Ratlingate Scout Activity Centre

Privacy

We value your privacy and strive to protect your personal information. Please read this Policy to understand what types of information we collect from you, for what purposes and what choices you have regarding our collection of your information.

This policy covers ratlingate.co.uk website. By accessing, using or posting information to this Website, you agree to this Privacy Policy.

We are committed to complying with any applicable data protection laws and regulations, such as the EU's General Data Protection Regulation(GDPR).

Human Readable Summary

Disclaimer: This summary is not itself a part of the Privacy Policy and is not a legal document. It is simply a handy reference for understanding privacy rights and regulations. Think of it as the user-friendly interface to the legal language of our Privacy Policy.

In plain language, regulations such as GDPR define the following roles, rights, and responsibilities:

  • Data Subject - this is you, the end user.
  • Data Controller - this is us, the Drupal Association as the owners and operators of Drupal.org and its sub-sites.
  • Data Processor - any other organization that processes personal data on behalf of the Data Controller.

Rights of the Data Subject

  • Right to be Informed - A data subject has the right to know whether personal information is being processed; where; and for what purpose.
     

    This information is outlined in the section below titled "Information We Collect About You" and "How we Use Your Information".

  • Right to Access - A data subject has a right to access the information about them that is stored by the Data Controller.
     

    This information is outlined in the section below titled "Information We Collect About You" and "How we Use Your Information".

  • Right to Rectification - A data subject has the right to correct any errors in the data about them. This can be done by editing your user account, or contacting the Drupal Association directly.
     
  • Right to Restrict Processing - A data subject has the right to request that data not be processed, and yet also not be deleted by the Data Controller.
     
  • Right to Object - A data subject has the right to opt out of marketing, processing based on legitimate interest, or processing for research or statistical purposes.
     
  • Right to be Forgotten - Also known as the right to revoke consent, the right to be forgotten states that a data subject has the right to request erasure of data, the cessation of processing by the controller, and halting processing of the data by third party processors.

    The conditions for this, as outlined in article 17, include the data no longer being relevant to original purposes for processing, or a data subjects withdrawing consent.

    It should also be noted that this right requires controllers to compare the subjects' rights to "the public interest in the availability of the data" when considering such requests.

    This information is outlined in the sections below titled "Accessing and Correcting Your Information".

  • Data Portability - A data subject has the right to receive a copy of their data in a 'commonly used and machine readable format.'

    This information is outlined in the sections below titled "Your Choices About Use and Disclosure of Your Information" and "Accessing and Correcting Your Information".

Responsibilities of the Data Controller and Data Processors

  • Privacy by Design - 'The controller shall..implement appropriate technical and organisational measures..in an effective way.. in order to meet the requirements of this Regulation and protect the rights of data subjects'.Article 23 of the GDPR calls for controllers to hold and process only the data absolutely necessary for the completion of its duties, as well as limit the access to personal data to those who need it to carry out these duties.
     
  • Breach Notification - The Data Controller must notify the appropriate data processing authority and any affected end user of any breach that might result in 'risk to the rights and freedoms of individuals' within 72 hours of becoming aware of the breach.

    A Data Processor must notify the Data Controller of any breach 'without undue delay.'
     

  • Data protection officer - A Data Controller or Processor must appoint a Data Protection Officer when: a Data Controller represents a public authority; or the core operations of the Controller require regular and systematic monitoring of Subjects on a large scale; or when the Controller's core operations depend on processing a large scale of special categories of data (including but not limited to health data, criminal conviction information, etc).
     

    The Drupal Association's core operations do not require the Association to establish a Data Protection Officer.

Information We Collect About You

We collect several types of information from and about you, including:

1. Your contact details. We treat this information as "Personally Identifiable Information" or "PII".

 

How We Use Your Information

We use your information, including any PII, to:

  • Contact you about your bookings
  • Disclosure of Your Information

We may disclose and share aggregated non-PII about you at our discretion.

We may disclose or share your PII only in limited circumstances:

  • If we need to get groups in touch with each other to ask questions, confirm arrangements. If there is a plan to have more than one group on site at the same time.

Changes to this Privacy Policy

We may update or amend this Privacy Policy at any time. This Privacy Policy will reflect the date it was last updated or amended. If we make any material amendments, we will notify you by sending an email to the address, associated with your user account, and/or posting a notification on Drupal.org as the updated Privacy Policy is being published on the Website. All amendments will take effect immediately upon our posting of the updated Privacy Policy on this Website. Your continued use of this Website (publishing content) will indicate your acceptance of the changes to the Privacy Policy.

Contacting Us

If you have questions or concerns about this Privacy Policy, our information practices, or wish to make a request regarding your information, please contact us at any of the following:

Via e-mail:
[email protected]