Privacy Policy - Ukipbromley

At UKIP Bromley (ukipbromley.com), your privacy and the security of your personal data are of the utmost importance to us. We are fully committed to protecting the personal information you entrust to us in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

This Privacy Policy outlines how we collect, use, disclose, and protect your personal data when you visit or interact with ukipbromley.com, and your rights in relation to that data.

1. Scope of Policy and Data Controller Role

This Privacy Policy applies to all personal data collected and processed through the website ukipbromley.com. The data controller for any personal information processed through this site is UKIP Bromley. If you have any queries regarding our handling of your data, you may contact us at [email protected].

2. Categories of Data We Process

We may collect, use, store, and transfer various categories of personal data depending on your interactions with our site:

– Usage Data: Includes information such as your IP address, browser type, operating system, referring URLs, pages visited, time and date of access, and session duration.
– Account Data: Provided voluntarily when registering or subscribing, such as your full name, postal address, email address, and phone number.
– Profile Data: Information about your preferences, engagement with our content, purchase history (if applicable), and interactions on the site.
– Communication Data: Records of queries, support requests, messages, and any other correspondence you initiate with us.
– Technical Data: Includes data on your device such as device type, operating system, browser configurations, and other technical identifiers.
– Transaction Data: Includes historical purchasing or donation data, delivery details, billing addresses, and payment confirmations where applicable.
– Preference Data: Choices regarding marketing communications, subscriptions, event participation, and product or topic interests.

3. Legal Bases for Processing

Our processing of personal data is grounded in the following legal bases:

– Legitimate Interests: To enhance user experience, manage and improve our services, and ensure security.
– Contractual Necessity: To fulfill obligations resulting from agreements entered into with you.
– Consent: In situations where you have granted us clear consent, such as for marketing emails or non-essential cookies.
– Legal Obligations: Where we are bound by a legal duty to process personal data, for example for tax or compliance purposes.

4. Your Data Protection Rights

Subject to applicable law, you have the following rights regarding your personal data:

– Right of Access: To request information about the personal data we hold concerning you.
– Right to Rectification: To request correction of inaccurate or incomplete data.
– Right to Erasure: Also known as the “right to be forgotten,” applicable under certain conditions.
– Right to Restriction: To request a halt on data processing under specific circumstances.
– Right to Data Portability: To receive a digital copy of the personal data provided to us, or request its transfer to a third party.
– Right to Object: Where data is processed based on legitimate interests or for direct marketing purposes.

To exercise these rights, please contact us at [email protected]. We may require reasonable steps to verify your identity before responding to any request.

5. Security Measures

We maintain strict safeguards to protect personal data, including:

– Encryption of data in transit and at rest wherever feasible
– Role-based access control to limit data availability to authorized personnel
– Regular backups to mitigate data loss
– Staff training in security and confidentiality practices

These procedures are routinely reviewed to ensure the continued integrity and confidentiality of your data.

6. International Data Transfers

If we transmit personal data outside of the European Economic Area (EEA), we ensure that adequate safeguards are in place, such as the use of Standard Contractual Clauses approved by the European Commission. For users under U.S. jurisdiction, we also ensure compliance with regional privacy regulations, including the CCPA.

7. Data Retention

We retain personal data for only as long as necessary to fulfill the purposes for which it was collected, including legal, regulatory, tax, and accounting obligations. Specific retention periods are as follows:

– Usage Data: Retained for up to 12 months to improve platform performance and security analytics.
– Account, Profile, Communication, and Transaction Data: Retained for up to 6 years from last activity for contractual and support reasons.
– Technical and Preference Data: Retained for no longer than 24 months, unless subject to other regulatory requirements.

Once retention periods expire, data is securely deleted or anonymized.

8. Cookie Policy

Our website uses cookies to enhance user experience, analyze performance, and enable core functionality. Cookies may include:

– Essential Cookies: Necessary for website functionality (e.g., session management)
– Functional Cookies: Enable personalization based on user settings
– Analytics Cookies: Allow us to understand how visitors interact with the website
– Performance Cookies: Help improve loading times and responsiveness

Third-party analytics tools such as Google Analytics may set cookies to collect aggregated traffic data. These service providers do not have access to your personal information unless expressly permitted by you.

9. Cookie Management and Compliance

You have full control over your cookie preferences and can manage them through the settings of your browser or via the cookie banner presented on your first visit. We comply with GDPR’s rules requiring prior consent for non-essential cookies and offer opt-out mechanisms in accordance with CCPA guidelines.

10. Children’s Data

Our services are not directed to individuals under the age of 13. We do not knowingly collect data from or about children under 13 years of age. If we become aware that we have collected such data without verified parental consent, we will take steps to delete it promptly.

11. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy from time to time to reflect changes in legal, regulatory, or operational requirements. Whenever we do, significant updates will be communicated through prominent notices on ukipbromley.com, or via direct email communications when appropriate.

12. Contact Us

For any questions relating to this Privacy Policy, your personal data, or your rights, you may contact our privacy officer at:

Email: [email protected]

We are committed to GDPR and CCPA compliance and welcome your comments or concerns regarding how your personal data is handled.