Privacy Policy

 

1. GDPR

The General Data Protection Regulation (GDPR) came into force on 25 May 2018.

This has implications for how Cockermouth and District Civic Trust (we) handles your data and how we communicate with you. We have always taken all reasonable steps to ensure that data held about its members is treated confidentially.

However, the introduction of the GDPR means that you have to be told in detail how the Civic Trust handles your personal data and how we communicate with you. Although the GDPR comes from the European Union the British Government has confirmed that the rules will not be affected by the withdrawal of the UK from the EU.

2. WHO WE ARE

Cockermouth and District Civic Trust is a charity dedicated to enhancing the quality of life in Cockermouth by promoting thoughtful urban planning and preserving the town’s heritage.

Charity Name: Cockermouth and District Civic Trust
Charity Number: 254362

3. PERSONAL DATA

Your personal information will only be used to process your requests, to provide you with our services, and to provide you with information relating to our services and all other services which we think you may be interested in.

We may collect the following information, depending on how you interact with our website and provide consent for doing so.

  • Name and job title
  • Contact information including email address
  • Your telephone number and/or mobile number where you have provided one
  • Demographic information such as postcode, preferences and interests
  • Other information relevant to customer surveys and/or offers
  • Details of membership subscriptions you have paid
  • Details of any events you may have attended and payments you have made in this regard
  • In addition, we may have retained emails or letters you have sent us to book events or to ask questions about Cockermouth and District Civic Trust and its activities.

4. CONTACT FORMS

When you complete a Contact Us form, any data supplied via the form shall be transmitted to us by email and stored on our email subsystem. No data is stored on our website or hosting servers.

5. WEBSITE USAGE INFORMATION

When you visit our website we may collect statistical data on an ongoing basis. This may include data about what pages you access or visit, and information about your use of our site. For example, the pages viewed, how long you stay on a page and the website from which you came to visit our site, for example, a search engine, social media or a referral website.

6. COOKIES

Cookies are small files of information that a web server generates and sends to a web browser. Web browsers store the cookies they receive for a predetermined period, or the length of a user’s session on a website. They attach the relevant cookies to any future requests the user makes to the web server.

We are abiding by the EU consent mode for cookies. Therefore, giving you complete control to provide consent for what gets’ stored or not.

Temporary cookies to determine if your browser accepts cookies required for the successful operation of the website may still be operational. These cookies contains no personal data and discarded when you close your browser.

7. SSL CERTIFICATE

Our website utilises industry-standard Secure Sockets Layer (SSL) technology to allow for the encryption of potentially sensitive information such as your name, address and other critically sensitive information. Information passed between your computer and our website cannot be read in the event someone else intercepts it.

This technology includes the following features:

  • Authentication – this assures your browser that your data is being sent to the correct computer server, and that the server is secure.
  • Encryption – this encodes the data, so that it cannot be read by anyone other than the secure server.
  • Data Integrity – this checks the data being transferred to ensure it has not been altered.

When you access a website secured by an SSL certificate, you will see https:// at the beginning of its URL. Your web browser may also show the connection as secure by displaying a “lock” icon in the address bar.

8. EMAILS SENT BY COCKERMOUTH AND DISTRICT TRUST

Any information contained in or attached to an email sent by Cockermouth and District Civic Trust (@cockermouthcivictrust.co.uk) is sent through an SMTP mailbox connection that is secured with an SSL Certificate. This ensures that all the email contents (attachments, headers, message body, username, and password) are encrypted and secured from any potential eavesdroppers or hackers.

9. WEBSITE, EMAIL & SERVER SECURITY

We ensure best to our ability that our systems and servers are protected from hackers, viruses, intruders and other online and offline problems by utilising the latest web security features, along with real-time file scanning for malicious files, a comprehensive firewall and advanced email filters to protect our systems.

10. CONTENT FROM OTHER WEBSITES

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

11. MEMBERSHIP DATA

Your personal data is stored on electronic equipment and/or hard copy used by members of the Executive Committee on a need to know basis. That means information is usually only held by the Chair, Secretary, Membership Secretary and Treasurer. Some of our records, such as membership forms and Gift Aid authorities, are held in paper format by the Secretary, Membership Secretary and Treasurer. All personal data is stored securely and is regularly updated and backed up.

We keep the information for as long as we deem necessary within the remit of the legislation. Membership details and Gift Aid authorities will be retained for as long as you are a member. We may also need to keep financial information for a period of six financial years after the end of the financial year in which the transaction occurred so that we can respond to any enquiries from HMRC about our income or applications for Gift Aid.

We do not routinely share personal information. On Members’ instructions, we may need to share personal information where the services we provide involve an identified third party supplier in which case we will take reasonable steps to ensure that any information shared will be limited to what is necessary for the specific purpose and will only be processed in accordance with GDPR principles.

You can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

You have the right to ask us to tell you what information we hold about you at any time. You can do this by using the online enquiry form on our website.

You also have the right at any time to correct any information we hold about you which is incorrect or out of date.

You have the right to cancel your membership at any time and ask for your details to be removed from our records. Please note that we may need to keep details of payments you have made to us even after your membership ends as explained above.

12. DATA CONTROLLER

The Secretary is deemed to be the Data Controller for the purposes of the GDPR

13. CONTACT INFORMATION AND COMMUNICATIONS

When you join the Civic Trust we add your name to our mailing lists and then keep you informed about the Trust’s events and activities. We will occasionally contact you about your membership of the Trust and will remind you when your subscription is due.

We will tell you about Cockermouth and District Civic Trust related events organised by other organisations and other civic societies in the area. We will use our judgement and discretion to decide which events not organised by us we decide to tell you about.

We will usually only contact you by email (preferred) or by post. People who have provided us with an email address will receive information from us more frequently than those who have only provided us with a postal address. The reason for this is based primarily on the costs of printing and postage but can also be due to the fact that we sometimes receive information from others at very short notice and there may not be time to issue postal communication to members.

Very rarely we may need to contact you by telephone but this would usually only be to let you know about late changes to our events where an email or letter may not reach you in time.

14. CONTACTING US

If you have any questions or feedback regarding this privacy policy or would like to exercise any of your statutory rights, please contact us by using the online enquiry form on our website.

15. YOUR RIGHTS

You have the right to object to how we use your personal information. You also have the right to see what personal information we hold about you. In addition, you can ask us to correct inaccuracies, delete or restrict personal information or to ask for some of your personal information to be provided to someone else.

Right to Object

You can object to our processing of your personal information. Please contact our Data Controller, providing details of your objection.

Access to Your Personal Information

You can request access to a copy of your personal information that we hold, along with information on what personal information we use, why we use it, who we share it with, how long we keep it for and whether it has been used for any automated decision making.

You can make a request for access by contacting us on our contact form. Please make all requests for access in writing and provide us with evidence of your identity.

Right to Withdraw Consent

If you have given us your consent to use personal information, you can withdraw your consent at any time and, update your marketing preferences by contacting our Data Controller.

Rectification

You can ask us to change or complete any inaccurate or incomplete personal information held about you.

Erasure

You can ask us to delete your personal information where it is no longer necessary for us to use it, you have withdrawn consent, or where we have no lawful basis for keeping it.

Portability

You can ask us to provide you or a third party with some of the personal information that we hold about you in a structured, commonly used, electronic form, so it can be easily transferred.

Restriction

You can ask us to restrict the personal information we use about you where you have asked for it to be erased or where you have objected to our use of it.

Personal Data Breach Notification

We ensure best to our ability that our systems and servers are protected from hackers, viruses, intruders and other online and offline problems, however if we experience a data breach of any kind, where a customer’s data has been compromised, a notification will be sent to all those affected within 72 hours of becoming aware of the breach.

Make a Complaint

You can make a complaint about how we have used your personal information to us by contacting our Data Controller.

You also have the right to lodge a complaint with a supervisory body. The relevant authority in the UK is the Information Commissioner’s Office at ico.org.uk

We will not make any charge for responding to any request from you to exercise your privacy rights, and we will respond to your requests in accordance with our obligations under data protection law.

This policy was updated on 26th March 2025 to comply with the EU General Data Protection Regulation and EU Consent Mode requirements