Registered office: Seafish, 18 Logie Mill, Logie Green Road, Edinburgh EH7 4HS.
1.3 We take the issue of security and data protection very seriously and strictly adhere to applicable data protection legislation. We are the data controller of any personal data that you provide us.
1.4 Any questions relating to this policy and our privacy practices should be sent to Data Protection Officer, Sea Fish Industry Authority, 18 Logie Mill, Logie Green Road, Edinburgh EH7 4HS email@example.com.
2 How we collect information from you
2.1 We collect and process your personal information in the following ways:
- you may give us information about you via our website. This may include information you provide when you contact us via the website, or indicate your interest in any of our projects, campaigns or competitions;
- you may give us information by corresponding with us by mail, text, e-mail, (or other form of electronic communication), telephone or in person;
- by visiting our website we may automatically collect technical information which may form personal information; and
- we may receive personal data about you from various third parties and public sources (including Google Analytics);
2.2 We may supplement the information you provide with data from the public domain, such as Companies House and other public databases.
3 What information we collect
3.1 Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data from which an individual can no longer be identified (anonymous data).
3.2 We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:
- Identity Data: includes first name, maiden name, surname name, username or similar identifier, marital status, title, date of birth and gender;
- Contact Data: includes address, email address and telephone numbers;
- Technical Data: includes IP address, geographical location, browser type and version, operating system, referral source;
- Usage Data: includes information about how you use our website such as length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use;
Marketing and Communications Data: includes your preferences in receiving marketing information from us and your communication preference.
4 Why we need this information about you
4.1 We use the information we collect about you:
- to help us with understanding more about how our Website is used;
- to be able to send you communications that may be of interest to you, either electronically, by email or otherwise;
- to be able to respond to your query; and
- for all other purposes consistent with the proper performance of our operations.
You have the right to withdraw consent to marketing at any time by contacting us.
5.1 It is your choice whether you receive information such as marketing news from us. If you indicated that you are interested in receiving regular information about our activities, we may send you communications electronically or by post. We will not contact you for marketing purposes unless you have given your prior consent. If, at any time, you no longer wish to receive this information, please send a written request to firstname.lastname@example.org.
5.2 We use a third party provider, currently Click Dimensions, to manage and deliver our e-newsletters. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter.
5.3 All of our email marketing correspondence gives you the option to opt-out of receiving further marketing emails. Please note that you will still receive emails directly related to an enquiry you raised with us.
7 Data Security
7.1 Please be aware that the transmission of information via the internet is not always completely secure. Although we will do our best to protect your personal data, we cannot guarantee the complete security of your data transmitted to us electronically; any transmission is at your own risk.
7.2 We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
7.3 We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
8 Sharing of your information
8.1 The information you provide to us will be treated by us as confidential. However, we may also disclose your information to our suppliers and service providers for the purposes set out in the policy or for purposes approved by you.
8.2 We require all third parties to respect the security of your personal data and to treat it in accordance with data protection legislation.
8.3 If our organisation is merged with another entity, your information may be disclosed to the other or new entity.
9 How long we will keep your information
9.1 We review our data retention periods regularly and will only hold your personal data for as long as is necessary for the relevant activity, or as required by law (we may be legally required to hold some types of information), or as set out in any relevant contract we have with you.
9.2 To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
10 Your rights
10.1 Under Data Protection legislation, you have the following rights in connection with your personal data, which can be exercised in certain circumstances:
- Right of access: you can request a copy of the personal information we hold about you and check we are processing it lawfully;
- Right to rectification: you can request that any incomplete or inaccurate information we hold about you is corrected;
- Right to erasure: you can request that we delete your personal information where there is no good reason for us to continue to process it. You must provide valid reasoning for your request. This can be exercised in conjunction with the right to object (see below);
- Right to object: you can object to our processing of your personal information where we are processing on the basis of our ‘legitimate interest’ or that of a third party. We shall cease processing your personal data unless there are compelling and legitimate grounds for processing which override your interests;
- Right to restrict processing: you can request that we restrict our processing of your personal information. Information will be retained but not further processed;
- Right to data portability: where processing of personal data is carried out by automated means, you can request the transfer of your personal information to another party;
- Right to withdraw consent: where we are processing your personal data on the basis of consent, you have the right to withdraw your consent where we rely upon it as the lawful basis for processing; and
- Right to not be subject to decision making based on automated processing: you shall have the right to not be subject to decision making based solely on automated means including profiling.
11 Third Party Websites
13 Your Duty To Inform Us
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
14 Contact Us