Our policy is mostly a case of only storing the minimum amount of data any online club would need to operate. We also aim to operate the service to commercial standards of terms of internet security.
Who we are?
The Corkage Club is owned and operated by Alexander Lake, email@example.com, and he is the de facto "data controller". We have a phone number, 020 3000 1855, which you may be able to call and leave a message on, but in general email will give the best results.
What information do we collect?
Your personal information consists of:
- Screen name (needn't be your real name)
- Real name (for internal purposes and sharing with your nominations)
- Email address (for operational and administrative contact). Operational would include notifications and newsletters.
- Phone number (optional) used for text messages and any emergency operational purposes
- For full members, who are making payments, we will obviously be able to track payments to your account, but we don't store full payment details on our system (making our systems exempt from PCI/DSS requirements)
- Any settings and club preferences/subscriptions
How do we use personal information?
- Personalisation of content and user experience
- Account set up and administration
What legal basis do we have for processing your personal data?
- When you register with The Corkage Club, you give consent for us to operate a service for you.
- On leaving the club, we may retain minimal data for audit purposes
When do we share personal data?
- We don't share data with anyone - other than in obvious ways such as when you nominate a restaurant
Where do we store and process personal data?
If you transfer data outside the European Economic Area, outline the measures you will put in place to provide an appropriate level of data privacy protection. Eg contractual clauses, data transfer agreements, etc.
How do we secure personal data?
Data is stored on databases connected to the Internet. We aim to keep servers patched and employ secure passwords. We also operate a backup process to guard against hardware and network failure
• to protect data against accidental loss
• to prevent unauthorised access, use, destruction or disclosure
• to ensure business continuity and disaster recovery
• to restrict access to personal information
How long do we keep your personal data for?
Data is kept for the time of your membership and for 12 months after the account is terminated. Financial information will be kept for 6 years. Data may persist in backups for up to 3 months longer.
Your rights in relation to personal data
If you require a copy of the data held on you, contact the data controller on the email address above in case of
• access to personal information
• correction and deletion
• withdrawal of consent (if processing data on condition of consent)
• data portability
• restriction of processing and objection
• lodging a complaint with the Information Commissioner’s Office
We would expect to deliver a copy of your data/respond to your request within 10 working days.
Use of automated decision-making and profiling
We don't do any of that
Linking to other websites / third party content
Links to third party sites should not be taken as formal endorsement and we can't police any offensive content found on them or vouch for their safety. However, please report any issues and we will deal with them.
Please report any problematic third party content (eg. images, text, etc) and we will deal with them as soon as possible (within 5 working days). If this becomes an issue, we will automate a "whistle-blowing" process.