Last updated June 2019
Introduction
This privacy policy notice is served by DESIAP under the website; www.desiap.org. The purpose of this policy is to explain to you how we control, process, handle and protect your personal information through the business and while you browse or use this website. If you do not agree to the following policy you may wish to cease viewing / using this website, and or refrain from submitting your personal data to us. We are basing our privacy policy on the UK’s General Data Protection Act.
We are exempt from registration in the ICO Data Protection Register because we are a non-profit organisation.
Policy key definitions:
- “I”, “our”, “us”, or “we” refer to the business, [Business name & other trading names].
- “you”, “the user” refer to the person(s) using this website.
- GDPR means General Data Protection Act.
- PECR means Privacy & Electronic Communications Regulation.
- ICO means Information Commissioner’s Office.
- Cookies mean small files stored on a users computer or device.
Key principles of GDPR:
Our privacy policy embodies the following key principles; (a) Lawfulness, fairness and transparency, (b) Purpose limitation, (c) Data minimisation, (d) Accuracy, (e) Storage limitation, (f) Integrity and confidence, (g) Accountability.
Who we are
DESIAP is jointly supported by Northumbria University in the UK and RMIT in Australia. It has also received public UK funding through the Arts and Humanities Research Council.
What personal data we collect and why we collect it
Contact form
We collect questions, queries or feedback you leave, including your name, email address, if you use our online form to contact DESIAP. We use these details to respond to the feedback/query you send us. We will not pass on this information to any 3rd party.
Cookies
We use Google Analytics to collect visitor data and analyze traffic on our site. As a publically funded research network, it is important for us to track the number of visitors to our website as part of our impact reporting activity. This information also helps us understand customer interests and helps us improve our website. When you visit our site, the pages that you look at, and a short text file called a cookie, are downloaded to your computer. A cookie is used to store small amounts of information. This information is collected for traffic analysis only. The cookie does not contain personal details. Depending on the browser that you use, you can set your preferences to block/ refuse cookies, and/ or notify you before they are placed. To find out how Google collects and stores your browsing information please refer to this page.
Sign-up to our newsletter
Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed in the “Processing of your personal data” above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences, you can also unsubscribe from all MailChimp lists, by following this link, otherwise contact the EMS provider.
Our EMS provider is Mailchimp. We hold the following information about you within our EMS system;
- Email address
- Designation (if provided)
- Organisation (if provided)
- I.P address
- Subscription time & date
Linking to other websites
www.desiap.org contains links to many other websites. This Website does not endorse or favour any specific commercial product or business.
A link to a third-party website does not imply endorsement – you must use your own judgement to decide whether the information or service on that website is suitable for your needs. If a website is not linked to ours, this does not mean or imply that it is unsatisfactory.
We are not responsible for the content of any linked website and cannot take responsibility for the consequences of your using the information or services on linked websites. We cannot guarantee that these links will work all of the time.
Websites that we link to may have ‘Terms and conditions’ that are different from ours. Do not assume that our ‘Terms and conditions’ apply to other websites.
Who we share your data with
Information collected through the channels described in the previous section are not shared with anyone outside the network.
How long we retain your data
We will not retain data longer than is necessary to fulfil the purposes for which it was collected or as required by applicable laws or regulations.
The only exceptions to the periods mentioned above are where:
- the law requires us to hold your personal information for a longer period, or delete it sooner
- you have unsubscribed from a service (eg email newsletter)
- you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
How we store your data
We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.
Your rights
Under the GDPR your rights are as follows. You can read more about your rights in details here;
- the right to be informed;
- the right of access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to data portability;
- the right to object; and
- the right not to be subject to automated decision-making including profiling.
You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way we are handling your data.
We handle subject access requests in accordance with the GDPR.