The policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the users, the website and website owners. Furthermore the way this website processes, stores and protects user data and information will also be detailed within this policy.
This website and it’s owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website comply’s to all UK national laws and requirements for user privacy.
Cookies are small files saved to the users computers hard drive that track, save and store information about the users interactions and usage of the website. This allows the website, through it’s server to provide the users with a tailored experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and it’s external serving vendors.
Other cookies may be stored to your computers hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.
Contact & Communication
Users contacting this website and/or it’s owners do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use, as detailed in the Data Protection Act 1998. Every effort has been made to ensure a safe and secure form to email submission process but advise users using such form to email processes that they do so at their own risk.
This website and it’s owners use any information submitted to provide you with further information about the products / services they offer or to assist you in answering any questions or queries you may have submitted. This includes using your details to subscribe you to any email newsletter program the website operates but only if this was made clear to you and your express permission was granted when submitting any form to email process. Or whereby you the consumer have previously purchased from or enquired about purchasing from the company a product or service that the email newsletter relates to. This is by no means an entire list of your user rights in regard to receiving email marketing material. Your details are not passed on to any third parties.
This website operates an email newsletter program, used to inform subscribers about products and services supplied by this website. Users can subscribe through an online automated process should they wish to do so but do so at their own discretion. Some subscriptions may be manually processed through prior written agreement with the user.
Subscriptions are taken in compliance with UK Spam Laws detailed in the Privacy and Electronic Communications Regulations 2003. All personal details relating to subscriptions are held securely and in accordance with the Data Protection Act 1998. No personal details are passed on to third parties nor shared with companies / people outside of the company that operates this website. Under the Data Protection Act 1998 you may request a copy of personal information held about you by this website’s email newsletter program. A small fee will be payable. If you would like a copy of the information held on you please write to the business address at the bottom of this policy.
Email marketing campaigns published by this website or it’s owners may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database for future analysis and evaluation. Such tracked activity may include; the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity [this is by no far a comprehensive list].
This information is used to refine future email campaigns and supply the user with more relevant content based around their activity.
In compliance with UK Spam Laws and the Privacy and Electronic Communications Regulations 2003 subscribers are given the opportunity to un-subscribe at any time through an automated system. This process is detailed at the footer of each email campaign. If an automated un-subscription system is unavailable clear instructions on how to un-subscribe will by detailed instead.
Although this website only looks to include quality, safe and relevant external links users should always adopt a policy of caution before clicking any external web links mentioned throughout this website.
The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should therefore note they click on external links at their own risk and this website and it’s owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Adverts and Sponsored Links
This website may contain sponsored links and adverts. These will typically be served through our advertising partners, to whom may have detailed privacy policies relating directly to the adverts they serve.
Social Media Platforms
Communication, engagement and actions taken through external social media platforms that this website and it’s owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. This website nor it’s owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
Shortened Links in Social Media
This website and it’s owners through their social media platform accounts may share web links to relevant web pages. By default some social media platforms shorten lengthy url’s [web addresses].
Users are advised to take caution and good judgement before clicking any shortened url’s published on social media platforms by this website and it’s owners. Despite the best efforts to ensure only genuine url’s are published many social media platforms are prone to spam and hacking and therefore this website and it’s owners cannot be held liable for any damages or implications caused by visiting any shortened links.
Informated Disclosed in Connection with Business Transactions
Information that we collect from our users, including Personal Data, is a business asset. If ORBIT RRI is involved in a merger, acquisition or spin-out. some or all of our assets including the data connected with your account (name, email address and organisation) will be disclosed or transferred to the third party or spun out organisation. If this occurs we will inform you via email and can assure you that your data will be handled with the upmost care and attention.
The new General Data Protection Regulation (GDPR) will become enforceable from the 25th of May 2018 and will replace the Data Protection Act (DPA) currently in use at the time of writing. ORBIT prepared for the GDPR by addressing the following points:
- Awareness: all members of the team are aware that the law is changing to the GDPR.
- Information it holds: ORBIT is documenting which personal data it holds, where it comes from and who has access to it. The personal data that is collected consists of name, email address and affiliation of the people registered on the website. These informations are stored on the ORBIT server using 256 bit SSL encryption protected by CloudFlare and SSL. Only three members of ORBIT can access this via encrypted password secure admin access.
- Communicating privacy information: the privacy notices of ORBIT website have been changed according to the GDPR implementations. This includes an explanation of ORBIT lawful basis for processing the data, the data retention period and the how the data will be used. These concepts are expressed in an easy to understand language.
- Individual’s rights: ORBIT’s procedures have been checked to ensure that they cover all the rights that individuals have. This has been reflected in the privacy notices of the ORBIT website.
- Subject access requests: the way in which subject access requests are handled take into account the new GDPRs rules.
- Lawful basis for processing personal data: the lawful basis of ORBIT for processing data are described in the privacy notices of the project and are available online to all the visitors of the website.
- Consent: An explicit consent is required when registering on the ORBIT website and filling the Terms and Conditions of the services.
- Children: ORBIT does not offer any online service specific to children and thus will not require a parental or guardian consent for any data processing activity. Furthermore, a system to verify individuals’ ages is not necessary as the website does not contain any material that is considered inadequate to certain age groups.
- Data breaches: the project has procedures to detect, report and investigate personal data breaches. This is achieved by running hourly checks on the website and diagnostics via Cloudflare to ensure there are no data breaches.
- Data Protection by Design and Data Protection Impact Assessments: ORBIT adopts a privacy by design approach as it takes privacy into consideration from the start. A Data Protection Impact Assessment (DPIA) would not be necessary as the processing of the data collected does not result in any high risk to individuals.
- Data Protection Officers: since ORBIT does not carry out a regular and systematic monitoring of data of individuals on a large scale, nor it deals with special categories of data, a Data Protection Officer is not required.
- International: the project operates for now only in the UK. As such, a lead data protection supervisory authority is not necessary. Should ORBIT expand its activity to other countries in the EU then this point will be re-considered.
Your information and protection
The ORBIT website is encrypted using 256-bit SSL security, and is hosted at one of the largest and most secure data centres in the UK. We also work directly with Cloudflare and our website is scanned every 4 hours for potential issues which are then dealt with in real time. If you would like to learn more about our commitment to data protection, please contact us.