ZigaForm version 6.0.6

Privacy Policy

The LLIMEYS And The General Data Protection Regulations
Date of last review: 30 November 2023
The LLIMEYS exists to promote and preserve the historic Llanymynech Limeworks.
Volunteers are welcome to join us and help preserve the scheduled monument, historic buildings and local nature reserve.
As a group we are exempt from paying a registration fee for holding personal information under the General Data Protection Regulations (GDPR). This has been verified by completing the ‘Registration self-assessment’ form on the ‘Information Commissioner’s Office’ (ICO) web site.
However, this does not mean that we will ignore the principles of GDPR and this document is designed to provide all users with information on how we will be guided by those principles.
The GDPR sets out seven key principles:

  • Lawfulness, fairness and transparency
  • Purpose limitation
  • Data minimisation
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality (security)
  • Accountability


Lawfulness, Fairness and Transparency
Data is collected through our web site, llanylime.co.uk by an online form which is filled in by an individual. This form has mandatory fields to allow us to identify an individual person in order to verify that they are legitimate. Or by email contact.
The reason for collecting the data on individuals is to allow us to respond to messages and invoice individuals or groups who have hired the Llanymynech Limeworks Stables Education Block or booked a guided tour. The details collected are as follows:

  • Title
  • Name
  • Address (for correspondence)
  • Email address
  • Telephone number, work, home or mobile (not mandatory)


The data collected also allows members of the committee, normally the Treasurer, to contact individuals. This allows for newsletters and other documents to be emailed or sent by post.
For historical purposes, the LLIMEYS also holds and publishes photographs and other documentation on our web site.
Information such as Address, Email Address and Telephone number will be removed before posting documents/data on the LLIMEYS web site.
Individuals have the right to access their personal data and any such requests made to the LLIMEYS shall be dealt with in a timely manner.
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.


Purpose Limitation

  • Data is used in three ways:
  • To allow communication both ways: Committee to individual or group and vice versa.
  • To process receipts for any items purchased from the LLIMEYS.
  • To provide historical and statistical data of LLIMEYS membership.


Data Minimisation
The data held allows the committee to determine that a person is eligible to become, and continue to be, a member of the LLIMEYS.
Members may request to be removed from the database and the information held will be deleted. At that point they will cease to be members of the LLIMEYS. Optionally, they may request to be moved to the Inactive list and the data held anonymised.

  • Inactive members fall into two categories:
  1. Members whose contact details are incorrect and have not been successfully contacted at some point in time.
  2. Members who are known to be deceased and the details verified.


Inactive members will remain on the database for historical and statistical purposes or until such time that the committee deems it appropriate to remove the information from the database.


Accuracy
All data collected is based on the information provided by an individual, the onus to provide up to date and accurate information therefore lies mainly with the individual. However, when any correspondence is received from an individual, the information held on the database is verified against that correspondence.
Any changes to the information held are logged in the database. This records the original date and time the record was created and the date and time that the data was updated.
Any challenges to the information held are logged in the ‘Notes’ section of the individual together with the date. These challenges are reviewed by the committee and the individual kept informed of the proceedings and outcome.


Storage Limitation
Data is held to maintain a database of LLIMEYS members and as such remains relevant throughout the life of a member, providing that any changes are notified by the individual.


Integrity and Confidentiality (Security)
All data is controlled by one individual (Admin), on a home computer which is backed up every 24 hours to a stand-alone hard drive. The data is not accessible by anyone else, unless they are given specific access to the computer. A sealed envelope detailing the method of access to the LLIMEYS information held on the computer will be made available to the committee should the need arise.
Electronic communication to individuals is via the computers native email programme, with email addresses held in the computer’s native contacts application. All other communication is by post.
The computer is virus protected by Sophos Home, which is updated regularly and automatically by the application.


Accountability
The committee take full responsibility for ensuring that the LLIMEYS are guided by the principles of GDPR. This document will be reviewed annually at the committee meeting and any findings presented to the membership at the AGM for discussion.
Members are free to comment at any time on the content of this document and are encouraged to do so.