Local Solutions Online Privacy Notice
This is the online privacy notice of Local Solutions.
We respect your privacy and are determined to protect your personal
data. The purpose of this privacy notice is to inform you as to how we look after your personal data when you visit our websites (regardless of where you visit it from). We’ll also tell you about your privacy rights and how the data protection law protects you.
This privacy statement covers the following websites: www.localsolutions.org.uk; www.liverpoolwatersports.org.uk; www.mytime4carers.co.uk; www.resettlementpassport.org.uk; www.worstkeptsecret.org.uk and www.bullybusters.org.uk.
This Privacy Notice is set out in the following sections:
1. WHO WE ARE AND IMPORTANT INFORMATION
2. THE PERSONAL DATA WE COLLECT ABOUT YOU
3. HOW WE COLLECT YOUR PERSONAL DATA
4. HOW WE USE YOUR PERSONAL DATA
5. WHO WE SHARE YOUR PERSONAL DATA WITH
6. INTERNATIONAL TRANSFERS
7. DATA SECURITY
8. DATA RETENTION
9. YOUR LEGAL RIGHTS
10. CHANGES TO THIS NOTICE AND YOUR DUTY TO INFORM US OF CHANGES 11. QUERIES, REQUESTS OR CONCERNS
1. WHO WE ARE AND IMPORTANT INFORMATION
What is the purpose of this privacy notice?
This privacy notice aims to give you information on how we collect and process your personal data through your use of this website, including any data you may provide through this website when you sign up to our newsletter; contact us through the website by completing a contact form; make a donation to our work or make an online booking for the Shopmobility or Liverpool Watersports Centre.
You must read this privacy notice together with the privacy notice of the Local Solutions’ service you are accessing so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them.
Last Updated April 2020
Data controller(s)
Local Solutions is the controller and responsible for your personal data (collectively referred to as “we”, “us” or “our” in this privacy notice). Our contact details are Local Solutions, Mount Vernon Green, Hall Lane, Liverpool, L7 8TF; 0151 7090990; info@localsolutions.org.uk For all data matters contact Local Solutions’ Data Protection Officer: Ursula Harrison; 0151 7090990; DPO@localsolutions.org.uk.
Third-party links outside of our control
This website includes links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.
When you leave our website, we encourage you to read the privacy notice of every website you visit. The following are the links to the privacy policies of the third party’s we have carefully selected to use:
• Google (Privacy policy)
• Mailchimp (Privacy policy)
• Booking Bug (Privacy policy)
• WebTicket Manager (Privacy policy)
• Microsoft Office 365 (Privacy policy)
• Paypal (Privacy policy)
• Virgin Money Giving (Privacy policy)
• Cognito Forms (Privacy policy)
• Tawk.to (Privacy policy)
2. THE PERSONAL DATA WE COLLECT ABOUT YOU
Personal data, or personal information, means any information about an individual from which that person can be identified. You can find out more about personal data from the Information Commissioners Office.
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows.
• Identity Data includes First and Last Name.
• Contact Data includes Email address, telephone numbers and home addresses.
• Technical Data includes IP Address, Browser Type and Version; Location; Operating System and Platform
• Usage Data includes information about how you use our website.
• Marketing and Communications Data includes your preferences in receiving marketing from us
• Information you provide when applying for employment – Please refer to the Recruitment Privacy Policy.
Last Updated April 2020
• Financial details – These are collected by our third-party providers: Paypal (Shopmobility bookings); Webticket manager (Liverpool Watersports Centre bookings); Virgin Money Giving (online donations). These details are not shared with Local Solutions. Please check their privacy policy for how this data is handled (Links above)
• Health and Disability Details – These are collected by our third-party provider Webticket Manager for Liverpool Watersports Centre bookings so that appropriate safety measures can be put in place. Booking Bug – a third-provider – collects Identity information for Shopmobility bookings. Information that someone is disabled can be inferred from the booking.
If you fail to provide personal data
Where we need to collect your personal data by law, or under the terms of a contract we have with you and if you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In
this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
3. HOW WE COLLECT YOUR PERSONAL DATA
We use different methods to collect data from and about you including through: • Contact forms on the website
• Newsletter sign up form on the website
• Booking forms for services using our third party providers (Webticket Master and Booking Bug) • Job application form on the website
• Live chat service on the website
• Site visitation tracking, using Google Analytics – Although this records data such as your geographical location, device, internet browser and your operating system, none of this information personally identifies you to us. Google does not grant us access to your IP address although Google does collect this. Please refer to Google’s privacy policy.
4. HOW WE USE YOUR PERSONAL DATA
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
• Consent – this means that you have freely given your consent for a specific purpose.
• Performance of Contract – this means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
Last Updated April 2020
• Legitimate Interest this means the interest of our business in conducting, managing and delivering our services, enabling us to give you the best service/product and the most secure experience.
• Comply with a legal or regulatory obligation this means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
PURPOSES FOR WHICH WE WILL USE YOUR PERSONAL DATA
We have set out below, a description of all the ways we plan to use your personal data, with the legal bases we rely on to do so.
Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest
Contact form on the website completed to go to one of our services (a) Identity
(b) Contact Performance of a contract with you – So that we can contact you in relation to your enquiry
Consent – By completing the form and providing your contact details we are assuming your consent.
Sign up for newsletter a) Identify
b) Contact Performance of contract with you – So that we can use the information to send newsletters
Consent – By completing the form and providing your contact details we are assuming your consent.
Making a booking for
Shopmobility a) Identity
b) Contact
c) Financial
d) Disability
(inferred from
making a
booking) Performance of a contract with you – so that you can book and pay for
equipment
Making a booking for
Watersports centre a) Identity
b) Contact
c) Next of kin
contact details
d) Financial
e) Health
f) Age
g) Disability Performance of a contract – so that you can book and pay for services and appropriate safety measures can be put in place.
Last Updated April 2020
Applying for a job a) Identity
b) Contact
c) Criminal
Convictions
d) Age
e) Race or Ethnicity f) Sexual
Orientation
g) Gender
h) Religious Belief
i) Disability and
health Please see the Recruitment Privacy Policy.
Live Chat on
worstkeptsecret.org.uk a) Information and contact
information that
you supply
b) Regional
Geographical
location Consent – Before using the Livechat, people will need to consent to share this information.
Any personal information you supply will be handled according to our domestic abuse privacy policy.
Site Visitation Tracking a) Geographical location b) IP Address Legitimate Interest – We use this data to understand the number of people using our site and how they are using it, to improve people’s user journeys. Google does not give us access to your IP Address.
Opting out
You can ask us or third parties to stop sending you marketing messages at any time by logging into third party websites or by following the opt-out links on any marketing messages.
Cookies – Site Visitation Policy
Like most websites, this site uses Google Analytics to track user interaction. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If
you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. Please see Google’s Privacy Policy.
Change of purpose
This privacy notice relates to how we collect your data on our websites. If you engage with one of our services, your data will be collected and handled in accordance with that service’s privacy policy.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, where this is required or permitted by law.
Last Updated April 2020
5. WHO WE SHARE YOUR PERSONAL DATA WITH
This privacy notice relates to how we collect your data on our websites. We do not share this with any third parties.
6. INTERNATIONAL TRANSFERS
Many of our external third party providers are based outside of the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA. However they have ensured that this is compliant with the EU-US privacy shield framework. Please review the privacy statements of our third party providers for more information.
7. DATA SECURITY
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
The ‘Localsolutions.org.uk’, ‘liverpoolwatersports.org.uk,’ ‘mytime4carers.co.uk’ and ‘resettlementpassport.org.uk’ websites are hosted by Rackspace, using a UK data centre located in Berkshire, England. Backups are also stored within the United Kingdom.
Each Rackspace data centre is restricted by biometric authentication, keycards, and 24x7x365 surveillance. These help ensure that only authorized engineers have access to routers, switches and servers.
Further details of Rackspace’s data centre can be found here.
The ‘worstkeptsecret.org.uk’ website is hosted by Namecheap using a US data centre that is compliant with GDPR.
All Namecheap facilities have physical access controls in place, with surveillance systems in place. This stops any access from individuals without authorisation.
Further details about Namecheap’s data security can be found here
The ‘Bullybusters.org.uk’ website is hosted by Linode, using a UK data centre located in London, England. For increased business continuity backups are stored by AmazonS3 located in Ireland.
All Linode & AWS facilities enforce multi-factor authentication and security via a variety of technological and human measures. With 24×7 surveillance support, managing and monitoring data center access activities, with equipping local teams to respond to security incidents. Beyond that, all equipment is securely locked in cages.
Door alarming devices are also configured to detect instances where an individual exits or enters a data layer without providing multi-factor authentication, to help ensure that only authorised engineers have access to routers, switches and servers.
Last Updated April 2020
On web servers we enforce strict filtering rules to ensure that servers only communicate using their allowed IP addresses. This prevents spoofing other IPs or performing man-in-the-middle attacks on our private network.
Further details of Linode & AWS data centres can be found here.
https://www.linode.com/security
https://aws.amazon.com/compliance/data-center/data-centers
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of being notified of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
8. DATA RETENTION
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for.
In some circumstances you can ask us to delete your data: see Your legal rights below for further information.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
9. YOUR LEGAL RIGHTS
Unless subject to an exemption under the data protection laws, you have the following rights with respect to your personal data:
• The right to request a copy of the personal data which we hold about you; • The right to request that we correct any personal data if it is found to be inaccurate or out of date;
• The right to request your personal data is erased where it is no longer necessary to retain such data;
• The right to withdraw your consent to the processing at any time, where consent was the lawful basis for processing your data;
• The right to request that we provide you with your personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability), where applicable i.e. where our processing is based on consent or is necessary for the performance of our contract with you or where we process your data by automated means);
Last Updated April 2020
• The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
• The right to object to our processing of personal data, where applicable i.e. where processing is based on our legitimate interests (or in performance of a task in the public interest/exercise of official authority); direct marketing or processing for the purposes of scientific/historical research and statistics).
If you wish to exercise any of the rights set out above, contact Local Solutions’ Data Protection Officer: Ursula Harrison; 0151 7090990; DPO@localsolutions.org.uk.
No fee required – with some exceptions
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable admin fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
10. CHANGES TO THIS NOTICE AND YOUR DUTY TO INFORM US OF CHANGES THIS VERSION WAS LAST UPDATED ON 8.1.20
11. QUERIES, REQUESTS OR CONCERNS
To exercise all relevant rights, queries or complaints in relation to this policy or any other data protection matter between you and us, please in the first instance contact Local Solutions’ Data Protection Officer: Ursula Harrison; 0151 7090990; DPO@localsolutions.org.uk.
If this does not resolve your complaint to your satisfaction, you have the right to lodge a complaint with the Information Commissioners Office on 03031231113 or via email
https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England, UK.
Last Updated April 2020
Markel Law owns the copyright in this document. You must not use this document in any way that infringes the intellectual property rights in it. You may download and print this document which you may then use, copy or reproduce for your own internal non-profit making purposes. However, under no circumstances are you permitted to use, copy or reproduce this document with a view to profit or gain. In addition, you must not sell or distribute this document to third parties who are not members of your organisation, whether for monetary payment or otherwise.
This document is intended to serve as general guidance only and does not constitute legal advice. The application and impact of laws can vary widely based on the specific facts involved. This document should not be used as a substitute for consultation with professional legal or other competent advisers. Before making any decision or taking any action, you should consult a Markel Law professional.
In no circumstances will Markel Law LLP, or any company within the Markel Group be liable for any decision made or action taken in reliance on the information contained within this document or for any consequential, special or similar damages, even if advised of the possibility of such damages.
Last Updated April 2020
VAT Number: 414856249
Company number: 1792921
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |