford website www.uncomfortableoxford.co.uk (the ‘website’) and related services in accordance with the General Data Protection Regulation (GDPR) and related UK data protection legislation.
1. Who is using your data?
Uncomfortable Oxford is the data controller for the information that we collect when you visit the website. This means that we decide how to use it and are responsible for looking after it in accordance with the GDPR.
Access to your personal data within the project will be provided to those contributors or volunteers who need to view it as part of their work. It will also be shared with the third parties described in point 4.
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. We may update this policy at any time.
2. Types of data we collect about you
We receive, collect, store and use any information you enter on our website, for example your email address when you subscribe to our mailing list, or your name when you contact us through the contact form.
We automatically collect, store, and use technical information, for example, the type of device (and its unique device identifier) you use to access our site, the internet protocol (IP) address used to connect your device to the internet, browser type and version as well as operating systems. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page.
3. How we use your data
We process your data for purposes arising from your use of the website, for example, to ensure that we understand who uses our site and how our site is used and to improve our site and ensure it is secure.
The information you enter on our website, for example through the subscription or contact webforms, may be used to contact you in order to inform you about our work, upcoming events or any other related matters regarding our project.
We will only use your data for the purposes for which we collected it. For example, we will not automatically add your email address to our mailing list when you contact us or sign up to one of our events, unless you have given us consent to do so. If we need to use your data for an unrelated purpose, we will seek your consent to use it for that new purpose.
4. Sharing your data with third parties
We may share your data with third parties who provide services on our behalf, such as those who help us to operate the website. In order to communicate with you, we may share your data with third party email services, for example Gmail. As part of this, your data may be processed outside of the EEA. All our third-party service providers are required to take appropriate security measures to protect your data in line with our policies.
Where your data is shared with third parties, we will seek to share the minimum amount necessary.
5. Third party websites
Our site contains links to and from various third party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
6. Retaining your data
We will only retain your data for as long as we need it to fulfil our purposes, including any relating to legal, accounting, or reporting requirements.
We use session cookies and persistent cookies on our website.
8. Your rights
You can withdraw your consent for us to use your data any time. If you don’t want us to process your data anymore, please contact us at firstname.lastname@example.org
Under the GDPR you have the right to requests access to, correction of and erasure of your personal data. If you want to exercise any of these rights, please contact us at the above email address.
9. Changes to this policy