Privacy Policy

Overview

Privacy is important.

In line with GDPR, we process your personal information only to the extent necessary to fulfil a precise purpose related to our tasks.

We put in place measures to guarantee that your data is kept up-to-date and processed securely.

Here below we provide you with some general information regarding the processing of personal data on our website. Specific information about processing activities outwith our website will be provided separately.

Your rights

You have specific rights when it comes to the processing of your personal data by us. Note that the ICO website has a good description and explanation of these rights.

When your personal data is processed by us, you have the right to know about it. You have the right to access the information.

You can have your information rectified without delay if it is inaccurate or incomplete. You can ask to have it blocked under certain circumstances. You can also object to it, in certain circumstances, on grounds relating to your specific situation.

You can request that any of the above changes be communicated to other parties to whom your data have been disclosed.

You have also the right not to be subject to automated decisions (made solely by machines) affecting you, as defined by law.

You have the right to receive your personal data in a standardised format in case you wish to transfer it to another controller (“data portability”).

You have the right to complain at any time if you believe your data protection rights have been breached.

How to exercise your rights

If we are processing your personal data and you would like to exercise your data protection rights, please write to us. Please email privacy@fettertogether.scot.

We prefer these written requests, as opposed to verbal requests such as by telephone or face-to-face. This is because we may not be able to deal with your request immediately without first analyzing it and reliably identifying you.

Your request should contain a detailed, accurate description of the data you want access to. When there are reasonable doubts regarding your identity, you might be asked to provide a copy of a document, which help us to verify your identity. It can be any document such as your ID card or passport. Should you provide any other documents, personal details such as your name and your address should be clear, in order to be able to identify you, while any other data such as a photo or any personal characteristics, may be blacked out.

Our use of the information on your identification document is strictly limited. Specifically, the data will only be used to verify your identity and will not be stored for longer than needed for this purpose.

Our website

Our website is an important communication tool.

Some of the services offered on our website require the processing of your personal data.

We process personal data collected on our website for the following purposes:

to enable you to have access to our website;
when you send us a request or a complaint by emailing us, through our website, or by other means, for the purpose of management of this request of complaint, and of your related correspondence.

We do not reuse the information for another purpose that is different to the one stated. We will never divulge your personal data for direct marketing purposes.

Under certain conditions outlined in law, we may disclose your information to third parties, such as law enforcement authorities, when it is necessary and proportionate for lawful, specific purposes.

Generally we do not keep your personal information for longer than necessary, given the purposes for which we collected it. Specifically, we keep correspondence of requests and complaints (emails etc.) for two years. We think this is a good balance: On one hand, an archive allows us to consider our previous correspondence with you, when communicating with you again. On the other hand, the limiting the length of time help keep the information relevant and accurate, given that interests can change and lapse with time.

Our website hosting partners

Our website is hosted by our partners. Each of our partners respects your personal data.

Our partners are:

Cloudflare. They are headquartered in the United States. Cloudflare are certified under the Privacy Shield framework. This ensures your data is legally protected to a high standard. We also have an agreement with Cloudflare. This agreement uses standard terms, which, again, ensures your data is legally protected to a high standard.
Netlify. They are headquartered in the United States. We have an agreement with Netlify. This agreement uses standard terms, which ensures your data is legally protected to a high standard.
Prospect One, trading as jsdelivr. They are based in the European Union. As such they also have a strong privacy policy.

Social media is an important communication tool. We use social media on a small to medium scale, to communicate our political message.

We specifically have a main Twitter account.

Per our legitimate interests, we interact with accounts and posts which we find interesting. This includes us liking posts, retweeting posts, and following users. Remember you have a right to object to our use of your using your information.

We also block or mute users who we do not want to engage with.

If you message us, or follow our social media account, this may additionally be considered consent (within reason) for our such interactions on social media. Remember you can withdraw your consent at any time.

For the avoidance of doubt, we do not use social media for automated mass profiling of people.

Attribution

Our privacy policy is adapted from the understandable Data Protection Notice of the European Data Protection Board. The Board’s content is reusable under a simple attribution licence.

Specifics

We also have a Crowdfunding Privacy Policy. That other policy builds upon this one, and is relevant when we crowdfund.