We may change this policy from time to time so please check this page occasionally to ensure that you’re happy with any changes. By browsing our website and using our services you’re agreeing to be bound by this policy.
This policy was last updated on 07/09/2021.
1. Who are we?
This website belongs to Nicaragua Solidarity Campaign. If you require further information about the purposes of accessing your personal data as outlined below please contact the NSC data protection officer and/or website administrators on firstname.lastname@example.org or write to us at: NSC, Durham Rd Resource Centre, 86 Durham Rd, London N7 7DT
2. How do we collect information from you?
We obtain information about you when you submit our contact form, subscribe to our newsletter, make a donation or become a member. We also use Google Analytics to collection information from you as you browse our website.
3. What information do we collect and how is it used?
We collect information to allow us to respond to your enquiries. We also collect information to allow us to monitor the day-to-day operations of the website such as referral links and website traffic (see the Google Analytics section of this policy for more details.) All personal data is stored either in the website database or in the NSC office and is only accessed by NSC staff, unless explicitly specified otherwise.
If you do not interact with our organisation for 3 years then we will delete any of your data we have. However, we are required under UK tax law to keep your name, address and contact details for a minimum of six years for gift aid purposes.
3.1. Sensitive Data
We do not gather sensitive personal data (e.g. health, genetic, biometric data; racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sexual orientation, and criminal convictions.) We expressly request that you do not provide any such sensitive data to us.
3.2. Children’s Information
Our website and services are not directed to children. If you learn that a child has provided us with personal information without consent please contact us.
3.3. Site Features
3.3.1. Contact Form
When contacting us via our contact form we ask you to provide your name and email address so that we can respond to your message. This information will be sent via email to the NSC website administrator so that they can respond to you directly and a copy will also be stored in our website’s database for reference. Your information may be shared with other persons within our organisation to enable us to better respond to your query.
This information is stored in our website database to which only the website administrators have access, and will be kept for up to 3 years unless you explicitly request that they be deleted.
3.4. Third Parties
We will not sell or rent your information to third parties and we will not share your information with third parties for marketing purposes.
We make use of the following third-parties who may have access to your data:
3.4.1. Google Analytics
When visiting our site we collect information on your browsing behaviour including an anonymised copy of your IP address. This information is collected so that we can analyse website traffic, performance, page popularity, SEO effectiveness and otherwise allow us to improve our website. To achieve this we will share the collected information with Google Analytics, a web analysis service provided by Google Inc. Only the website administrators have access to this Google Analytics account.
We will store this anonymised information for up to 3 years. Additionally we have agreed to Google Inc.’s Data Processing Amendment terms.
Google Inc. may use the data collected to prepare reports on its activities and share them with other Google services as well as to contextualise and personalise the ads of its own advertising network.
3.4.2. Google Fonts
3.4.3. Google Maps
3.5. Do Not Track
We do not currently support “Do Not Track” requests. To determine whether any of the third-party services above honour “Do Not Track” requests please read their privacy policies.
3.6. Hosting and Server Logs
Our website is hosted by GreenNet.
4. Controlling your information
You have certain rights concerning the information we hold about you, as defined under the General Data Protection Regulation. If you wish to exercise these rights please contact us and be sure to include your email address since this is the unique identifier we use to identify and collate personal information.
4.1. Requesting a copy of your information
You may request a copy of any data we hold about you. Upon request, we will provide a CSV file containing the personal data we hold on record about you.
4.2. Updating or correcting your information
If you change email address, or if any of the other information we hold is inaccurate or out of date, please contact us so we may correct our records.
4.3. Deleting your information
You have the right to request erasure of your personal information. Unless there is a compelling reason for the data not to be erased (for example, if we need to use that data to fulfil our contractual or legal obligations), your personal data will be deleted on request.
By using and browsing this website you consent to cookies being used in accordance with this policy. If you do not consent, you must turn off cookies or refrain from using the site. Most browsers allow you to turn off cookies. To do this look at the help menu on your browser. Switching off cookies may noticeably restrict your use of this website.
In order to protect your information from loss, misuse or unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect. These steps include the following:
– Encryption in transit: all information is sent over secure connections using modern encryption
– Data minimisation: we only collect and store the information that is essential to the operation of our organisation as outlined above
– Password best practice: all administrator and user accounts have strong passwords
– Security best practice concerning devices (PCs, laptops, mobile devices), online accounts, physical access and storage
– Training and accountability on data protection
For more information on the security aspects of our data storage and hosting servers please refer to the GreenNet Code of Practice.
7. Data Breaches
Steps have been taken to minimise the risk of a data breach, as well as the impact of any breach should it occur. For more information on the security aspects of our data storage and hosting servers please refer to the GreenNet Code of Practice.
Where appropriate we will promptly notify you of any unauthorised access to your personal information.
If you wish to raise a complaint on how we have handled your personal information you can contact us directly and we will investigate the matter.