At Cross/Rip, we are committed to protecting and respecting your privacy.
The following policy sets out the basis on which any personal data collected from you, or that you provide to us over the website, will be processed. Please read the following carefully to understand our views and practices regarding your personal data and how it will be treated.
For the purpose of the Data Protection Act 1998 (the Act) and the EU General Data Protection Regulation (GDPR) 2018, the data controller is Cross/Rip.
Information collected from you
We may collect and process the following data about you:
* Information that you provide by filling in forms required to access any part of our site(s). This includes information provided to sign up for our services, such as our newsletter, posting material or requesting further services. You may also be asked for information when you report a problem with our site, contribute to surveys or comment, donate, or when you enter competitions or promotions.
* If you contact us, we may keep a record of that correspondence.
We use Google Analytics to track and analyse user behaviour, in order to improve the site experience.
Why do we collect this information?
We use information held about you in the following ways:
* To ensure that content from our site is presented in the most effective manner for you and for your computer.
* To carry out our obligations arising from any contracts entered into between you and us.
* To allow you to participate in interactive features of our service, when you choose to do so.
* To send you information about our publications, lectures, conferences and other related products and services, if you opt to receive it.
* To notify you about changes to our services.
We also request an email address in order to discourage humans or bots from posting spam comments to the site.
How long do we keep your data?
If you comment on our site, your data is stored on our database until requested otherwise. This is because the comment will remain on the article along with the data attached to it. If you would like your data to be removed please use our contact form to request this, or email us at email@example.com and we will remove your data as quickly as possible. We will always aim to ensure that all information about you is as accurate as possible and not held for longer than necessary.
Storage of your personal data
All information you provide to us is stored on secure servers managed by third-party administrators– for example, our donation payments may be handled by PayPal. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. You are asked not to share a password with anyone. Once we have received your information, we will use strict procedures and security features to prevent unauthorised access.
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. Under GDPR rules, these staff must ensure the same provisions on data security and processing are applied to your data. By submitting your personal data, you agree to this transfer, storing or processing. Although we will do our best to protect your personal data, we of course cannot guarantee the security of your data.
Distribution of Information
We may disclose your personal information to third parties:
* If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions and other agreements; or to protect the rights, property, or safety of our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Commitment to Data Security
Your personally identifiable information is kept secure. Only authorised employees, agents and contractors (who have agreed to keep information secure and confidential) have access to this information.
Your rights over your personal data
You have the right to request:
– Access to the personal data we hold about you, free of charge.
– The correction of your personal data when incorrect, out of date or incomplete.
For example, when you withdraw consent, or object and we have no legitimate overriding interest, or once the purpose for which we hold the data has come to an end.
– That we stop using your personal data for direct marketing (either through specific channels, or all channels).
– That we stop any consent-based processing of your personal data after you withdraw that consent.
You have the right to request a copy of any information about you that we hold at any time, and also to have that information corrected if it is inaccurate. To ask for a copy of your information, or for it to be amended or removed, please contact Grant McKenzie at firstname.lastname@example.org.
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
If we choose not to action your request we will explain to you the reasons for our refusal.
Who do we share your personal data with?
We sometimes share your personal data with trusted third parties.
Here’s the policy we apply to those organisations to keep your data safe and protect your privacy:
We provide only the information they need to perform their specific services.
They may only use your data for the exact purposes we specify in our contract with them.
We work closely with them to ensure that your privacy is respected and protected at all times.
If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.
Examples of the kind of third parties we work with are:
IT companies who support our website and other business systems.
By submitting your personal information you consent to the use of that information as set out in this policy.
No information should be submitted by children under the age of 13 without parental/guardian consent. If you are under the age of 13, please obtain your parent or guardian’s consent before submitting personal information to this site.
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the discovery of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
Privacy Contact Information