This privacy policy sets out how Churches Trust for Cumbria uses and protects any information that you give Churches Trust for Cumbria when you use this website. Churches Trust for Cumbria is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.

Churches Trust for Cumbria may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 20th Feb 2024.

1. OUR CORE BELIEFS REGARDING USER PRIVACY AND DATA PROTECTION 

User privacy and data protection are human rights We have a duty of care to the people within our data Data is a liability, it should only be collected and processed when absolutely necessary We loathe spam as much as you do! We will never sell, rent or otherwise distribute or purposefully make public your personal information – that’s a promise

2. RELEVANT LEGISLATION 

Along with our business and internal computer systems, this website is designed to comply with the following national and international legislation with regards to data protection and user privacy: Data Protection Act 2018 (DPA) UK General Data Protection Regulation 2018 (GDPR) This site’s compliance with the above legislation, all of which are stringent in nature, means that this site is likely compliant with the data protection and user privacy legislation set out by many other countries and territories as well. If you are unsure about whether this site is compliant with your own country of residences’ specific data protection and user privacy legislation you should contact our data protection officer (details of whom can be found in section 9.0) for clarification.

3. PERSONAL INFORMATION DATA WE COLLECT AND WHY WE COLLECT IT 

We only collect personal information data that is relevant to the purpose of our website. This information allows us to provide you with a customised and efficient experience. We collect the following types of information from our users:

3.1 Site visitation tracking Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website. Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. We consider Google to be a third party data processor (see section 6.0 below). GA makes use of cookies, details of which can be found on Google’s developer guides. Our website uses the analytics.js implementation of GA. Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website.
3.2 Contacting us using a form If you choose to contact us using the pop-up or contact page forms then we will collect your name (as you have written it) and email address. Your telephone number is optional. The form submits the message via a secure SSL connection directly to our email inbox, the website itself does not store any of your details.

4. COOKIES USED ON THIS WEBSITE 

A cookie is a small file which asks permission from your browser to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow websites to respond to you as an individual, but do not necessarily identify you personally.

4.1 Google Analytics The only cookies currently used on this website are set by the Google Analytics (GA) service, using the analytics.js implementation of GA. These cookies allow GA to assign users with a unique ID and track visits to our site in our GA account. For full details on what cookies are being set you can visit the Google Analytics developer pages.
4.2 Managing Cookies To change how cookies are managed you can learn more by visiting the page linked below relevant to your browser: Google Chrome MacOS Safari Firefox Edge

5. SECURING DATA TRANSFER & THIS WEBSITE’S SERVER 

The connection your web browser has to our site is secured with an SSL certificate from Let’s Encrypt meaning any data transferred from our server to your browser (or from you to us) is encrypted and secure. The website is hosted by Siteground within a UK data centre located just outside London.

6. OUR DATA PROCESSORS 

6.1 Personal Data Processors Our main third party that processes personal data on our behalf is Google. This third party has been carefully chosen and complies with the legislation set out in section 2.0. They are based in the USA and are EU-U.S Privacy Shield compliant. Google (Privacy policy)

7. DATA BREACHES 

Any unlawful data breach of this website’s database or the database(s) of any of our third party data processors will be reported to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.

8. CONTROLLING YOUR PERSONAL DATA

8.1 Data Handling We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen. You may request details of personal information which we hold about you, if you would like a copy of the information held on you please contact us. You may also request that we delete or anonymise any data we hold about you, if you would like us to do this, please contact us

8.2 DATA CONTROLLER The data controller of this website is: Churches Trust for Cumbria whose operating office is:
Registered office: Church House, West Walls, Carlisle CA3 8UE

8.3 DATA PROTECTION OFFICER Jayne Potts

9. CHANGES TO OUR PRIVACY POLICY 

This privacy policy may change from time to time in line with legislation or industry developments. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes. Specific policy changes and updates are mentioned in the change log below.

9.1 Change Log 20/02/2024 – Policy Instigated