Portland Rock

Data Compliance for Portland Rock Consortium www.PortlandRockConsortium.com

This page outlines the data compliance practices of Portland Rock Consortium, ensuring adherence to UK data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We are committed to protecting the privacy and rights of our users.

1. Privacy Policy

Our Privacy Policy details how we collect, use, store, and share your data when you visit and interact with www.PortlandRockConsortium.com. Please read the full Privacy Policy [Link to Privacy Policy Herewww.PortlandRockConsortium.com/data-privacy

Key points include:

  • Data Collection: We collect information you provide directly (e.g., through contact forms, event registration) and data collected automatically (e.g., cookies, IP addresses, browser information). We only collect data necessary for specific, legitimate purposes.
  • Data Usage: We use your data to:
    • Provide and improve our website and services.
    • Respond to your inquiries and provide customer support.
    • Process event registrations and communicate related information.
    • Send newsletters and promotional materials (only with your consent).
    • Analyze website usage to improve user experience.
  • Legal Basis for Processing: We process your data based on the following legal grounds:
    • Consent: For marketing communications and non-essential cookies.
    • Contractual Obligation: For services you request (e.g., event registration).
    • Legitimate Interests: For website operation, security, and improvement (where these interests are not overridden by your rights).
  • Data Storage and Security: We implement robust security measures to protect your data from unauthorized access, use, or disclosure. We store your data on secure servers and regularly review our security practices.
  • Data Sharing: We may share your data with trusted third-party service providers (e.g., website hosting, email marketing platforms) who assist us in operating our website and providing services to you. We only share data with providers who comply with data protection laws. We will never sell your data to third parties.
  • Your Rights: Under the UK GDPR, you have the following rights:
    • Right to Access: You can request a copy of the data we hold about you.
    • Right to Rectification: You can request that we correct any inaccurate or incomplete data.
    • Right to Erasure: You can request that we delete your data in certain circumstances.
    • Right to Restrict Processing: You can request that we limit the way we use your data in certain circumstances.
    • Right to Data Portability: You can request to receive your data in a portable format.
    • Right to Object: You can object to our processing of your data in certain circumstances.
    • Right to Withdraw Consent: You can withdraw your consent to our processing of your data at any time.
  • Contact Information: For all data-related inquiries, please contact: [Your Data Protection Officer/Contact Person Name and Email Address]

2. Cookie Policy and Consent

We use cookies to enhance your experience on www.PortlandRockConsortium.com. Read our full Cookie Policy [Link to Cookie Policy Here – This should link to your dedicated Cookie Policy page or a section within your Privacy Policy]. Our Cookie Policy explains:

  • What are Cookies: Explanation of what cookies are and how they work.
  • Types of Cookies We Use:
    • Essential Cookies: These cookies are necessary for the website to function properly (e.g., session cookies, security cookies). These do not require consent.
    • Analytical/Performance Cookies: These cookies allow us to analyze website usage and improve performance (e.g., Google Analytics). These require consent.
    • Functional Cookies: These cookies allow the website to remember your preferences (e.g., language settings). These may require consent depending on the specifics.
    • Targeting/Advertising Cookies: These cookies track your browsing activity to display targeted advertisements. These always require consent. [Note: Assess if you even use these. If not, remove this section. If you do, be very clear about the third parties involved].
  • Cookie Consent: Upon your first visit, you will be presented with a cookie banner requesting your consent to use non-essential cookies. You can manage your cookie preferences at any time by [Link to Cookie Settings/Instructions – Explain how users can change or withdraw their cookie consent]. You can also adjust your browser settings to block cookies, but this may affect the functionality of the website.

3. Terms and Conditions

Our Terms and Conditions govern your use of www.PortlandRockConsortium.com. Please read the full Terms and Conditions [Link to Terms and Conditions Page Here]. Key points include:

  • Acceptance of Terms: By using this website, you agree to be bound by these Terms and Conditions.
  • Website Content: All content on this website is owned by Portland Rock Consortium or its licensors and is protected by copyright and other intellectual property laws.
  • Permitted Use: You may use the website for informational and non-commercial purposes only.
  • Prohibited Activities: You may not engage in any activity that violates these Terms and Conditions, including:
    • Harassing, threatening, or abusing other users.
    • Posting or transmitting unlawful, harmful, or offensive content.
    • Attempting to gain unauthorized access to the website or its systems.
    • Interfering with the operation of the website.
  • Disclaimer of Liability: We are not liable for any damages arising from your use of this website.
  • Governing Law: These Terms and Conditions are governed by the laws of England and Wales.

4. Access and Consent Forms

When collecting personal data through forms (e.g., newsletters, event registration), we ensure:

  • Opt-In Consent: We obtain explicit consent from you before collecting your data. Consent checkboxes are unchecked by default.
  • Clear Language: We use clear and concise language to explain how your data will be used.
  • Easy Withdrawal of Consent: You can easily withdraw your consent at any time by clicking the “unsubscribe” link in our emails or by contacting us at [Your Data Protection Officer/Contact Person Name and Email Address].

5. Data Breach and Security Information

We take data security seriously. We have implemented technical and organizational measures to protect your data from unauthorized access, use, or disclosure. In the event of a data breach, we will:

  • Notify the Information Commissioner’s Office (ICO) within 72 hours, as required by law.
  • Notify affected individuals without undue delay if the breach poses a high risk to their rights and freedoms.
  • Take steps to contain and remediate the breach.

6. Data Retention Policy

We retain your data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, and reporting requirements.

  • Criteria for Retention Periods: We determine retention periods based on:
    • The nature and sensitivity of the data.
    • The purpose for which the data was collected.
    • Legal and regulatory requirements.
    • Our legitimate business interests.
  • Examples:
    • Contact form submissions: 1 year
    • Event registration data: 3 years after the event.
    • Newsletter subscription data: Until you unsubscribe.

7. Third-Party Services

We use the following third-party services that may process your data:

  • Google Analytics: For website analytics and performance monitoring. Refer to Google’s Privacy Policy for details.
  • [List all other third-party services used and link to their respective privacy policies. Examples: Mailchimp for email marketing, payment processors, social media plugins.]