In order to function, we make use of personal information basic contact details on a very limited basis, for example if you are a member, sign up to our newsletters, or make a donation to CSPP21.
In this section , you can read how we collect and use personal information, as well as your rights in relation to this. If you have any questions, please use the ‘contact form’ to reach us.
Personal data collected through this website and held by CSPP21 is treated in line with the principles of the General Data Protection Regulation 2016.
Processing and Use of Personal Information
Lawful Basis for Processing Personal Data
GDPR Art 6 (1) (a) Consent: the individual has given consent to the processing of his or her personal data for one or more specific purposes.
(b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
(f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, may also be used as a basis for processing personal data.
Purposes of Data Processing and Storage
To communicate to potential or current supporters of CSPP21.
Communication from CSPP21 may take the form of direct email correspondence, telephone communication or by post.
Data Retention and Rights of the Data Subject
We will keep personal information as long as it is necessary for the purpose for which it was obtained, in compliance with existing regulations and unless asked to delete it at an earlier time. Data subjects have the following rights, including the right to erasure (the ‘right to be forgotten’) as set out in GDPR Articles 12-23.
It is the responsibility of CSPP21 Controllers to observe these rights and act upon requests in relation to these rights from individuals whose personal data is held by us.
For the purpose of the Data Protection Laws, the data controller is CSPP21, at registered Address c/o Digby Brown, Causewayside House, 160 Causewayside Edinburgh, EH9 1PR
Data Storage and Protection
Personal information may be stored in one of the following locations: Dropbox, CSPP email, encrypted files held on a CSPP21 PC.
Under GDPR regulations, CSPP21 staff , Data Controllers and Data Processors have a duty to report any data breach to the UK Information Commissioner’s Office.
CSPP21 completes a regular audit of the type of personal information held, where this data is held, and the purpose and legal basis for processing this data. This can be provided upon request.
Information Sharing and Third Parties
CSPP21 does not share personal information with any third-party organisations. Though we make every effort to preserve user privacy, we may need to disclose personal information when required by law wherein we have a good-faith belief that such action is necessary to comply with a current judicial proceeding, a court order or legal process served on our web site.
Information We Collect
You can provide us with information about yourself as a potential supporter, such as your name and e-mail address, by submitting an enquiry to ‘Contact’ or completing a membership/donation form. If you correspond with us by email, we may retain the content of your email messages, your email address and our responses. We may also retain any messages you send through Twitter or similar social media sites where we have an account.
We store details on names, email addresses, postal addresses, organisation and bank details and sort-codes for the processing of donations and any other payments.
Newsletter and Website Registration
A user does not have to register to access the CSPP21 website.
Is processed in accordance with the terms of the donation or payment to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
Website and Third Parties
CSPP21 seeks to ensure that the information published on its website is up to date and accurate. However, the information on the website does not constitute legal or professional advice and CSPP21 cannot accept any liability for actions arising from its use. CSPP21 cannot be held responsible for the contents of any pages referenced by an external link.
Any personal data collected through this website and held by CSPP21 will be treated in line with the principles of the General Data Protection Regulation 2016. The website for CSPP21 is hosted by WordPress and users are encouraged to read their privacy policies here.
Cookies and Website Traffic Analysis
When users enter the website, the device used will automatically be issued with cookies. Cookies are text files that identify users’ computers to the CSPP21 server. The website then creates session cookies to store some of the preferences of users moving around the website, e.g., retaining a text-only preference. Cookies in themselves do not identify individual users but identify only the device used and they are deleted on departure from the website. Many websites do this to track traffic flows, whenever users visit those websites.
Users have the opportunity to set their devices to accept all cookies, to notify them when a cookie is issued, or not to receive cookies at any time. The last of these means that certain personalised services cannot then be provided to that user.
This Website had pages and associated documents that contain links to other sites. CSPP21 is not responsible for the privacy practices of such other sites, and additionally cannot verify the accuracy of the information contained on external sites – by linking to them, we are not endorsing them. We encourage our users to be aware when they leave our site and to read the privacy statements of each website that collects personally identifiable information. This privacy statement does not apply to information collected by other websites.
Changes and Notifications
Access and Changes to Your Personal Information
You have the right to request, change, or delete personal information we hold about you (such as phone, email or postal address and postcode,). This can be done by sending a request.
Under the General Data Protection Regulation, individuals whose personal data is held by us have the right make a subject access request for their personal data processed by us for stated purposes. As stated earlier in this notice, data subjects have the following rights, including the right to erasure (the ‘right to be forgotten’) as set out in GDPR Articles 12-23.
Notification of Changes
Last updated: April 2022