(1) User Privacy And Data Protection Overview
(1.1) The Black Isle Men's Shed (“us”, “we”, or “our”) operates the website at http://bimshed.uk which is referred to as 'The Service'.
(1.2) This page informs you of our policy regarding the collection, use and disclosure of Personal Information when you use The Service.
(1.4) We use your Personal Information simply to provide, monitor and improve The Service and to allow us to respond to enquiries placed through it. By using The Service, you agree to the collection and use of information in accordance with this policy.
(1.5) We only collect, process and store what is absolutely necessary in connection with the objectives of The Service.
(1.6) We will never sell, rent or otherwise distribute or make public your Personal Information and use reasonable endeavours to protect it whilst we store it.
(1.7) The only occasions where a third party will be provided with your information is when the order for disclosure is made with proper legal authority required by law or to protect our rights or the rights of others.
(1.8) We will do our very best to protect the information you disclose and store it securely. We cannot however absolutely guarantee its security so by using The Service you accept the inherent risks of providing us with information via The Service and will not hold us responsible for any breach of security.
(1.9) The only Personal Information which we store on The Service is that which you enter using our enquiry pages. No other Personal Information from any other source is stored.
(2) Relevant Legislation
(2.2) The Service is designed to comply with the following legislation with regards to data protection and user privacy:
EU General Data Protection Regulation 2018 (GDPR)
Data Protection Act 1998
(3) Information Collected or Stored By The Service
We collect and/or use information for the following reasons:
A cookie consists of a small file sent by a web server to a web browser, and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser. We use both "session" cookies and "persistent" cookies on the website. We will use the session cookies to keep track of you whilst you navigate the website and use the persistent cookies to enable our website to recognise you each time visit.
Session cookies will be deleted from your computer when you close your browser and persistent cookies will remain stored on your computer until deleted or until they reach a specified expiry date.
(3.2) Cookies Used (Name, Function and Retention Period)
PHPSESSID : Used to determine if the cookie information notice should be displayed. Deleted at end of session.
NID : Placed by Google.com when a map of one of our branches is displayed. Deleted after six months.
_GA : Placed by the Google Analytics process. Deleted after two years.
_GAT : Placed by the Google Analytics process. Deleted after session.
_GID : Placed by the Google Analytics process. Deleted after session.
COLLECT : Placed by the Google Analytics process. Deleted after session.
For more information on the subject please go to https://www.aboutcookies.org/how-to-control-cookies/.
(3.3) Site Usage Analysis
Like many websites, we use a 3rd party data processor called Google Analytics (GA) and their logging software to track user interaction, to determine the number of people using our site, to better understand how they find and use our web pages and to follow their journey through the website. Although this logging software collects data such as your geographical location, device, internet browser and operating system and IP address, none of this information personally identifies you to us and the IP address is concealed from us.
(Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within The Service.)
(3.4) Enquiry Forms
While using The Service, we may ask you to provide us with certain Personal Information which can be used to contact or identify you. Personally identifiable information may include:
Mobile or home phone number
Should you choose to contact us using any of the enquiry forms on our site, none of the data that you enter and transmit will be stored on The Service. Your enquiry will be handled by a 3rd party processor called Cognito LLC. Transmission of your information from a webpage on this site to Cognito will be done using a secure protocol (https). A file copy of each enquiry will be retained on Cognito's secure server and can only be accessed by a board member of the Black Isle Men's Shed.
Personal Information entered via any enquiry form will only be used as part of any response to that specific enquiry.
The Cognito privacy statement can be found at https://www.cognitoforms.com/privacy
A copy of user submitted data via Cognito services will also be entered into an email which will be sent to us using Simple Mail Transfer Protocol (SMTP) protected by TLS (or SSL).
This means that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the internet before being decrypted by our local computers and devices.
(3.5) Mailing List
Our mailing list facility is provided by a 3rd party processor called MailChimp who store our member email addresses.
(4) Data Breaches
We will report any unlawful data breach of The Service’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
(5) Data Controller
The data controller of The Service is: John Tuach (Board Member) who can be contacted via the Service Enquiry page
(8) Third party websites
The website contains links to other external websites which we feel may be if interest to users of The Service - we are not responsible for the privacy policies, contents or practices of these third party websites.
(9) Change log