What information we collect and how
Changing Lives in Harlow CIC primary goal in collecting personal information from you is to give you a meaningful enjoyable and customised experience while using our website, and to allow us to develop new products and services which are relevant to customers like you.
The information we collect via the Website may include:
Personal details you knowingly provide us with through forms and our email, such as name, address, telephone number etc. Personal information received by you online will only be used by Changing Lives in Harlow CIC to which you submit your information, except as otherwise required by law or disclosed to you as the information is collected.
Your preferences and use of email updates, recorded by emails we send you (if you select to receive email updates on products and offers).
Your IP Address, this is a string of numbers unique to your computer that is recorded by our web server when you request any page or component on the Website. This information is used to monitor your usage of the Website.
What we do with your information
Any personal information we collect from this website will be used in accordance with the Data Protection Act 1998 and other applicable laws. The details we collect will be used:
To process your order and to provide after sales service (we may pass your details to another organisation to supply/deliver products or services you have purchased and/or to provide after-sales service);
In certain cases we may use your email address to send you information on our other products and services. In such a case you will be offered the option to opt in/out of receiving such information. before completing your purchase.
We may need to pass the information we collect to other companies for administrative purposes. We may use third parties to carry out certain activities, such as processing and sorting data, monitoring how customers use the Website and issuing our e-mails for us. Third parties will not be allowed to use your personal information for their own purposes.
Changing Lives in Harlow CIC is committed to keeping the data you provide us secure and will take reasonable precautions to protect your personal information from loss, misuse or alteration.
We do not store any of your private payment information (such as debit and credit card numbers).
You have the right to request a copy of any information that we currently hold about you. In order to receive such information please send your contact details including address and payment of £10 to cover administration expenses to the following address:
Changing Lives in Harlow CIC
Changing Lives in Harlow CIC is committed to working with customers to obtain a fair and rapid resolution of any complaints or disputes about privacy. Please email us your questions or comments regarding our privacy practices to firstname.lastname@example.org or write to us at the address above.
By using this website you signify your acceptance of this Privacy Statement and you adhere to the terms and conditions posted on the website. If you do not agree with the privacy statement or any of our terms and conditions then do not use any of our services.
1. The acceptance of Terms and Conditions show you agree to adhere by them, as amended from time to time, with or without notice to you. When attending, you (parent) and child automatically agrees to the terms and conditions of Changing Lives in Harlow. We provide the service of fully qualified coaches working alongside trainee coaches which are DBS checked and Insured under the Changing Lives in Harlow CIC. We do not accept the responsibility for your child’s injury and damage, or loss to personal property.
2. The safety and enjoyment of all participants is our main priority, however, due to the physical nature of the sport we cannot guarantee mild accidents will not occur. Therefore we recommend each child dresses appropriately for the session. If indoors wearing top, shorts, long socks covering shin pads is recommended .If sessions are outside, and the weather is hot, putting sun cream on, and, if cold having layered clothing on is recommended. Wear shin pads if possible and appropriate footwear for the surface of play.
3. To help us further ensure that the children have lots of fun we encourage parents to stay and watch outside or participate.
4. Changing Lives in Harlow CIC encourages all different ages/race/religion/sex to participate. Sessions can vary according to the diversity of the group. In order to manage this process Changing Lives in Harlow CIC asks all parents/guardians, of all children, participating to notify Changing Lives in Harlow CIC at the earliest stage of any medical conditions, allergies, medications or additional needs.
5. Changing Lives in Harlow CIC will adapt the sessions according to players ability. Our team is led by qualified FA Coaches, allowing us to tailor the sessions so the participants are getting the maximum enjoyment out of the sessions.
3. Social Media:Pictures/Videos
1. Changing Lives in Harlow CIC may from time to time take photographs/film of any Changing Lives in Harlow CIC course/event, the use of this data is solely for the purpose of promoting and publicising Changing Lives in Harlow CIC literature, website, press and TV, and for use with partners that Changing Lives in Harlow CIC directing manager deems appropriate.
2. Parents/guardians that do not wish for their child to be photographed/filmed must make Changing Lives in Harlow CIC aware of this at the time of booking or in writing before the Course starts (where possible Changing Lives in Harlow CIC will inform parents/guardians at the start of a course).
3. Changing Lives in Harlow CIC will hold all personal data in accordance with the Data Protection Act and GDPR.
4. We shall comply with applicable UK Data Protection legislation from time to time in place in respect of any User Information.
What is GDPR? :
The General Data Protection Regulation (“GDPR”) is a new, EU-wide privacy and data protection law. It calls for more granular privacy guardrails in an organization’s systems, more nuanced data protection agreements, and more consumer-friendly and detailed disclosures about an organization’s privacy and data protection practices.
The GDPR replaces the EU’s current data protection legal framework from 1995 (commonly known as the “Data Protection Directive”). The Data Protection Directive required transposition into EU Member national law, which led to a fragmented EU data protection law landscape. The GDPR is an EU regulation that has direct legal effect in all EU Member States, i.e., it does not need to be transposed into an EU Member States’ national law in order to become binding. This will enhance consistency and harmonious application of the law in the EU.
Processing personal data is a broad concept under GDPR
The GDPR governs how personal data of EU individuals may be processed by organizations. “Personal data” and “processing” are frequently used terms in the legislation, and understanding their particular meanings under the GDPR illuminates the true reach of this law:
Personal data is any information relating to an identified or identifiable individual. This is a very broad concept because it includes any information that could be used on its own, or in combination with other pieces of information, to identify a person. Personal data is not just a person’s name or email address. It can also encompass information such as financial information or even, in some cases, an IP address. Moreover, certain categories of personal data are given a higher level of data protection because of their sensitive nature. These categories of data are information about an individual’s racial and ethnic origin, political opinions, religious and philosophical beliefs, trade union membership, genetic data, biometric data, health data, information about person’s sex life or sexual orientation, and criminal record information.
Processing of personal data is the key activity that triggers obligations under the GDPR. Processing means any operation or set of operations that is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. In practical terms, this means any process that stores or consults personal data is considered processing.
At Stripe, privacy, data protection, and data security are at the very heart of everything we do. We’re continuously working to reset the bar for ourselves in the security and data privacy realm, and view the GDPR as an opportunity for the entire industry to come together on this and improve.
Stripe started its efforts towards GDPR compliance back in 2016, and we are working to ensure that our services are GDPR-compliant on the effective date of May 25, 2018.
GDPR compliance is comprised of many elements. Among others, we are updating our documentation and agreements to align with GDPR requirements. We are also revising our internal policies and procedures to ensure that they adhere to the GDPR standard.
Most of the GDPR compliance elements take place “under the hood” of an organization as they relate to updates on how an organization is processing personal data. These are some of the steps platforms like Stripe are performing for their users (and themselves) in anticipation of the GDPR:
Perform a gap analysis between the requirements imposed by the Data Protection Directive and the GDPR, as applicable to the company’s business operations.
Review and update internal tools, procedures and policies where necessary.
Revise data mapping and data inventory practices, and update where necessary, to comply with record retention obligations under the GDPR.
Perform a dedicated gap analysis of privacy and data protection review tooling to meet the Data Protection Impact Assessment requirements.
Update approach to international data transfers.
Update contracts to reflect Art. 28 GDPR obligations as they relate to the company’s contracting parties.
Review and, where necessary, revise relationships with vendors to meet the requirements of the GDPR to ensure that those third parties receive and process personal data in a lawful way.
Update the company’s Privacy Compliance Program with continuous employee training to reflect the changes to be implemented for the GDPR.