Our commitment
At West Wales Biodiversity Information Centre, we are strongly committed to protecting your privacy. We will not sell or share your data with a third party for any purpose not mentioned in this policy.
You can navigate the majority of our site without giving us any personal information about yourself. However, sometimes we need additional information about you in order to provide the information or services you are requesting.
Personal information that this website collects, why we collect it, and how it is stored
We will only ever collect, store and use your personal data when we have an identified lawful basis and reason to do so, such as keeping in touch with you.
At present, we collect Personally Identifiable Information submitted to this website in the following ways:
Contact forms
We have a form on our website that enables you to submit information to us. The personal information you provide on these forms may include your name, title, company name, address, contact numbers and email.
Should you choose to contact us using a contact form on this website, the data submitted is collated into an email, encrypted and then sent over the internet to our email service provider, where we access your email. The email is securely stored on the servers of our email provider for us to access. We don’t store any of this data locally. We will only ever use this data in order to contact you in relation to your enquiry. You may request to see your data and ask for it to be deleted.
Invasive Species Recordings
We have an invasive species report form and a downloadable spreadsheet that can be emailed to us, both of which enable you to submit your recordings to us. The personal information you provide on these forms may include your name, address, contact numbers and email.
We share the information you give us about any reordings with third parties such other Record Centres and relevant partners to ensure accuracy of records. You may request to see your data and ask for it to be deleted.
Site visitation tracking
Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.
Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google does not grant us access to this. We consider Google to be a third party data processor which complies with GDPR legislation and is EU-U.S. Privacy Shield compliant. Google’s Privacy Policy can be found here.
GA makes use of cookies, details of which can be found on Google’s developer guides. For your information our website uses the analytics.js implementation of GA.
Website and server security
The way we store/use information
We store the information you provide about yourself in a secure environment in order to provide you with the information you request. The information is stored for the lifetime of the system unless you request that it be removed. We continually review what information we hold, and delete what is no longer required. We use a number of third party data processors who are all compliant with strict data processing requirements.
All of the personal data we process is processed by our staff in the UK. However, for the purposes of IT hosting and maintenance your information may be situated outside of the European Economic Area (EEA). This will be done in accordance with guidance issued by the Information Commissioner’s Office.
Electronic data and databases are stored on secure computer systems and we control who has access to information (using both physical and electronic means). Our staff receive data protection training and we have a detailed data protection procedure which personnel are required to follow when handling personal data.
You must opt-in or give consent for us to share your identifiable information with third parties, who would be bound by a confidentiality agreement. However, the information you provide us about yourself may be shared with our employees to the extent necessary to accommodate your request. For example, if you provide your name, mailing address, telephone and email address, this information will be shared with appropriate personnel to fulfill your request.
Finally, unless otherwise excepted below, we would not use your personally identifiable information provided to us online for purposes other than those you requested without also providing you an opportunity to agree or otherwise limit such unrelated purposes.
We will take reasonable precautions to prevent the loss, misuse or alteration of information you give us. Whilst we endeavour to keep our systems and communications protected against viruses and other harmful effects we cannot bear responsibility for all communications being virus-free.
All traffic (transferral of files/data) between this website and your browser is encrypted and delivered over HTTPS.
Our server
Our website is protected by a web application level firewall. This website’s server is also protected by a firewall. It is hosted within a UK data centre. Some of the data centre’s more notable physical security features are as follows:
- 24 x 7 x 365 manned security and monitoring on site
- Smart Card access policies
- Internal and external CCTV systems
- Security breach alarms
Leaving our website
We are not responsible for the privacy practices or the content of any other websites linked to our website. If you have followed a link from this website to another website you may be supplying information to a third party.
Your Right to Access Your Data
We respect your right to control your data. You have a right to update, correct or delete your personally identifiable information at any time by contacting us.
For more information on your individual rights, please see the Information Commissioner’s Office.
Changes
We may occasionally update this Privacy Statement. We encourage you to periodically review this Privacy Statement to stay informed about how we are helping to protect the personally identifiable information we collect.
22/05/2018