Privacy & Cookies

Your privacy is important to us.

All data collected through the use of our website site is intended to be used as a means to further our fundamental aims of collaboration and the betterment of the Regional Park experience.

Core principles

  • We consider user privacy and data protection to be vitally important.
  • We adhere to the principles of “privacy-by-design”.
  • We will only collect and process data when necessary
  • We will never sell, rent or otherwise distribute or make public your personal information
  • Our website is not intended for use by children and we do not knowingly collect any data relating to children.

Who We are

The Pentland Manager Association (PLMA) is responsible for the data outlined in the privacy notice. As such, we are considered the “controller” of this data.

Our contact details are: [email protected]

Relevant Legislation

Along with PLMA’s business and member's internal computer systems, this website is designed to comply with the following national and international legislation with regards to data protection and user privacy:

This site’s compliance with the above legislation, all of which are stringent in nature, means that this site is likely compliant with the data protection and user privacy legislation set out by many other countries and territories as well. If you are visiting this website from outside of the EU, please check your own country of residence's specific data protection and user privacy legislation before proceeding to view our website.

Personal Data That We May Collect

Personal data is any data about an individual by which that person can be identified. If conducting business with you, it may be necessary for us to collect the following data:

  • Identity Data - including your first and last name.
  • Contact Data - including your address, email address and telephone numbers.
  • Financial Data - if you opt to donate towards our cause it may be necessary for us to collect payment details from you. This data will not be retained in any form.
  • Transaction Data - including details about financial transactions between you and us.

Other Data That We May Collect

Website Analytics

Our site uses Plausible Analytics to collect data about user interaction. We have chosen them as our provider of analytics hosted within the EU due to their privacy-focussed business model. None of the information gathered by Plausible personally identifies you to us.

"By using Plausible Analytics, all the site measurement is carried out absolutely anonymously. Cookies are not set and no personal data is collected. All data is in aggregate only." - Plausible Analytics - read more...

We use Cloudflare within our website for security and performance purposes. Cloudflare and other firewall software used in the service of the website may log your IP address for security purposes. This information is not used to personally identify you.

We consider Plausible, and Cloudflare to be third party data processors (see section 8 below).

How We Collect Data

Email / Telephone / Verbal

You may contact us via email, telephone, or in person - within which communications you may choose to divulge identity, contact and other personal data. We endeavour to take all reasonable measures to ensure any such data is held securely.

Cookies

We use only use technologies such as necessary or essential cookies where required to ensure the correct functioning of the website. We do not use tracking cookies or other such technology for the purposes of re-marketing or advertising.

You may disable the use of cookies via the preferences on your web browser. You may also delete any cookies that are stored on your computer. Be aware however that some functions within the website may rely on cookies to operate correctly.

To find out more about cookies in general, and how to manage and delete them, visit www.allaboutcookies.org.

If you do not wish to accept cookies from our website, please leave this site immediately and delete and block all cookies from this site. Your continued usage of this website will be taken as consent that you accept our usage of cookies.

How we use your data

Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Performance of Contract. This means processing your data where it is necessary for us to fulfil a contract with you or to take steps at your request before entering into such a contract.
  • Legitimate Interest. This means the interest of our business in conducting and managing our business to provide the best and most secure service possible. We consider and balance any potential impact on you (positive and negative) and your rights before we process your personal data for legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
  • Comply with a legal or regulatory obligation. This means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.

Below is a description of the ways we plan to use your personal data, with the legal basis we rely on to do so. We may process your personal data on more than one legal basis depending on specific circumstances.

Purpose / Activity: To reply to requests for information

Type of data: Identity / Contact

Lawful basis for processing including basis of legitimate interest: Necessary for our legitimate interests / Necessary to comply with a legal obligation

Purpose / Activity: To manage payments / Collect & recover money owed to us

Type of data: Identity / Contact / Transaction / Financial

Lawful basis for processing including basis of legitimate interest: Performance of a contract with you / Necessary for our legitimate interests (eg. to recover debt)

Purpose / Activity: To manage our relationship with you

Type of data: Identity / Contact

Lawful basis for processing including basis of legitimate interest: Performance of Contract / Necessary to comply with a legal obligation

Other Data / Website Analytics

We use the information we gather with Plausible and Cloudflare to further the aims of PLMA, improve our website and security, and to gain insight into the viability or success of marketing campaigns. For these purposes, we may examine trends, track users’ movements around the website and gather information about the use of our website for the purpose of analytics.

Who we share data with

We may have to share your personal data with Professional advisers including lawyers, bankers, auditors and insurers who provide banking, legal, insurance and accounting services

HM Revenue & Customs, regulators and other based in the United Kingdom who require reporting of processing activities in certain circumstances.

We require all 3rd parties to respect the security of personal data and treat it in accordance with the law.

3rd Party Processors

We share data with several 3rd parties for the purposes of processing data (in some instances personal data) on our behalf. These 3rd parties have been carefully chosen and comply with the legislation set out in section 3. Among these 3rd party providers are analytics and security service providers. If you do not consent to your data being shared with these data processors, please do not use our website.

Data storage

Website & Email

No personal data is stored or displayed by this website.

Data provided to us for the purposes making an enquiry via email are stored as emails within a secure IMAP email account provided by a GDPR compliant third party. Emails are then securely synced to assigned members' computer systems. This data is password protected and TLS encryption is used in its transfer.

Physical Data Storage

If paper copies of personal data or communications containing personal data are made, they will be kept in secure filing systems.

3rd Party Processor Data Storage

Where data is stored by 3rd party data processors, it is done so on our understanding that storage is secure and compliant with all relevant legislation. This is an important consideration for us when selecting 3rd Party data processor partners.

Data Security

We use appropriate security measures to prevent personal data from being lost, used or accessed in an unauthorised way.

We limit access to personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Data Retention

We only retain personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the nature, and sensitivity of the data, the potential risk of harm from its unauthorised use or disclosure, the purposes for which we gathered the personal data and any applicable legal requirements.

Your legal rights

Unless subject to an exemption under the data protection laws, you have rights with respect to your personal data. You may find out more about these rights and how to exercise them here: https://ico.org.uk/your-data-matters/

If you do wish to exercise any of your legal rights, please contact us.

You will not have to pay a fee to access your personal data (or to exercise any of your other rights). However, we may charge a reasonable admin fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Changes to our Privacy Policy

This privacy policy may change in line with legislation or industry developments. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for changes.