Introduction
The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. GDPR replaces the 1995 Data Protection Directive (Directive 95/46/EC) and was adopted on 27 April 2016. It became enforceable from 25 May 2018, after a two-year transition period.
BWP Creative Limited (trading as Parish Council Websites) (“we”, “our”, or “us”) is committed to protecting the privacy and security of your personal data. This document outlines our policies and practices regarding data protection and privacy in accordance with the GDPR.
1. Data Controller
BWP Creative Limited (t/a Parish Council Websites) is the data controller for the personal information we collect and process. Our contact details are:
Email: info@parishcouncilwebsites.co.uk
1.1 Use of Personal Data
BWP Creative will not use or allow any personal details for any marketing purposes.
BWP Creative will hide wherever possible all personal details from the WHOIS outputs, unless specifically requested to display such data by the data owner.
BWP Creative will maintain your information in a secure manner whilst you are a customer of ours and for an additional ten years after you cease to be our customer. After this period, all data will be deleted.
2. Types of Personal Data We Collect
We may collect and process the following types of personal data:
- Name
- Contact information (email address, phone number, postal address)
- IP address and other online identifiers
3. Purpose and Legal Basis for Processing
We process personal data for the following purposes:
- To provide our services
- To communicate with you about our products and services
- To comply with legal obligations
The legal bases for our processing of personal data include:
- Consent
- Performance of a contract
- Compliance with legal obligations
- Legitimate interests
4. Data Retention
We will retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. As stated in section 1.1, we will maintain your information for ten years after you cease to be our customer, after which all data will be deleted.
5. Your Rights Under GDPR
Under the GDPR, you have the following rights:
- Right to access your personal data
- Right to rectification of inaccurate personal data
- Right to erasure (‘right to be forgotten’)
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Right not to be subject to automated decision-making, including profiling
To exercise any of these rights, please contact us using the information provided in Section 1.
6. Data Security
We have implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk of processing your personal data.
7. Changes to This Policy
We may update these terms and conditions from time to time. We will notify you of any significant changes by posting the new terms on our website or by sending you an email.
8. Complaints
If you have any concerns about our use of your personal data, you can make a complaint to us using the contact information provided in Section 1. You also have the right to complain to the relevant supervisory authority in your jurisdiction. You can read our complaints policy for more information.
9. Data Holder Obligations
The Data Holder may request BWP Creative to publish personal data. In these cases, the data holder indemnifies BWP Creative, its Directors and employees from all and any action taken as a result of this publication.
The Data Holder recognises that once the data has been published, it will take BWP Creative up to seven working days to hide the information again.
The Data Holder understands that with their information hidden from the WHOIS, it may be impossible to obtain SSL certificates for their domain or website.