The nitty gritty:

Use of your personal data

If you join the Society the information you provide in your user profile is stored in our database. You can see, edit and delete this information at any time, however deleting your information will mean you will be unaware of our activities, updates and resources.

Your information will also be deleted if you cease to be a member of the Society (usually within a calendar month of you notifying us of your wish to cease being a member).

The Society uses this information to help run the Society and to let you know about information and events relevant to the Society.

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data that we hold about you. This does not include any data we are obliged to keep for administrative, legal or security purposes.

We do not share your information with any other person or organisation.

Your data and our website

If you leave a comment on the website, then we collect the data shown on the comments form. We also collect your IP address and ‘browser user agent string’ to help detect spam.

If you make use of any Avatar service (e.g. Gravator) that information may also be analysed in order to detect spam.

If you leave a comment, you may also opt-in to leaving your name, email address and website data in a cookie. This will last for one year and means that you don’t have to add these details again when leaving another comment.

Comments may be checked through an automated spam detection device.

We use a temporary cookie on our login page to see if your browser accepts cookies. This contains no personal data and is discarded when you close the browser.

When you log in, we will also set up several cookies to save your login information and screen display choices. Login cookies last for two days, and screen option cookies for a year. If you select ‘Remember Me’, your login will persist. Login cookies may be removed if you log out of your account, but this is dependent on the functionality and settings of your browser.

For more detail about cookies and how we use them, please see the ‘Cookies’ section below.

If you upload images to the website, please be aware that, if the image contains embedded location data, this data will be available to anyone who downloads your image from the site.

Articles on this site may have embedded content (e.g. videos, images, articles etc). Embedded content from other websites behaves in the same way as if the visitor had visited the other website. These websites may contain data about you, use cookies, embed third-party tracking and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged into that website.

Our website is hosted by a 3rd party service provider and information such as your browser type, operating system, Internet Protocol (IP) address, domain name, date/time stamp of your visit, forwarding domain and search terms used (if that is a search engine) is automatically collected and available for us and them to view. This information is used in the prevention of spam and other unwelcome material and to enhance the site.

We do not use your data for any advertising purposes.

Cookies

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

The cookies that this site may store on your computer are listed below. We supply this as strictly technical information, rather than as a comprehensive primer on the workings of our cookies.

WordPress specific cookies

The Society uses WordPress as a Content Management System.

When leaving a comment, WordPress stores up to three cookies in order to remember your details and save you from having to type them in every time:

  • comment_author (expires after one year)
  • comment_author_email (expires after one year)
  • comment_author_url (expires after one year)

When registering and logging in to add and edit content in the /wp-admin/ area of the site, WordPress stores up to four cookies:

  • wordpress_xxxx (expires after two months; xxxx is a 32 character randomly generated sequence)
  • wordpress_logged_in_xxxx (expires when you close your browser)
  • wp_settings-1 (expires after one year)
  • wp_settings_times-1 (expires after one year)
3rd party cookies

Some content is embedded from other sources, such as Google or YouTube. These sources may store cookies. Where available, we will add links to their privacy policies here:

We may also use the Google Analytics tracking system and if so, the following cookies may be set: _utma, _utmb, etc (these expire after two years). You can read more about Google’s cookies here.

Web site tracking

Whenever you visit our web site, our host server automatically records each page you visit and the IP address from which you are connecting to us. It also records other information, including your operating system, your web browser, and the web site from which you followed a link to this website (if any).

Additionally, the Google Analytics reporting system may be active. This information is only gathered to establish general usage trends for the site, not to find out information about individual users.

To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.

Other websites

Our website contains links to other websites. This privacy policy only applies to this website so when you link to other websites you should read their own privacy policies.

The legal stuff:

Definitions

GDPR

means the General Data Protection Regulation (2018).

Responsible Person

means Mr S Pickthall, Society webmaster.

Register of Systems

means a register of all systems or contexts in which personal data is processed by the Society.

1. Data protection principles

The Society is committed to processing data in accordance with its responsibilities under the GDPR.

Article 5 of the GDPR requires that personal data shall be:

  1. processed lawfully, fairly and in a transparent manner in relation to individuals;
  2. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
  3. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
  4. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
  5. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and
  6. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures.”

2. General provisions

  1. This policy applies to all personal data processed by the Society.
  2. The Responsible Person shall take responsibility for the Society’s ongoing compliance with this policy.
  3. This policy shall be reviewed at least annually.
  4. The Society qualifies for exemption from registering with the Information Commissioner’s Office as an organisation that processes personal data.

3. Lawful, fair and transparent processing

  1. To ensure its processing of data is lawful, fair and transparent, the Society shall maintain a Register of Systems.
  2. The Register of Systems shall be reviewed at least annually.
  3. Individuals have the right to access their personal data and any such requests made to the Society shall be dealt with in a timely manner.

4. Lawful purposes

  1. All data processed by the Society must be done on one of the following lawful bases: consent, contract, legal obligation, vital interests, public task or legitimate interests (see ICO guidance for more information).
  2. The Society shall note the appropriate lawful basis in the Register of Systems.
  3. Where consent is relied upon as a lawful basis for processing data, evidence of opt-in consent shall be kept with the personal data.
  4. Where communications are sent to individuals based on their consent, the option for the individual to revoke their consent should be clearly available and systems should be in place to ensure such revocation is reflected accurately in the Society’s systems. 

5. Data minimisation

  1. The Society shall ensure that personal data are adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.

6. Accuracy

  1. The Society shall take reasonable steps to ensure personal data is accurate.
  2. Where necessary for the lawful basis on which data is processed, reasonable steps shall be put in place to ensure that personal data is kept up to date.

7. Archiving / removal

  1. To ensure that personal data is kept for no longer than necessary, the Society shall put in place an archiving policy for each area in which personal data is processed and review this process annually.
  2. The archiving policy shall consider what data should/must be retained, for how long, and why.

8. Security

  1. The Society shall ensure that personal data is stored securely using modern software that is kept-up-to-date. 
  2. Access to personal data shall be limited to personnel who need access and appropriate security should be in place to avoid unauthorised sharing of information.
  3. Appropriate back-up and disaster recovery solutions shall be in place.
  4. Backups are currently retained for a period of six months from the date of the backup being made.
  5. When personal data is deleted, this should be done safely such that the data is irrecoverable once the backup retention period has passed.

9. Breach

In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, the Society shall promptly assess the risk to people’s rights and freedoms and if appropriate report this breach to the ICO (more information on the ICO website).

END OF POLICY

Last updated April 2024

(based on a template from Bexley Voluntary Service Council, with thanks)

The Society for One-Place Studies is a leading organisation dedicated to supporting One-Placers worldwide. 

Facebook Page  Twitter Profile  Instagram  YouTube  Members only Facebook Group  Pinterest

Contact Us

By email:
info@one-place-studies.org

By post:
Society for One-Place Studies,
28 St Ronan’s Avenue,
Southsea, Hampshire, PO4 0QE
United Kingdom

© The Society for One-Place Studies