Privacy Policy
1. Introduction
At South Staffordshire Conservatives, accessible via southstaffordshireconservatives.com, we are committed to protecting your personal data and your right to privacy. This Privacy Policy outlines how we gather, store, use, and protect your information in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We approach all interactions with a privacy-first mindset and believe that your data belongs to you.
2. Scope of This Policy and Data Controller Responsibility
This Privacy Policy applies to individuals who access, browse, or interact with southstaffordshireconservatives.com and related services.
For the purposes of applicable data protection legislation, South Staffordshire Conservatives acts as the Data Controller for any personal data collected. If you have questions regarding our data practices or the scope of this Privacy Policy, you may contact us at [email protected].
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data:
– Usage Data: Information about how you use the website, such as your device’s browser type, pages visited, Internet Protocol (IP) address, session duration, and access times.
– Account Data: Identity-related details such as your full name, postal address, email address, and phone number, submitted when you join, register, or donate.
– Profile Data: Information relating to your preferences, user behavior, event attendance, donation history, or interaction with content or services.
– Communication Data: Correspondence sent through our contact forms, email communications, and customer service interactions.
– Technical Data: Details about the device and platforms you use, including operating system, hardware model, browser configuration, and mobile network data.
– Transaction Data: Payment-related details, donation records, billing and shipping addresses, and fulfillment information.
– Preference Data: Records of your marketing consents, newsletter subscriptions, and interest in specific issues, campaigns, or functionalities.
4. Legal Bases for Processing Personal Data
We process your personal data under the following lawful bases, where applicable:
– Consent: Where we have obtained your express permission, such as for marketing emails or newsletters.
– Contractual Necessity: Where data processing is required for the performance of a contract to which you are a party, such as a donation or event registration.
– Legal Obligation: Where we are required to comply with applicable legal or regulatory obligations, including electoral law.
– Legitimate Interests: Where processing is necessary for our legitimate interests, and your rights and freedoms do not override those interests. Example interests include service improvement, member engagement, security, and fraud prevention.
5. Your Rights
Under GDPR and CCPA, you retain full control of your personal data. Your rights include:
– Right of Access: You may request confirmation as to whether your personal data is being processed and obtain a copy.
– Right to Rectification: You have the right to correct inaccuracies or complete incomplete data.
– Right to Erasure: You may request deletion of your personal data under certain conditions.
– Right to Restriction of Processing: You may ask us to restrict processing of your data in certain circumstances.
– Right to Data Portability: Where applicable, we will provide your personal data in a structured, commonly used format so you may transmit it to another controller.
To exercise any of these rights, please contact us at [email protected]. We may require verification to process your request.
California residents also benefit from additional rights to access data categories sold or disclosed, and to opt out of any “sale” of personal data under CCPA definitions. We do not sell your information.
6. Security Measures
We have implemented appropriate technical and organizational safeguards to ensure a high level of security and confidentiality of your personal data. These include but are not limited to:
– AES-level data encryption during transmission and at rest;
– Access control protocols to restrict data to authorized personnel only;
– Regular data backups and secure storage solutions;
– Ongoing staff training on privacy and cyber hygiene.
While we follow best industry standards, no method of transmission over the Internet or electronic storage is entirely secure. Therefore, we cannot guarantee absolute security.
7. International Data Transfers
If your personal data is transferred outside the United Kingdom, European Economic Area (EEA), or California, we ensure such transfers comply with applicable data transfer regulations. This may include reliance on:
– Standard Contractual Clauses approved by the European Commission;
– Adequacy decisions by the European Commission;
– Verified mechanisms under U.S. Privacy Framework protocols.
We take steps to ensure your data receives a similar degree of protection.
8. Data Retention
We retain personal data only as long as is necessary for the purposes for which it was collected, or to meet legal, accounting, or reporting obligations. Retention periods may vary:
– Account Data: Retained until closure of an account or lapse in engagement for 24 months;
– Communication Data: Retained for one year from the last contact;
– Transaction Data: Tax and donation records retained for up to 7 years;
– Preference & Marketing Data: Retained until you withdraw consent or opt out;
– Technical & Usage Data: Retained for up to 12 months for analytical purposes.
Upon expiry of these periods, data is deleted or fully anonymised.
9. Cookie Policy
Our website, southstaffordshireconservatives.com, uses cookies to enhance user experience. Categories of cookies include:
– Essential Cookies: These are necessary for the operation of the site and enable core functionalities such as secure log-ins and form submissions.
– Functional Cookies: Used to remember user preferences and enhance personalization.
– Analytics Cookies: These allow us to understand interaction patterns (e.g., Google Analytics), helping us refine content and measure performance.
– Performance Cookies: Facilitate tracking of website responsiveness and error management.
Cookies do not identify you personally but associate the data with a unique identifier.
10. Cookie Management and User Consent
When first visiting our site, you are given the choice to accept or manage cookie settings in line with GDPR and CCPA regulations.
You can modify your preferences at any time via your browser settings or through our cookie consent banner. Opting out of certain cookies may limit functionality. California users have the right to opt out of tracking where applicable.
11. Children’s Privacy
We do not knowingly collect personal data from children under the age of 13. If you are a parent or guardian and believe your child has submitted personal data through southstaffordshireconservatives.com, please contact us promptly at [email protected] so that we may take appropriate steps to delete such data.
12. Changes to This Privacy Policy
We reserve the right to amend this Privacy Policy from time to time to reflect evolving legal, regulatory, or operational requirements. If any material changes are made, we will update the policy on the website and announce the update via prominent notice or email (where applicable).
We encourage you to review this policy periodically.
13. Contact Us
For any inquiries, concerns, or requests regarding this Privacy Policy or our handling of your personal data, please contact:
South Staffordshire Conservatives
Email: [email protected]
Website: southstaffordshireconservatives.com
We are committed to complying with GDPR, CCPA, and other relevant privacy frameworks. You are encouraged to contact us with any privacy-related concerns or complaints, and we will respond promptly in accordance with our obligations.