Ceòlas take your privacy very seriously. We know that you care about how your personal information is used and shared. Please read the following to learn more about how we collect, store, use and disclose information about you when you interact with us, in any manner, via our website and/or our services.
What Information Does Ceòlas Collect?
THE DATA WE COLLECT ABOUT YOU:
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
- Identity Data which includes your first name and last name. It may also include your gender.
- Contact Data means the data we use to contact you including your address, email address, telephone number.
- Transaction Data means details about transactions you have made through Paypal including the details of courses, merchandise, events and donations .
- Technical Data means details about the device(s) you use to access our website including your internet protocol (IP) address, browser type and version, location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
- Usage Data includes information about how you use our website and services. This includes your browsing patterns and information such as how long you might spend on one of our webpages and what you look at and for on our website, the page that referred you to our site and the click stream during your visit to our website, page response times and page interaction information (clicks you make on a page).
How Do We Use the Information?
We use the information we collect via our services for a range of reasons, including:
- to set up a contact record in our system;
- to provide, operate and maintain the services;
- to process and complete transactions and send related information including transaction confirmations and invoices;
- to investigate and prevent fraudulent activities, unauthorised access to the services, and other illegal activities;
- for any other purposes about which we notify customers and users;
- to comply with legal or regulatory obligations.
We use the information we collect via our website:
- for administration and reporting purposes including (but not limited to) troubleshooting, performance analysis, statistical analysis and testing;
- to improve our website to ensure that content is presented in the most effective manner for you and for your device;
- to analyse customers’ use of our website for trend monitoring and marketing purposes;
- for the purposes made clear to you at the time you submit your information – for example, to fulfil your request for information on our products and services;
- as part of our efforts to keep our website safe and secure.
We may also use the information you send to us via our website and/or services, to communicate with you via email and possibly other means regarding products, services, offers, newsletters, promotions and events where we have consent or where they may be of legitimate interest to you. You will always be able to opt-out of such communications at any time.
How Do We Share and Disclose the Information to Third Parties?
We require all third parties to respect the security of your personal data and to treat it in accordance with the law and they may only use your data for the purposes we specify in our contract with them. We will always work with them to protect your privacy.
We do not rent or sell your Personal Information to anyone under any circumstances.
We may process your personal information for our legitimate business interests e.g. direct marketing, data analytics and/or enhancing/modifying/improving our services.
We do not transfer any information, personal or otherwise, outside of the EEA (European Economic Area).
Under certain circumstances we may be required to disclose your Personal Information in response to valid requests by public authorities such as the Police or security services.
“Legitimate Interests” means the interests of our company in conducting and managing our business to enable us to give you the best service/products and the best and most secure experience. For example, we have an interest in making sure our marketing is relevant for you, so we may process your information to send you marketing that is tailored to your interests. It can also apply to processing that is in your interests as well. For example, we may process your information to protect you against fraud when transacting on our website, and to ensure our websites and systems are secure.
When we process your personal information for our legitimate interests, we make sure to consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. Our legitimate business interests do not automatically override your interests – we will not use your Personal Data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
If you have any concerns, you have the right to object to processing that is based on our legitimate interests.
Is Personal Information About Me Secure?
We use appropriate technical, organisational and administrative security measures to protect any information we hold from loss, misuse, unauthorised access, disclosure, alteration and destruction. Unfortunately, no company or service can guarantee complete security. Unauthorised entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
You acknowledge that the Internet is not a completely secure medium for communication and, accordingly, we cannot guarantee the security of any information you send to us (or we send to you) via the Internet. We are not responsible for any damages which you, or others, may suffer as a result of the loss of confidentiality of such information.
What Choices Do I Have?
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, where you do not provide the appropriate contact details). In this case, we may have to cancel a contract or service you have through us, but we will notify you if this is the case at the time.
You can opt-out of receiving promotional or marketing communications from us at any time by using the unsubscribe link in the email communication we send or by emailing firstname.lastname@example.org.
How Long Will You Use My Personal Data For?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. For example, your personal details will be kept for as long as we need to retain that data to comply with our legal and regulatory requirements. For a copy of our retention policy please email email@example.com
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
You can ask us to delete your data by contacting firstname.lastname@example.org and requesting a Data Subject Access Request Form.
Your Legal Rights
Under the General Data Protection Regulation (GDPR), you have the following rights:
- the right to be informed
- the right to access your personal information
- the right to edit and update your personal information
- the right to request to have your personal information deleted
- the right to restrict processing of your personal information
- the right to data portability
- the right to object – including automated decision making and profiling
- the right to lodge a complaint with a supervisory authority
If you wish to exercise your rights, please contact us, providing as much information as possible about the nature of your contact with us to help us locate your records. Any changes you have requested may take 30 days before they take effect.
You have a right to access your personal data. By making a Data Subject Access Request to email@example.com you can find out what personal data we hold about you, why we hold it and who we disclose it to.
Once we have received your request, and verified your identity, we will respond within 30 days.
You will not have to pay a fee to access your personal data (or to exercise any of your other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
What If I Have Questions About This Policy?
If you have any questions or concerns regarding our privacy policies, please send a detailed message to firstname.lastname@example.org.
Our main address for the purposes of this website is Ceòlas Uibhist, Cnoc Soilleir, Dalabrog, Uibhist a Deas, HS8 5SS. Ceòlas is a Scottish Charity (No. SC031179) and a company limited by guarantee (Company No. SC216090).