It outlines how we and our website safeguard your personal information and comply with UK Data Protection Act 2018/UK GDPR
We are a Scottish based charity, located in Edinburgh that provides support services to young parent families and pregnant women living in the North Edinburgh area.
Maintaining the security of your data is our priority and are committed to protecting your privacy and the confidentiality of your personal information, not just from a legal perspective but also as an inherent aspect of our core values.
We are resolute in respecting your privacy rights. We commit to handle your data fairly and legally always. We are dedicated to being transparent about what data we collect about you and how we use it.
When you visit our website we do not ask you for any personal information.
If you download, complete and submit any of our forms you will be provided with the relevant Privacy Notice relating to the circumstances involved. It is exclusively for the use of the Stepping Stones (North Edinburgh) and only includes what we need to be able to deliver our support to you.
You will see that you have a number of rights, incuding: –
- To the right to ask what personal data that we hold about you at any time
- the right to ask us to update and correct any out-of-date or incorrect personal data that we hold about you
- the right to opt out of any marketing communications that we may send you.
If you wish to exercise any of the above rights or have any questions, please contact us at the address shown below.
Different retention periods apply for different types of data, however we will not retain your data for longer than either: –
the period(s) of time mandated by law
that necessary for the purposes set out in this notice. The longest we will normally hold any personal data is 7 (seven) years.
We are committed to keeping your personal data safe and secure and we have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Our security measures include: –
- Implementing risk management and data protection impact analysis
- Regular cyber security assessments of all service providers who may handle your personal data
- Security controls which protect our IT infrastructure from external attack and unauthorised access
- Internal policies setting out our data security approach and training for staff.
If you are using a computing device in a public location be sure to satisfy yourself of the validity of any public Wi-Fi service available before connecting to it.
Always log out of your account and close the website browser when you complete an online session.
In addition, we recommend that you take the following security measures to enhance your online safety: -
- keep your account passwords private. Remember, anybody who knows your password may be able to access your account.
- when creating a password it is best to use at least 16 characters. A random combination of letters, symbols and numbers is best. Try not to use easy to guess words, your name, email address, or other personal data that can be easily obtained e.g. from your social media pages or other sites where you share personal information.
- Avoid using the same password for multiple accounts.
- Be careful when accessing the internet from places offering free Wi-Fi and double check it is genuinely their network you are using.
- It is always a good idea to regularly check your accounts for any suspicious, unusual or unexpected activity.
We do gather non-personal data regarding site visitors to our website. This is provided to use statistical information on visits to pages, type of browsers being used to view the site, paths taken through the site and other general information. Under no circumstances can this be linked to a particular person.
Cookies are small text files that are placed on your computer’s hard drive by your web browser when you visit any website.
They help the server to identify your computer but not you as an individual.
They allow information gathered on one web page to be stored until it is needed for use on another, allowing our website to provide you with a streamlined experience and us with statistics about how you use the website so that it can be improved.
The cookies help us to make your visitor session more personal experience. If you wish not to have this facility you are able to disable cookies using that option in your particular browsers settings.
Your web browser should allow you to delete any you choose. It also should allow you to prevent or limit their use (see below).
If you choose not to accept cookies or you prevent their use through your browser settings, you may not be able to use all the functionality of our website.
The cookies on our website are placed by software that operates on our web providers servers, and by software operated by third parties whose services we use e.g. twitter.com. They are used track how you navigate and use our site
You can change cookie settings on your web browser. The way you do this varies depending on the browser you are using.
To opt out of being tracked by Google Analytics across all websites, visit this link: – http://tools.google.com/dlpage/gaoptout.
Our website may, from time to time, contain links to other websites run by other organisations. This privacy notice applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.
In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third-party site and recommend that you check the policy of that third party site.
In addition to these safeguards, your personal data is protected in the UK by the Data Protection Act 2018. This provides amongst other things that the data we hold about you should be processed lawfully and fairly. It should be accurate, relevant and not excessive. The information should be kept up to date, where necessary, and not retained for longer than is necessary. It should be kept securely to prevent unauthorised access by other people.
If at any time our site contains subscription mailing lists there will always be the option to remove you from the aforementioned list. Normally this, “unsubscribe” option will appear at the bottom of the most recently sent email.
Stepping Stones (North Edinburgh) reserves the right to modify and update the terms and conditions of this website. In continually striving to improve our service for our clients we need to be able to enhance the site in ways deemed appropriate.
If you have any questions about how we use your personal data that are not answered here, or if you want to exercise your rights regarding your personal data, please contact us in the first instance via: –
- phone on: – +44 131 551 1632
- e-mail us at: -firstname.lastname@example.org
- letter to: –
The Chief Executive,
Stepping Stones (North Edinburgh),
G3 Inchgarvie Court,
Ferry Road Drive, EH4 4DA.
When you contact us, whether by telephone, through our website, social media or by e-mail, we collect the data you have given to us in order to reply with the information you need.
We record your request and our reply in order to increase the efficiency of our business.
We keep personally identifiable information associated with your message, such as your name and email address so as to be able to track our communications with you to provide a high-quality service.
If you are in any way dissatisfied about how we process your personal information we would expect that you contact us in the first instance to secure a resolution however you have the right to lodge a complaint with the Information Commissioner’s Office (ICO).
This can be done at.
Or in writing to the ICO at the appropriate office address – See https://ico.org.uk/global/contact-us/: –