Kidderminster BID Privacy Statement
Here at Kidderminster BID, we take your privacy seriously and adhere to the General Data Protection Regulations (GDPR).
This statement describes what types of information we collect from you, how it is stored by us, how it is used by us, how we share data with others, how you can manage the information we hold and how you can contact us. The information below describes processing relating to the information we obtain from you when you visit our website.
For the purposes of data protection laws, we are a ‘controller’ of your personal information which means we decide why and how it is processed. It also means we are responsible for that processing.
When you input your personal data into the contact forms on our website, we will use it to send BID update information and related marketing. You will always have the option not to receive marketing communications from us. We will never send you unsolicited ‘junk’ email or communications, or share your data with anyone else who might.
The contents of this statement may change from time to time so you may wish to check this page occasionally to ensure you are still happy to share your information with us. Where possible, we will also contact you directly to notify you of any substantial changes.
What information do we collect?
We collect information about you when you engage with our website and only collect information which is necessary, relevant and adequate for the purpose you are providing it for.
Some of this information we collect does not identify you personally, but provides us with information about how you use our services and engage with us (we use this information to improve our services and make them more useful to you).
The information we collect includes some or all of the following:
- Name (including title);
- Phone number;
- Email address;
- The date and time you used our services;
- The pages you visited on our website, the features you used and how long you visited us for;
- Your IP address;
- Your business location (where you have entered this into the system);
- The internet browser and devices you are using;
- The website address from which you accessed our website;
- Your direct marketing preferences;
Any personal information that we obtain from you directly is provided to us on a voluntary basis. However, if you do not give this information to us, you may be unable to receive certain services from us or our partners or communicate with us effectively.
We use Google Analytics software to collect information about how you use our website. This includes IP addresses. The data is anonymised before being used for analytics processing.
Google Analytics processes anonymised information about:
- the pages you visit on our website
- how long you spend on each page
- how you got to the site
- what you click on while you’re visiting the site
We do not store your personal information through Google Analytics (for example your name or address).
We will not identify you through analytics information, and we will not combine analytics information with other data sets in a way that would identify who you are.
How do we use your information?
We will use this information to provide the services requested and, if you agree, to email you about other information and services that we think may be of interest to you.
We will only process information that is necessary for the purpose for which it has been collected. You will always have the option not to receive marketing communications from us and you can withdraw your consent at any time.
If you no longer wish to be contacted for marketing purposes, please email firstname.lastname@example.org. You can opt out of our email communications by clicking the unsubscribe link at the footer of any email you receive from us.
How do we share this information?
Third Party Processors – Where you have opted in to receive email marketing communications, we will share your data with our third party email marketing platform partners ‘Mailchimp’.
We will never sell your data to third party processors.
Safeguards. We take steps to ensure that any third party partners who handle your information comply with data protection legislation and protect your information just as we do. We only disclose personal information that is necessary for them to provide the service that they are undertaking on our behalf.
How and where do we store your data?
We only keep your data if you have given consent and/or if we have a valid legal reason to do so and will only keep it for as long as we need to in order to fulfil our contractual or legal obligations or for as long as we have your permission to keep it. Your data will be deleted if we no longer need it to maintain our obligations or if you have requested that we delete it.
If your data is stored or transferred outside of the European Economic Area (“the EEA”) e.g. to Mailchimp, we will take all reasonable steps to ensure that your data is treated as safely and securely as it would within the EEA and under the GDPR.
Data security is of great importance to us. We take steps to protect your data by using data encryption on our websites and applications. Our websites are hosted in the UK and are monitored 24/7/365. The servers where they are stored includes firewall protection and secure monitoring software which generates alerts in the event of a hack attempt or the detection of malware.
How long do we keep your information for?
We do not retain personal information in an identifiable format for longer than is necessary.
How can I manage the information we hold about you?
You have the right as an individual to access your personal information we hold about you and make corrections if necessary. You also have the right to withdraw any consent you have previously given us and ask us to erase information we hold about you. You can also object to us using your personal information (where we rely on our business interests to process and use your personal information).
You have the right to:
- Ask for a copy of the information that we hold about you;
- Correct and update your information;
- Withdraw your consent (where we rely on it);
- Object to our use of your information (where we rely on our legitimate interests to use your personal information) provided we do not have any continuing lawful reason to continue to use and process the information. When we do rely on our legitimate interests to use your personal information for direct marketing, we will always comply with your right to object;
- Erase your information (or restrict the use of it), provided we do not have any continuing lawful reason to continue to use and process that information;
- Transfer your information in a structured data file (in a commonly used and machine readable format), where we rely on your consent to use and process your personal information or need to process it in connection with your contract.
You also have the right not to be subject to purely automated decisions (including profiling) where this has a significant effect on you. We do not envisage that any decisions will be taken about you in this way, however we will update this statement if this changes.
You can exercise the above rights and/or manage your information by contacting us using the details below:
Town Hall, Vicar Street
If you are unhappy, you have the right to lodge a complaint with the Information Commissioner’s Office:
Information Commissioner’s Office
Call: 0303 123 1113