This Policy explains when and why we collect personal information about people who visit our website, how we use it, the conditions under which we may disclose it to others and how we keep it secure.
We may change this Policy from time to time so please check this page occasionally to ensure that you’re happy with any changes. By using our website, you’re agreeing to be bound by this Policy.
Any questions regarding this Policy and our privacy practices should be sent by email to firstname.lastname@example.org or by writing to 23a Cottage Offices, Latimer Park, Latimer place, Chesham HP5 1TU. Alternatively, you can telephone 01494 766123.
How do we collect information from you?
We obtain information about you when you use our website, for example, when you contact us about our services or to make a donation.
What type of information is collected from you?
The personal information we collect might include your name, address, email address, IP address and information regarding what pages are accessed and when. Non persistent logs are kept on our server and within the hosting for diagnostic and fault finding purposes. Security messages in the form or emails are sent from the website for people that are attempting to or have logged into the site or are unauthorised users attempting to access parts of the website.
The website will create messages based on form data entered by users and will send these as emails to an administrative email address.
How is your information used?
We may use your information to:
• process a donation that you have made;
• process an inquiry that you have made;
• Initiate setting up a service you have requested;
• Analyse and improve the operation of the website;
• notify you of changes to our services;
We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations (for example the collection of Gift Aid). We will hold your personal information on our systems for as long as is necessary for the relevant activity.
Some information like IP addresses are held for a limited period of time in logs on the website to assist in diagnosing problems with the hosting of the site and related services such as email.
Who has access to your information?
Any information we hold on you will be used solely by The Chilterns Dial-a-Ride for the purposes of The Chilterns Dial-a-Ride. We will not sell, share or rent your information to any third party.
How you can access and update your information
You have the right to ask for a copy of the information The Chilterns Dial-a-Ride holds about you at any time.
Security precautions in place to protect the loss, misuse or alteration of your information
Non-sensitive details (your email address etc.) are encrypted between our email systems and your mail server provided your mail server supports encryption. Our policy is to use SSL encryption on incoming and outgoing email.
Whether that mail remains encrypted is dependent on how your email configuration has been set up on your devices. If you are not using encryption between your mail server and your device then your mail is not secure and could be intercepted and read because it is in plain text. CDAR is not liable for the configuration of your mail server, or the settings of your mail applications.
We recommend that you use SSL encryption for your email systems at all times. If you are unsure of your mail configuration you should assume that email is not 100% secure. We cannot establish that end to end encryption is in use so we cannot guarantee the security of any information you transmit to us and you do so at your own risk. Once we receive your information we make our best effort to ensure it is secure on our systems.
All information that you provide into our website forms is encrypted between your computer and the website server.
Mobile Device Policy
All mobile devices carrying personal data relating to the business of CDAR which may include laptop computers, smart phones, tablets, external USB removable hard disk drives, USB SSD (Solid State Drives) and USB memory sticks will be protected in at least one of the following ways: Access to the device will require a unique password comprising eight or more characters including upper and lower case letters and numbers in order to gain access. Or the data on the device will be encrypted.
For those devices that hold personal data which can be disassembled and memory can be independently accessed such as a laptop or desktop computer, removable media will be encrypted. Each will require a complex key to decrypt and extract the information held on the device by a 3rd party should the device be lost or stolen.
16 or Under
We are concerned to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian’s permission beforehand whenever you provide us with personal information.
Profiling and Targeted Advertising
We do not carry out any profiling of visitors to the website and we do not provide any targeted advertising from third party providers.
Please see our separate statement on our Cookies Policy. (opens in a new window, close it to return to here)
Review of this Policy
We keep this Policy under regular review. This Policy was last updated in 26th of May 2018