Version 2:20 July 2018
The privacy and security of your information is extremely important to us. This policy is intended to give you a clear view of the data we collect, how we use it and how long we retain it for, so you can be confident in submitting data when dealing with us.
We will keep this page updated so you can see what we do with your personal data. This policy applies to you if you visit our website, use our services, email us, contact us or have a membership with ASPA.
We will never sell your personal data and will only share it with organisations we work with to deliver the services we provide where they have shown they will respect your privacy and security.
Who are we?
We are the Association for Scottish Public Affairs, also known as ASPA. Throughout this document we will be referred to by either name or else ‘us’ or ‘we.’
What personal data do we collect?
Personal data is any data which may identify you or be identified as relating to you. For example, your name, address, telephone number and email address. We will collect this data when you apply, on behalf of the company you represent, to become a member of ASPA.
You may submit personal data to us in various ways including through direct email, email forms on our website or via phone calls.
This personal data may include name, title, address, gender, position held within the company you represent, email address, phone numbers, personal descriptions, photographs, usernames, passwords and databases.
Personal data provided by you
This data may include but is not limited to;
- Personal details – name, address, phone number, email address and so on
- Financial details – bank name, bank address, bank account number and sort-code
- Technical information about your visit to our site such as usernames, passwords, login details, IP address, login information, browser type and version, time-zone
- settings, operating systems and version and platform used to access the website.
- Analytical information about your visit – full URL and query string, pages you viewed on our website, length of visit to the pages and any search terms you used to find our website. This information may be analysed to help us continually create a better user experience and for no other purpose.
How we use your Personal Data
Your membership of ASPA will generate personal data which will be only be used on relevant, lawful grounds as permitted by the EU General Data Protection Regulation (from 25th May 2018), UK Data Protection Act 2018 and Privacy of Electronic Communication Regulation. These may be as follows:
- Accounting– We are required by law to keep accurate and up to date accounts of our business transactions. When you join ASPA you will be added to our accounting system.
- Communication– We may keep you informed of forthcoming ASPA events by email or other relevant communication medium specified by you. You will of course have the right to choose not to receive these communications and we will not sell nor share your data with third-parties.
Disclosure of personal data to other bodies
To carry out the running of our organisation we may sometimes need to disclose necessary data to other bodies or third-parties via our website operation. Here are some examples of third-party suppliers – Binkywoo.com (web design), Adobe Systems, Google Inc, Memberpress, Siteground Hosting and WordPress.com.
You can contact us at any time to change or discuss your privacy preferences at any time by emailing firstname.lastname@example.org. You can also email our Secretary from the contact page.
Your rights under GDPR
We process the personal information we hold about you in line with your rights under applicable law. You have the right:
- to request a copy of your personal information;
- to object to processing of your personal information where we do so for the purposes of our legitimate interests;
- to request that any inaccurate personal information we hold about you is corrected or deleted;
- to request that we delete your personal information under certain circumstances; and
- to opt out of receiving electronic communications from us.
Should you wish to make a request in line with your rights as an individual, please send it in writing to email@example.com
Keeping your information
When you send an email to ASPA via our website form no data is stored directly on our website. The only data we store on our website is for current members to allow us to communicate with them using automated processes. If you have applied for membership using the website application form the onformation is send to ASPA in the form of an email which the committee can then assess at the next ASPA meeting. ASPA will then securely file your email data and membership information for as long as your membership is active. If no longer relevant, it will be deleted securely.
How we secure your data
Information systems and data security are imperative to us to ensure we are keeping your data safe. We operate and implement robust procedures for managing your data and we only host your personal data with suppliers who have confirmed that they take your personal data security as a priority.
ASPA’s website is hosted by Siteground which was launched in Bulgaria in 2004. However, the company, as an established website host, has five international data centres data centres in the US, Italy, Singapore, The Netherlands and the UK (London). The data storage services for ASPA’s website is in the UK. Furthermore, we do not collect, or store, payment information and we do not transmit your data outside of the European Union.
Payments are made offline via bank transfer and no financial data is held on this website.
Changes to this policy