Effective Date: 24/11/2024
The Sudbury Chamber of Commerce (“we,” “us,” or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and protect your information.
1. Who We Are
The Sudbury Chamber of Commerce is a membership-based organisation supporting local businesses. We act as the data controller for personal data collected through this Website.
2. Data We Collect
We collect and process the following types of personal data:
- Identity Information: Name, business name, job title.
- Contact Information: Email address, phone number, postal address.
- Payment Information: Billing details (processed securely through third-party providers).
- Membership Information: Preferences, event attendance, and membership status.
- Technical Data: IP address, browser type, and usage patterns (via cookies).
3. How We Use Your Data
We process personal data for the following purposes:
- Membership Management: To process applications, renewals, and cancellations.
- Service Delivery: To provide access to member-only resources, event management, and business directories.
- Communication: To send updates, newsletters, and event notifications.
- Analytics: To monitor and improve the Website’s performance.
- Legal Compliance: To meet our legal obligations, such as tax records or GDPR compliance.
4. Legal Basis for Processing
We process your personal data based on the following lawful grounds:
- Contractual Necessity: To fulfil our obligations under your membership.
- Legitimate Interests: For administrative purposes and to improve our services.
- Consent: For specific uses such as marketing emails (you can withdraw consent anytime).
- Legal Compliance: To comply with UK laws.
5. How We Share Your Data
We may share your data with:
- Service Providers: Payment processors, IT support, and hosting providers.
- Event Organisers: To facilitate member participation in events.
- Legal or Regulatory Authorities: If required by law.
We do not sell or share personal data with third parties for their marketing purposes.
6. Cookies and Tracking Technologies
The Website uses cookies to improve functionality and analyse usage patterns.
- Essential Cookies: Required for the operation of the Website.
- Analytics Cookies: Used to measure site performance (e.g., Google Analytics).
You can manage cookies through your browser settings.
7. How We Protect Your Data
We implement appropriate technical and organisational measures to safeguard your personal data, including:
- Encryption of payment information.
- Regular security audits and updates.
- Restricted access to personal data on a need-to-know basis.
8. Data Retention
We retain personal data only as long as necessary for:
- Membership management.
- Legal or regulatory requirements.
- Historical purposes (e.g., anonymised analytics).
When data is no longer needed, we securely delete or anonymise it.
9. Your Data Rights
Under the UK GDPR, you have the following rights:
- Access: Request a copy of your data.
- Rectification: Request corrections to inaccurate or incomplete data.
- Erasure: Request deletion of your data (subject to legal obligations).
- Restriction: Request limits on how your data is processed.
- Data Portability: Receive your data in a machine-readable format.
- Objection: Opt out of specific processing, including marketing.
- Withdraw Consent: At any time, where processing is based on consent.
To exercise your rights, contact us at [Insert Contact Information]. You may also lodge a complaint with the UK Information Commissioner’s Office (ICO) at www.ico.org.uk.
10. Third-Party Links
The Website may include links to third-party sites. We are not responsible for their privacy practices. Please review their policies before sharing your data.
11. Updates to This Policy
We may update this Privacy Policy to reflect changes in our practices or legal requirements. Any updates will be posted on this page with the effective date.
12. Contact Us
If you have questions or concerns about this Privacy Policy, please contact us.