1. TACT (The Adolescent and Children’s Trust) takes your privacy seriously. This policy outlines the use of personal data under the Data Protection Act 2018 (DPA) and the General Data Protection Regulations (GDPR).
2. For the purpose of DPA and GDPR we are the data controller and any enquiry regarding the collection or processing of your data should be addressed to Data Controller, TACT, The Courtyard, 303 Hither Green Lane, London SE13 6TJ.
3. By using the website you consent to this policy.
4. We will collect personal data on this website only if it is directly provided to us by you (the user). The data we collect will only be in relation to the service you are requesting from us.
5. We use analytical and statistical tools that monitor details of your visits to our website and the resources that you access, including, but not limited to, traffic data, location data, weblogs and other communication data (but this data will not identify you personally).
6. We may hold and process personal data that you provide to us in accordance with the DPA and GDPR.
7. The information that we collect and store relating to you is used to enable us to provide our services to you, and to meet our contractual commitments to you. Where you have consented to us contacting you, we may do so by post, email, phone or text.
8. We may disclose your information to regulatory bodies to enable us to comply with the law and to assist fraud protection and minimise credit risk.
9. You can revoke or vary consent at any time. If you do not want us to use your data or want to vary the consent that you have provided you can write to us at the address detailed in clause 2 above or email us at email@example.com at any time
10. We do not use or disclose sensitive personal data, such as race, religion, or political affiliations, without your explicit consent.
11. Otherwise, we will process, disclose or share your personal data only if required to do so by law or in the good faith belief that such action is necessary to comply with legal requirements or legal process served on us or the website.
12. We will not use your personal data for marketing purposes.
13. The transmission of information via the Internet or email is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of data while you are transmitting it to our site; any such transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.
14. We will hold your data in line with our data retention policy or until you opt out, whichever is the sooner.
15. All data hosted remains within the European Union. All data backups are encrypted at the time of creation, during transmission and in storage. Our lifecycle policies remove old backups after a set period of time. Backups are used only to restore data in the event of data loss either through system failure or by client request.
16. There are daily MYSQL backups that run each night at midnight, encrypted on the server and kept on a 60 day lifecycle policy.
17. The content management system, WordPress, provides weekly backups. These backups are encrypted during creation and during transmission. These backups are kept on a 60 day lifecycle policy.
18. You might find links to third party websites on our website. These websites should have their own privacy policies, which you should check. We do not accept any responsibility or liability for their policies whatsoever.
20. You can choose to manage the cookies we use on this website through your browser settings at any time. For more information about how to do this, and about cookies in general, please visit https://ico.org.uk/for-the-public/online/cookies/.
|YouTube||Embedded videos from YouTube using YouTube’s privacy-enhanced mode. This mode may set cookies on your computer once you click on the YouTube video player, but YouTube will not store personally identifiable cookie information for playbacks of embedded videos using the privacy enhanced mode.
Read more at YouTube’s embedding videos information page.
|Googtrans||This cookie is used by the google translate api when using language translations.|
|This analytical cookie tracks the number of times a visitor has been to the site, how long a visit lasts, where visitors come from to arrive at the site, including which keywords were used in a search engine and which link was clicked on.|
|PHPSESSID||This cookie is used to keep track of session data|
21. The DPA and GDPR give you the right to access information held about you by us. Please write to us or contact us by email if you wish to request confirmation of what personal information we hold relating to you. You can write to us at the address detailed in clause 2, above, or by email to firstname.lastname@example.org. There is no charge for requesting that we provide you with details of the personal data that we hold. We will provide this information within one month of your requesting the data.
22.You have the right to change the permissions that you have given us in relation to how we may use your data. You also have the right to request that we cease using your data or that we delete all personal data records that we hold relating to you. You can exercise these rights at any time by writing to us at the address detailed in clause 2, above, or by email to email@example.com.
23. We may update these policies to reflect changes to the website and customer feedback. Please regularly review these policies to be informed of how we are protecting your personal data.We welcome any queries, comments or requests you may have regarding these policies. Please do not hesitate to contact us at Data Controller, TACT, The Courtyard, 303 Hither Green Lane, London SE13 6TJ or by emailing: firstname.lastname@example.org.
Last Updated: May 2018