Privacy Policy
Tewkesbury Borough Council (“we”, “us”, or “our”) is firmly committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit or interact with our website, tewkesburybc.com, and use our services. We are dedicated to maintaining the privacy, integrity, and security of your personal information in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Introduction
We value your trust and place a high priority on ensuring your data is processed lawfully, fairly, and transparently. This Privacy Policy outlines our practices regarding the collection, use, and disclosure of your data, and it establishes our commitment to vigilance, data minimization, and user empowerment in all aspects of our operations.
2. Scope and Data Controller
This Privacy Policy applies to all personal data processed through tewkesburybc.com, as well as related communications and services operated by or on behalf of Tewkesbury Borough Council. For the purposes of applicable data protection laws, we act as the Data Controller for the personal information you provide or that we collect.
3. Categories of Personal Data We Collect
We collect a range of personal data depending on your relationship with us and the nature of your interaction with our website or services:
– Usage Data: Includes information about how you use our website, such as your IP address, browser type and version, device identifiers, referral sources, length of visit, page views, and website navigation paths.
– Account Data: If you create an account or enter into a contract with us, we may collect your full name, postal address, email address, and phone number.
– Profile Data: Includes your preferences, feedback, product purchases, inquiry history, and actions taken on our site such as saved favorites or subscriptions.
– Communication Data: Includes records of your correspondence with us, including support requests, messages sent via forms, or email conversations with our staff.
– Technical Data: Includes device information like your operating system, browser configuration, screen resolution, and time zone settings.
– Transaction Data: Includes details associated with purchases or service use, including billing information, delivery address, and transaction history (note: we do not store full credit card or financial account information; such processing occurs securely via our third-party payment gateway providers).
– Preference Data: Includes information about your communication preferences, product interests, and marketing consent settings.
4. Legal Bases for Processing
We rely on several lawful bases under GDPR and applicable U.S. privacy laws to process your personal data:
– Consent: Where you have given explicit permission for specific processing purposes, such as subscribing to newsletters or accepting cookies.
– Contractual Necessity: Where processing is required to perform our obligations under a contract with you, such as account management or order fulfillment.
– Legal Obligation: Where we must comply with a legal requirement, such as fraud prevention or audit compliance.
– Legitimate Interests: Where we have a legitimate business interest in processing your information in a way that does not override your rights and freedoms—for instance, securing our platforms, analyzing user behavior to improve services, or handling inquiries.
5. Your Rights
You have the following rights with respect to your personal data, subject to applicable law:
– Right of Access: You may request details of the personal data we hold about you.
– Right to Rectification: You may request correction of inaccurate, incomplete, or outdated data.
– Right to Erasure: You have the right to request deletion of your personal data where we have no legal basis to continue processing it.
– Right to Restrict Processing: You may request limited usage of your data in certain circumstances.
– Right to Data Portability: You may request to receive your personal data in a commonly used, machine-readable format and request its transfer to another controller.
– Right to Object: You may object to the processing of your personal data for direct marketing or other specific purposes based on our legitimate interests.
To exercise your rights at any time, please contact us at [email protected].
6. Security Measures
We apply appropriate technical and organizational safeguards to protect your personal data. These measures include:
– Data encryption (both in transit and at rest)
– Role-based access controls and authentication mechanisms
– Regular data backups and disaster recovery protocols
– Continuous monitoring and threat detection
– Mandatory privacy and security training for staff
7. International Data Transfers
If your data is transferred outside of the UK, the EU, or California, we ensure that such transfers are conducted in accordance with international data protection standards. Where required, we utilize Standard Contractual Clauses approved by the European Commission or other appropriate safeguards to ensure adequate levels of protection.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes described in this policy:
– Account and Profile Data: Retained for as long as your account remains active or as necessary to provide our services.
– Transaction Data: Retained for 7 years, in line with financial and tax regulations.
– Communication and Support Data: Retained for up to 3 years following resolution of your inquiry.
– Technical and Usage Data: Retained for up to 2 years for analytics and site optimization purposes.
When no longer required, your data is securely deleted or anonymized.
9. Cookie Policy
Our website, tewkesburybc.com, uses cookies to enhance functionality, analyze performance, and provide personalized services. The categories of cookies we use include:
– Essential Cookies: Necessary for core site functionality and security.
– Functional Cookies: Enable enhanced features such as language preference and saved settings.
– Performance Cookies: Collect information about how visitors use the site to help us improve user experience.
– Analytics Cookies: Help us understand usage patterns and optimize our content strategies.
10. Cookie Management and GDPR/CCPA Compliance
You may manage or disable cookies through your browser settings or via the cookie preferences available on our site. Where required by law (e.g., GDPR), we obtain your explicit consent prior to setting non-essential cookies. California residents may also exercise “Do Not Sell or Share My Personal Information” rights by using our dedicated consent management tool.
11. Children’s Privacy
Our services are not directed to children under the age of 13, and we do not knowingly collect personal data from children without verifiable parental consent. If you believe we have unintentionally collected information from a child, please contact us immediately at [email protected] so we may take appropriate steps.
12. Policy Updates
We reserve the right to update this Privacy Policy from time to time to reflect legal, technical, or operational changes. All updates will be posted to this page, and where appropriate, we may notify you via email or through website alerts.
13. Contact Us
If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, please do not hesitate to contact us at:
Email: [email protected]
Website: https://tewkesburybc.com
We are committed to ensuring compliance with the relevant data protection laws and invite you to reach out with any privacy-related concerns. Your data privacy matters to us.