PRIVACY POLICY
1. Introduction – Our Commitment to Privacy
Lough Neagh Partnership respects your privacy and is committed to safeguarding your personal data in accordance with applicable data protection laws. This Privacy Policy outlines how we collect, use, store, and disclose your personal information, and how we uphold your rights under the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant data protection legislation. We are dedicated to maintaining transparency and ensuring that your information is handled securely and lawfully.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all visitors, users, and others who interact with our services through our website loughneaghpartnership.com (the “Website”). Lough Neagh Partnership is the data controller for the personal data collected via our Website and determines the purposes and means by which your personal information is processed.
3. Categories of Data We Process
We collect and process various categories of personal data, as detailed below:
a) Usage Data:
Information relating to how you interact with our Website, such as your IP address, browser type, device identifiers, referring URLs, access times, pages viewed, and session duration.
b) Account Data:
Personal data provided when you register or correspond with us, including your name, address, email address, and telephone number.
c) Profile Data:
Information relating to your preferences, interests, previous communications, purchases, and behavioral interactions with our services.
d) Communication Data:
Records of correspondences (e.g., emails, support queries, form submissions), including follow-up actions and history.
e) Technical Data:
Device information, operating system, system configuration, screen resolution, and browser settings that help us deliver the Website effectively.
f) Transaction Data:
Payment details and fulfillment information for services or products you may purchase through the Website.
g) Preference Data:
Information about your consent to receive marketing communications, including expressed interest in services or products.
4. Legal Bases for Processing Personal Data
We process your personal data lawfully under one or more of the following legal bases:
– Consent: Where you have provided clear consent for us to process your personal data for specific purposes.
– Contractual Necessity: Where processing is necessary to fulfill a contract with you or to take steps at your request before entering into such a contract.
– Legitimate Interests: Where processing is necessary for our legitimate interests, and these are not overridden by your rights and interests.
– Legal Obligation: Where processing is required to comply with a legal or regulatory obligation.
5. Your Rights Under Data Protection Law
Subject to conditions and limitations, you have the following rights regarding your personal data:
– Right of Access: You may request a copy of the personal data we hold about you.
– Right to Rectification: You can request correction of inaccurate or incomplete information.
– Right to Erasure: In certain circumstances, you have the right to request deletion of your data.
– Right to Restriction of Processing: You may request that we limit how we use your data where certain conditions are met.
– Right to Data Portability: On request, and where applicable, we will transfer your personal data to another controller in a structured, commonly used, machine-readable format.
To exercise any of your rights, please contact us at [email protected].
6. Security Measures
We implement appropriate technical and organisational safeguards to ensure the integrity, confidentiality, and availability of your information. These include:
– Encryption of data in transit and at rest.
– Role-based access controls and authentication procedures.
– Regular data backups and disaster recovery protocols.
– Ongoing staff training and awareness programs on data protection obligations.
While we strive to protect your personal data, no system can be guaranteed to be completely secure. You share information with us at your own risk.
7. International Transfers
Where personal data is transferred outside the European Economic Area (EEA), we ensure such transfers are compliant with GDPR and other applicable data protection laws. This may include the use of:
– Standard Contractual Clauses (SCCs) approved by the European Commission.
– Verification of adequacy decisions for third countries.
– Robust due diligence and assurance of appropriate safeguards by applicable third parties.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including compliance with legal, regulatory, tax, accounting, and reporting requirements. Specific retention periods include:
– Usage and Technical Data: up to 12 months.
– Account and Communication Data: 6 years following your last interaction with us.
– Transaction and Preference Data: 7 years for legal compliance and auditing.
– Profile Data: Retained for 2 years or until consent is withdrawn.
Data no longer required is securely deleted or anonymised.
9. Cookie Policy
We use cookies and other tracking technologies to enhance your experience on loughneaghpartnership.com. These include:
– Essential Cookies: Required for navigation and basic website functions.
– Functional Cookies: Enable personalization and remember your preferences.
– Analytical Cookies: Help us understand site usage and improve performance.
– Performance Cookies: Monitor service behavior and diagnose errors.
10. Cookie Management and Compliance
Upon your first visit to our Website, a cookie consent banner allows you to accept or reject non-essential cookies in accordance with GDPR and CCPA regulations. You may change your preferences or withdraw consent at any time via the cookie management settings in your browser. Users under the CCPA also have the right to opt out of data “sale” as defined under Californian law.
11. Children’s Data
We do not knowingly collect personal data from children under the age of 13. If we become aware that we have inadvertently collected data from a child without appropriate parental or guardian consent, we will delete the data promptly. If you believe we may have data from or about a child, please contact us at [email protected].
12. Policy Updates and Notifications
We reserve the right to amend this Privacy Policy from time to time. Substantial changes that affect your rights or data usage practices will be communicated clearly through our Website. Continued use of loughneaghpartnership.com constitutes your acknowledgement of the updated policy.
13. Contact Us
If you have any questions about this Privacy Policy, your personal information, or wish to exercise your data privacy rights, please contact the Data Protection Officer at:
Lough Neagh Partnership
Email: [email protected]
We are committed to full compliance with applicable privacy laws and to the respectful, secure handling of all personal data. You may email us at any time with privacy inquiries or concerns.
