Details of the technical personal data that we process if you use our website is below:
- We generate log files from various servers when you visit our website and mobile app: this will include an IP address assigned to you or, more likely, to someone who provides you with Internet access.
- Our website and mobile app, like many others, uses Google Analytics, a web analytics tool provided by Google, to collect information about how visitors use our site. This tool generates the google-analytics.com cookie/tracker. We use the Google Analytics information to compile reports and to help us improve the site. The cookie collects information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. Google can provide more details about their cookies
- Web pages that use embedded YouTube, Facebook and Twitter widgets generate cookies/trackers for doubleclick.net, facebook.com/facebook.net and twitter.com respectively.
Using your information
We automatically collect information to maintain and improve our services and functionality on our website. We measure visitors to our website and mobile app using tools such as Google Analytics. These tools use analytical cookies to record what pages you view within our site, how you arrived at our site and some basic information about your computer. All of that information is anonymous – so we don’t know who you are; just that somebody visited our site.
The information we collect from analytics helps us understand what parts of our sites are doing well, how people arrive at our site and so on. Like most websites, we use this information to make our website better.
If you are reporting issues with the functionality of our website, we will generally collect your name, and contact details, and other information necessary to investigate the problem and advise of the outcome.
Our Reasons for Processing Your Data
In relation to the above uses, we shall process your personal data on the legal basis that it is necessary for the purposes of our legitimate interests or of your organisation’s legitimate interests, including: to enable us to perform our contractual obligations under the organisation Agreement, to improve or optimise our services, to maintain the security of our computer systems, to understand how the Platform and Applications (iOS and Android) is used and to improve the user experience of the Platform and Applications (iOS and Android), to protect and defend our legal rights, for troubleshooting, and for data analysis, testing and research purposes. Please also note:
- We will not undertake any analysis via the Platform and Applications (iOS and Android) by specific reference to any special categories of personal data (including racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data, health data, sex life or sexual orientation), unless this has been expressly requested or configured by your organisation. Where this is the case, it is your organisation’s responsibility to ensure they have obtained your explicit consent to such processing. However, you might, in the course of providing comments or feedback, provide personal data within one of the above categories where this has not been requested. By providing this data to us, you will be deemed to have consented to our processing such data as part of the captured results and disclosing such data to your organisation.
- Data collected from you and other Organisation Users or personnel may be used by us in an aggregated and anonymised form for statistical and benchmarking purposes.
Transfers of your data
We only transfer data outside of the EEA if it is to a country or organisation that is deemed by the EU to have adequate protection of data.
We also have a small number of companies providing services to us. These are our processors and we have confirmed that they all meet the requirements of the GDPR.
Technical and operational security
As an organisation, Flexible Childcare Services Scotland is committed to protecting personal data. This includes technical security measures (e.g., firewalls), encryption of personal data, restricted access to personal data, protection of our physical premises and hard assets, and encrypted back-ups.
All of our employees are trained on Data Privacy and work to the highest ethical standards to protect your rights.
Retaining your Information
We will not store your personal data for longer than is reasonably necessary to use it in accordance with this policy or with our legal rights and obligations. For the avoidance of doubt, aggregated and anonymised data and any information other than personal data can be stored indefinitely.
- For Users: we will retain your personal data for a period of 5 years or until six months after our relationship with your organisation has ended (whichever is sooner). After this period, your personal data will be anonymised or deleted.
- For Marketing Contacts: we will retain your personal data for a period for so long as necessary to continue to provide you with updates or other marketing emails or other communications in circumstances in which you have consented (where necessary) or else not unsubscribed to receiving such communications and in which we have a continued legitimate interest in undertaking that marketing.
When we process your data, you have rights as a data subject. The relevant rights are:
- Request a copy of your personal data and information about our processing of it
- Request that we delete information on you if we do not need to hold it
If you want to exercise any of these rights, please just contact us on email@example.com.
You also have the right to lodge a complaint about our processing with a supervisory authority — in the UK that is the ICO whose details are here: https://ico.org.uk/global/contact-us/postal-addresses/