Privacy Policy

  1. Our Commitment To Privacy
  2. The Information We Collect
  3. How We Use Information
  4. Our Commitment To Data Security
  5. Our Commitment To Children’s Privacy
  6. How To Access Or Correct Your Information
  7. 3rd Party Data Processors
  8. Other Web Sites
  9. How To Contact Us
  10. Changes To This Privacy Policy
  1. Our Commitment To Privacy

    Your privacy is important to us. To better protect your privacy we provide this notice explaining our online information practices and the choices you can make about the way your information is collected and used. To make this notice easy to find, we make it available on our homepage and at every point where personally identifiable information may be requested.

    We believe:

    1. User privacy and data protection are human rights
    2. We have a duty of care to the people who’s data we hold
    3. Data is a liability, it should only be collected and processed when absolutely necessary
    4. We will never sell, rent or otherwise distribute or make public your personal information
    5. We will never sell or give your data to anyone who would spam you.
  2. The Information We Collect and why

    1. Site tracking

      This site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website. Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google does not grant us access to this. We consider Google to be a 3rd Party Data Processors.

    2. Product Purchasing

      This notice applies to all information collected or submitted on this website. On some pages, you can order products, make requests, and register to receive materials. The types of personal information collected under Article 6 are (a) Consent and (b) Contract. The information collected as a Data Controller is:

      Name
      Company Name (if applicable)
      Address
      Email address
      Phone number
      IP Address

      The Information We DONT Collect:

      Credit/Debit Card Information

    3. Blog Posts

      Should you choose to add a comment to any posts that we have published on our blog, the name and email address you enter with your comment will be saved to this website’s database, along with your computer’s IP address and the time and date that you submitted the comment. This information is only used to identify you as a contributor to the comment section of the respective blog post and is not passed on to any of the third party data processors detailed below. Only your name will be shown on the public-facing website although if the supplied email address is linked to a Gravatar account, your Gravatar photo will also be displayed.

      Your comment and it’s associated personal data will remain on this site until we see fit to either:

      1. Remove the comment
      2. Remove the blog post.

      Should you wish to have the comment and it’s associated personal data deleted, please contact us.

      If you are under 16 years of age you MUST obtain parental consent before posting a comment on our blog.

    4. Contact Forms and email links

      Should you choose to contact us using the contact form on our Contact us page or an email link, none of the data that you supply will be stored by this website or passed to / be processed by any of the third party data processors. The data will be collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP).

      Our SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the internet. The email content is then decrypted by our local computers and devices.

    5. Email Newsletter

      If you choose to sign up for our email newsletter, the email address that you submit to us will be forwarded to MailChimp who provide us with email marketing services. We consider MailChimp to be a third party data processor. The email address that you submit will not be stored within this website’s own database or in any of our internal computer systems.

      Your email address will remain within MailChimp’s database for as long as we continue to use MailChimp’s services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any and all email newsletters that we send you or by requesting removal via email or our contact form. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.

      If you are under 16 years of age you MUST obtain parental consent before joining our email newsletter.

    6. Technical Information

      1. Log data
        When you use our services, our servers record information (“log data”), including information that your browser or email client automatically sends whenever you visit a website, send an email, or your mobile app automatically sends when you’re using it. This log data includes your Internet Protocol address along with other details.
      2. Cookie data
        We use “cookies” (small text files sent by your computer each time you visit our website, unique to you or your browser) or similar technologies to capture log data. When we use cookies or other similar technologies, we use session cookies (that last until you close your browser) or persistent cookies (that last until you or your browser delete them). For example, we use cookies to store your language preferences or other settings so you don‘t have to set them up every time you use our services.
      3. Device Information
        In addition to log data, we collect information about the device you’re using Pinterest on, including type of device, operating system, settings, unique device identifiers and crash data that helps us understand when something breaks. Whether we collect some or all of this information often depends on what type of device you’re using and its settings.
  3. How We Use Your Information

    We use the information you provide about yourself when placing an order only to complete that order. We do not share this information with outside parties except to the extent necessary to complete that order.

    We use the information you provide about someone else when placing an order only to ship the product and to confirm delivery. We do not share this information with outside parties except to the extent necessary to complete that order.

    We offer gift-cards by which you can personalize a product you order for another person. The information you provide to us to create a gift-card is only used for that purpose, and it is only disclosed to the person receiving the gift.

    We use return email addresses to answer the email we receive. Such addresses are not used for any other purpose and are not shared with outside parties.

    We use the information within our log files as a legitimate interest of the data controller concerned. For example and not exclusively: to include preventing unauthorised access to electronic communications networks and malicious code distribution and stopping ‘denial of service’ attacks and damage to the computer and electronic communication systems. [Recital 49]

    You can register with our website if you would like to receive our newsletter. The information you submit on our website will not be used for this purpose unless you fill out the registration form.

    Finally, we never use or share the personally identifiable information provided to us online in ways unrelated to the ones described above.

  4. Our Commitment To Data Security

    To prevent unauthorised access, maintain data accuracy, and ensure the correct use of information, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the information we collect online.

    We take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.

    Our website is secured by a Secure Socket Layer Certificate and as such, any information transmitted via this website is encrypted.

    Our email server is also protected via SSL/TLS and as such, if you have configured your email client to send and receive emails via this secure method, your data will be secure. If you are using plain text then we can not guarantee the safety or integrity of any emails once they have left our server.

    Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

  5. Our Commitment To Children’s Privacy

    Protecting the privacy of the very young is especially important. For that reason, we never collect or maintain information at our website from those we actually know are under 16, and no part of our website is structured to attract anyone under 16.

  6. How To Access Or Correct Your Information

    You can access all your personally identifiable information that we collect online and maintain by either logging into your control panel, calling us or sending us an email. We use this procedure to better safeguard your information.

    You can correct factual errors in your personally identifiable information by also logging into your control panel, or sending us a request that credibly shows error.

    To protect your privacy and security, we will also take reasonable steps to verify your identity before granting access or making corrections.

  7. 3rd Party Data Processors

    In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.

    However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies with respect to the information we are required to provide to them for your purchase-related transactions.

    For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.

    We use a few third parties to process personal data on our behalf. These third parties have been carefully chosen and are industry standards. And all of them comply with the relevant legislation.

    1. Digital Essence (Privacy Policy)
    2. Google (Privacy Policy)
    3. PayPal (Privacy Policy)
    4. MailChimp (Privacy Policy)
    5. QuickBooks (Privacy Policy)
  8. Other Websites

    Our site may, from time to time, contain links to other websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for your use of such websites.

  9. How To Contact Us

    Should you have other questions or concerns about these privacy policies, please contact Chris Leggett at chris@xyug.org.

  10. Changes to this Privacy Policy

    We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.

Date of Issue: 19/04/2018