Privacy Policy
(1) User Privacy And Data Protection Overview
(1.1) The Black Isle Men's Shed (“us”, “we”, or “our”) operates the website at http://bimshed.uk which is referred to as ‘The Service’.
(1.2) This page informs you of our policy regarding the collection, use and disclosure of Personal Information when you use The Service.
(1.3) We will not use or share your information with any other person, website or organisation except as described in this Privacy Policy.
(1.4) We use your Personal Information simply to provide, monitor and improve The Service and to allow us to respond to enquiries placed through it. By using The Service, you agree to the collection and use of information in accordance with this policy.
(1.5) We only collect, process and store what is absolutely necessary in connection with the objectives of The Service.
(1.6) We will never sell, rent or otherwise distribute or make public your Personal Information and use reasonable endeavours to protect it whilst we store it.
(1.7) The only occasions where a third party will be provided with your information is when the order for disclosure is made with proper legal authority required by law or to protect our rights or the rights of others.
(1.8) We will do our very best to protect the information you disclose and store it securely. We cannot however absolutely guarantee its security so by using The Service you accept the inherent risks of providing us with information via The Service and will not hold us responsible for any breach of security.
(1.9) The only Personal Information which we store on The Service is that which you enter using our enquiry pages or the membership application page. No other Personal Information from any other source is stored.
(2) Relevant Legislation
(2.2) The Service is designed to comply with the following legislation with regards to data protection and user privacy:
EU General Data Protection Regulation 2018 (GDPR)
Data Protection Act 1998
(3) Information Collected or Stored By The Service
We collect and/or use information for the following reasons:
(3.1) Cookies
A cookie consists of a small file sent by a web server to a web browser, and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser. We use both “session” cookies and “persistent” cookies on the website. We will use the session cookies to keep track of you whilst you navigate the website and use the persistent cookies to enable our website to recognise you each time visit.
Session cookies will be deleted from your computer when you close your browser and persistent cookies will remain stored on your computer until deleted or until they reach a specified expiry date.
(3.2) Enquiry and Membership Application Forms
While using The Service, we may ask you to provide us with certain Personal Information which can be used to contact or identify you or to create a membership record for you.
Examples of personally identifiable information may include the following:
Name
Email address
Postal address
Mobile and/or home phone number
Should you choose to contact us using any of the enquiry forms on our site, none of the data that you enter and transmit will be stored on The Service. Your enquiry will be handled by a 3rd party processor called Cognito LLC. Transmission of your information from a webpage on this site to Cognito will be done using a secure protocol (https). A record of each enquiry will be retained on Cognito’s secure server and deleted at regular intervals. Information provided in relation to an application for membership will be stored on a 3rd party service called Airtable.com whose privacy policy can be found at https://www.airtable.com/company/privacy
Personal Information entered via any enquiry form will only be used as part of any response to that specific enquiry.
The Cognito privacy statement can be found at https://www.cognitoforms.com/privacy
A copy of user submitted data via Cognito services will also be entered into an email which will be sent to us using Simple Mail Transfer Protocol (SMTP) protected by TLS (or SSL).
This means that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the internet before being decrypted by our local computers and devices.
(4) Data Breaches
We will report any unlawful data breach of The Service’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
(5) Data Controller
The data controller of The Service is: Richard Evans
Who can be contacted by email at richardf.evans@gmail.com
(6) Data Protection Officer
The data controller of The Service is: John Tuach
Who can be contacted by email at tuach999@gmail.com
(7) Changes To Our Privacy Policy
This privacy policy may change from time to time in line with legislation or industry developments. We will not explicitly inform our website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes. Specific policy changes and updates are mentioned in the change log below.
(8) Third party websites
The website contains links to other external websites which we feel may be if interest to users of The Service – we are not responsible for the privacy policies, contents or practices of these third party websites.
(9) Change log
23/03/2024 : Privacy policy updated