GDPR COMPLIANCE

Our Privacy Policy

This privacy policy is for the Nicaragua Solidarity Campaign Action Group (NSCAG) website and explains when and why we collect personal information, how we use it, the conditions under which we may disclose it to others and what choices you have. Note that our website may also link to external sites that are not operated by us, so please be aware that we have no control over the content and practices of these sites, and cannot accept responsibility or liability for their respective privacy policies.

We may change this policy from time to time so please check this page occasionally to ensure that you’re happy with any changes. By browsing our website and using our services you’re agreeing to be bound by this policy.

Any questions regarding this policy and our privacy practices should be sent to us by email to admin@nscag.org.uk or via our contact form.

This policy was last updated on 07/09/2021.

1. Who are we?

This website belongs to Nicaragua Solidarity Campaign Action Group. If you require further information about the purposes of accessing your personal data as outlined below please contact the NSC data protection officer and/or website administrators on admin@nscag.org.uk or write to us at: NSCAG, Space4, 113-115 Fonthill Rd, London n4 3HH

2. How do we collect information from you?

We obtain information about you when you submit our contact form, subscribe to our newsletter, make a donation or become a member. We also use Google Analytics to collection information from you as you browse our website.

3. What information do we collect and how is it used?

We collect information to allow us to respond to your enquiries. We also collect information to allow us to monitor the day-to-day operations of the website such as referral links and website traffic (see the Google Analytics section of this policy for more details.) All personal data is stored either in the website database or in the NSCAG office and is only accessed by NSCAGF staff, unless explicitly specified otherwise.

If you do not interact with our organisation for 3 years then we will delete any of your data we have. However, we are required under UK tax law to keep your name, address and contact details for a minimum of six years for gift aid purposes.

3.1. Sensitive Data

We do not gather sensitive personal data (e.g. health, genetic, biometric data; racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sexual orientation, and criminal convictions.) We expressly request that you do not provide any such sensitive data to us.

3.2. Children’s Information

Our website and services are not directed to children. If you learn that a child has provided us with personal information without consent please contact us.

3.3. Site Features

3.3.1. Contact Form

When contacting us via our contact form we ask you to provide your name and email address so that we can respond to your message. This information will be sent via email to the NSCAG website administrator so that they can respond to you directly and a copy will also be stored in our website’s database for reference. Your information may be shared with other persons within our organisation to enable us to better respond to your query.

This information is stored in our website database to which only the website administrators have access, and will be kept for up to 3 years unless you explicitly request that they be deleted.

3.4. Third Parties

We will not sell or rent your information to third parties and we will not share your information with third parties for marketing purposes.

We make use of the following third-parties who may have access to your data:

3.4.1. Google Analytics

When visiting our site we collect information on your browsing behaviour including an anonymised copy of your IP address. This information is collected so that we can analyse website traffic, performance, page popularity, SEO effectiveness and otherwise allow us to improve our website. To achieve this we will share the collected information with Google Analytics, a web analysis service provided by Google Inc. Only the website administrators have access to this Google Analytics account.

We will store this anonymised information for up to 3 years. Additionally we have agreed to Google Inc.’s Data Processing Amendment terms.

Google Inc. may use the data collected to prepare reports on its activities and share them with other Google services as well as to contextualise and personalise the ads of its own advertising network.

Please see Google Inc.’s privacy policy for full details. Google Inc. is based in the US and is a Privacy Shield participant. You can also opt-out of Google Analytics.

3.4.2. Google Fonts

Google Fonts is a typeface visualisation service provided by Google Inc. that allows us to use non-standard fonts and typefaces on our website. It requires the collection of various types of usage data. Please see Google Inc.’s privacy policy for full details. Google Inc. is based in the US and is a Privacy Shield participant.

3.4.3. Google Maps

Google Maps is a maps visualisation service provided by Google Inc. that allows us to display an interactive map. It requires the use of cookies and the collection of usage data. Please see Google Inc.’s privacy policy for full details. Google Inc. is based in the US and is a Privacy Shield participant.

3.4.4. MailChimp

If you choose to subscribe to our newsletter we will ask you to provide your name and email address so that we can add you to our MailChimp address book and periodically send you updates via email. We will not store this information ourselves but will share it with MailChimp, an email address management and message sending service provided by The Rocket Science Group LLC, to be kept until you unsubscribe or otherwise explicitly request to be removed from the mailing list. Only the website administrators have access to the MailChimp account. See MailChimp’s privacy policy for full details. The Rocket Science Group LLC is based in the US and is a Privacy Shield participant.

3.4.5. PayPal

If you choose to make a donation or become a member we will ask you for financial details so that we can charge you. We do not store this information ourselves but may share it with PayPal, a payment gateway service who we use to facilitate financial transactions. PayPal will keep this information as set out in their own privacy policy. Only the website administrators have access to the PayPal account. See PayPal’s privacy policy for full details. PayPal is based in the US.

3.4.6. Stripe

If you choose to make a donation or become a member will ask you for financial details so that we can charge you. We do not store this information ourselves but may share it with Stripe, a payment gateway service who we use to facilitate financial transactions. Stripe will keep this information as set out in their own privacy policy. Only the website administrators have access to the Stripe account. See Stripe’s privacy policy for full details. Stripe is based in the US and is a Privacy Shield participant.

3.4.7. YouTube

The YouTube widget is a video content visualization service provided by Google Inc. that allows us to directly incorporate videos hosted with YouTube on the website. It requires the use of cookies and the collection of usage data. Please see Google Inc.’s privacy policy for full details. Google Inc. is based in the US and is a Privacy Shield participant.

3.5 Do Not Track

We do not currently support “Do Not Track” requests. To determine whether any of the third-party services above honour “Do Not Track” requests please read their privacy policies.

3.6. Hosting and Server Logs

Our website is hosted by GreenNet.

4. Controlling your information

You have certain rights concerning the information we hold about you, as defined under the General Data Protection Regulation. If you wish to exercise these rights please contact us and be sure to include your email address since this is the unique identifier we use to identify and collate personal information.

4.1. Requesting a copy of your information

You may request a copy of any data we hold about you. Upon request, we will provide a CSV file containing the personal data we hold on record about you.

4.2. Updating or correcting your information

If you change email address, or if any of the other information we hold is inaccurate or out of date, please contact us so we may correct our records.

4.3. Deleting your information

You have the right to request erasure of your personal information. Unless there is a compelling reason for the data not to be erased (for example, if we need to use that data to fulfil our contractual or legal obligations), your personal data will be deleted on request.

5. Use of cookies

Our website uses cookies. Cookies are small pieces of information that are stored on your device when you visit a website. These are used to ensure the correct operation of our website, as well as in any way stated in section 3 above.

By using and browsing this website you consent to cookies being used in accordance with this policy. If you do not consent, you must turn off cookies or refrain from using the site. Most browsers allow you to turn off cookies. To do this look at the help menu on your browser. Switching off cookies may noticeably restrict your use of this website.

6. Security

In order to protect your information from loss, misuse or unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect. These steps include the following:

  • Encryption in transit: all information is sent over secure connections using modern encryption
  • Data minimisation: we only collect and store the information that is essential to the operation of our organisation as outlined above
  • Password best practice: all administrator and user accounts have strong passwords
  • Security best practice concerning devices (PCs, laptops, mobile devices), online accounts, physical access and storage
  • Training and accountability on data protection

For more information on the security aspects of our data storage and hosting servers please refer to the GreenNet Code of Practice.

7. Data Breaches

Steps have been taken to minimise the risk of a data breach, as well as the impact of any breach should it occur. For more information on the security aspects of our data storage and hosting servers please refer to the GreenNet Code of Practice.

Where appropriate we will promptly notify you of any unauthorised access to your personal information.

8. Complaints

If you wish to raise a complaint on how we have handled your personal information you can contact us directly and we will investigate the matter.

If you are not satisfied with our response or believe we are processing your personal information not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).