Privacy and data protection at sgi-uk-lipc.com

25 May 2018

 Privacy Policy at sgi-uk-lipc.com

What General Data Protection Regulation (GDPR) means to public and User members  of sgi-uk-lipc.com

 

UK and EU law sets rules and protections around the processing of Personal Data under the General Data Protection Regulation (GDPR) https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/.

 

 

Soka Gakkai International-UK (https://sgi-uk.org/) is the organisation which owns and administers the London Ikeda Peace Centre (LIPC), 7 Wakefield Street, London WC1N 1PG.

sgi-uk-lipc.com is the website for the Booking and display of meetings and activities at the LIPC. Anybody can view the meetings scheduled at LIPC but only Users who have registered an account (Authorised Users) can request Room Bookings by using the online Room Booking Form.

A small team of LIPC Bookers manage the Booking of rooms .

 

The LIPC website is hosted on a computer server on webspace belonginging to Zen Internet (https://www.zen.co.uk/), which processes our data, and it holds our database containing User registration details, Room Bookings and the LIPC calendar (see Zen Internet Customer compliance statement here).

Characteristics of the LIPC website:

SSL status - SSL (website address begining with “https://”) encrypts the communication between the client and the server, which protects from "man in the middle" and similar hacking attacks.

Cookies - when you view the website, three “Session” only are sent to the sgi-uk-lipc.com server . If you are logged-on the session can hold your username and password until you stop using the website. You get a cookie stored on your device. This cookie will have a specific id that links to the session the next time you go online. UK legislation here. These Session Cookies  are needed for the correct and timely operation of the website and are stored on your device, they expire within one month. You can disable cookies by setting this option in your web browser.

User Accounts - roles:

Anybody (anonymous Users) can view the LIPC website without a User account to see what activities are scheduled.

Authorised User accounts can request and edit Room Bookings. To get an account you have to be referred by your HQ leader who will ask LIPC to make an account for you (this is to avoid the tens of thousands of spam User account requests we previously received).

Booker accounts are members of the LIPC Booking Team who manage the use of rooms at LIPC.

Administrator accounts create and edit the technical construction of the website (there is only one Administrator; the data controller, details at the end of this document).

 

This Privacy Policy now conforms to the new UK/EU data laws:

 

1. What kinds of information do we collect? 

When you create an account (when you become an Authorised User) we collect a User name (which can be your email address), and your email address.
When you make a Booking Request we also collect your phone number in order for the Booking team to be able to contact you if they need to, in relation to your Booking.

IP addresses, the date and time the user visited the LIPC site. What HTTP requests the user sent to retrieve information from your site. GET and POST are the most common.

A specific file path to the file (document, image, etc.) the user viewed

Identifies how a user is accessing the LIPC site (which User agent is accessing the LIPC site). User agents are anything that can view and read web pages. Browsers and search spiders are the most comment user agents.

If you ever use the internal mail this is stored on the server. A record of your usage of the website, including any Booking Requests and LIPC web pages you have visited.

 

2. How do we use this information?

We use the information we have to understand the number of people who use the LIPC website and how people interact with the website.

Promote safety, integrity and security.

We use the information we have to verify accounts and activity, combat harmful conduct, detect and prevent spam and other bad experiences, maintain the integrity of our website, and promote safety and security on the LIPC website.

We also use your information to respond to you when you contact us.

3. How is this information shared?

Your information is shared with others in the following ways:

We normally do not pass this information on to anybody outside of the L.I.P.C. Booking Team, however we may pass data to a member of SGI-UK  Chapter Leader  who has a specific responsibility in this matter (eg. MD Chapter Leader could be given MD member's phone number in relation to this activity).

If we are required by law to pass-on data.

4. How can you exercise your rights provided under the GDPR?

Under the General Data Protection Regulation, you have the right to access, rectify, port and erase your data.

  You also have the right to object to and restrict certain processing of your data. Please contact the data controller in this regard (details at bottom of this document).

You also have the right to lodge a complaint with UK lead supervisory authority, the Information Commissioner´s Office https://ico.org.uk/, or your local supervisory authority.

5. Data retention, account deactivation and deletion

We store data until it is no longer necessary to provide our services, or until your account is deleted - whichever comes first.

When you delete your account, we delete things you have posted, such as your Booking Requests, and you won't be able to recover that information later.  To delete your account at any time, please email the sgi-uk-lipc.com data controller (Simon Bramley) at simon@iconproductions.co.uk

  If you don't want to delete your account but want to temporarily stop using the website as an Authorised user, you can deactivate your account instead by visiting you “My account” link and deselecting the “Active” checkbox.

You can change your User name, password or edit your settings by visiting the “My account” link on the left hand side of the homepage of the LIPC website..

6. Legal and government requests

Information we receive about you can be accessed and preserved for an extended period when it is the subject of a legal request or obligation, governmental investigation, or investigations of possible violations of our terms or policies, or otherwise to prevent harm. We also retain information from accounts disabled for terms violations for at least one year to prevent repeat abuse or other term violations.

7. How will we notify you of changes to this policy?

We'll notify you before we make changes to this policy and give you the opportunity to review the revised policy before you choose to continue using the LIPC website.

8. How to contact sgi-uk-lipc.com with questions

If you have questions about this policy, you can contact us as described below.

 

The data controller responsible for your information is Simon Bramley, who you can contact online, or by letter at:

 

Simon Bramley

simon@iconproductions.co.uk

12 Woodland Glade,

Clevedon,

North Somerset BS21 6AL

 

 

You also have the right to lodge a complaint with UK lead supervisory authority, the Information Commissioner´s Office https://ico.org.uk/, or your local supervisory authority.

 

Date of Last Revision: May 15th, 2018