1. Our Commitment To Personal Data.
The protection of personal data should be your right.
It is our responsibility to do everything we can to protect your data.
Data should ONLY be collected when it is required to provide a certain product or service.
We will NEVER sell, share or disclose your personal data without your permission unless it is requested by warrant by law enforcement agencies.
2. Legislation We Abide By.
robinhowiehillwalker.co.uk follows the guidelines and legislation of the following bodies
We follow the guidelines of the Information Commissioners Office the UK's official data protection body.
All the regulators above impose strict practices when it comes to the processing and storing of your personal data. If you are not from the UK the chances are we will meet the data regulations in your country too. If you wish to check on any aspect of your data protection rights you think may not be covered you can contact us using the contact form at the bottom of any page of this site.
3. Data Retention.
robinhowiehillwalker.co.uk collects very little personal data. Please read on to see what data this site does collect.
3.1 Account Information Data
Registration processes are not used on this site so no personally identifiable data about you will be collected for account purposes.
3.2 Client Mailing List
robinhowiehillwalker.co.uk does not currently run mailing lists of any kind.
3.3 Browser Tracking Information
What: What site you came from to get to our site, what link you clicked, what browser you use, what operating system you use, your geographical location, your IP address.
Why: Like a lot of websites robinhowiehillwalker.co.uk may use Google Analytics and other tracking software to track user interaction with this website. This helps us find out things like how many people visit our site, how they navigate around our site, the pages that are most visited. This data is stored on our website to provide us with traffic analysis. It helps us improve our site and our services. This information does not directly identify you as a person it is just behavioural data. Google may also record your IP address which could be used to identify you, however, they do not give us access to that information.
How Long: This data is purged every 3 years. It is not personally identifying data so there is no way we can remove data about your visits as we do not know what part of the data is attributed to you.
Where: Basic tracking information is stored on our web hosting account with 3001web.com please see third-party providers. Our web host encrypts data during transfer and employs the latest in server security. This data, however, does not personally identify you and is not classed as sensitive personal data.
Any Google based tracking is stored by Google on their servers. While this data may be used to track you Google does not give us access to that kind of information. See third-party providers.
3.4 Email Contact
What: Your email address, your name, your message, your consent to store your details, your IP address, the date and time you submit the email form and any other information you provide.
Why: robinhowiehillwalker.co.uk stores email so that Robin may contact you regarding any message you have sent to him from this site. The contact form on this site simply sends the message to the robinhowiehillwalker.co.uk private business email address. Your data is NOT stored on the website.
How Long: Your emails will be stored for a period in line with UK statutory law for email archiving.
Where: The emails of robinhowiehillwalker.co.uk are stored securely within Robins' business email account hosted by 3001web.com. See third-party providers.
3.5 Email Address Book
What: Your name and email address.
Why: To be able to communicate with you quickly and effectively by email.
How long: This data is deleted if you request that Robin remove it. It may also be cleared periodically if he has not had communication with you in several years.
Where: Robin stores this information securely in his business email account hosted within his account at 3001web.com it is not stored on our website. (see third-party providers.)
4. Where This Site Stores Your Data
The emails sent to robinhowiehillwalker.co.uk via the contact forms on this site are relayed to and stored securely within Robin's business email account hosted by 3001web.com. See third-party providers.
5. Third Party Providers And Data Processors
Some of the services this site uses may process, store or have access to your data to help us run our service to you. We have no control over their processing or data storage however they are all reputable and data protection focussed companies that have been vetted by us. The companies we use are as follows;
6. How We Protect Your Data
Data is encrypted when sent between your devices and our website using 256bit encryption provided by SSL certificates issued for our own site.
Our web hosts servers have regular security checks and hardening performed on them by their server administration team.
Our web hosts servers contain (among others) the following security protocols;
cPHulk brute force protection to protect against brute force attacks
PHP open_basedir Protection
CageFS is enabled This provides filesystem-level protections for our site.
Apache Symlink Protection: CloudLinux protections are in effect ensuring each hosting account is caged and totally separate from other accounts on our cloud.
CSF firewall is installed, and LFD is running.
System kernels are updated instantly as released.
The MySQL port is blocked by the firewall, effectively allowing only local connections.
Password strength requirements are strong at both server level and admin areas for our site.
Outbound SMTP connections are restricted.
Php versions upgraded regularly as soon as they are stable.
Our site is monitored by 3001web for out of date or no longer supported plugins, themes and core code. Any outdated plugins or theme are updated immediately.
We have also installed a site level firewall and security system to protect your data even further.
7. Data Breaches
We will report any unlawful data breach where we believe there is a threat to the personal data of our clients. This will be reported to the ICO in the UK. The report will be submitted within 72 hours if we can establish that personal data was accessed or stolen. In the event that personal data was accessed and in accordance with the GDPR rules we may also inform the data subject (you).
You, of course, may, at any time, prevent the setting of cookies through our website by means of corresponding settings of your Internet browser, and deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programmes. This is possible in all popular Internet browsers. If you deactivate the setting of cookies in your browser, not all functions of our website may be entirely usable.
9. Lawful Basis For The Processing Of Your Data
Robin needs to process your name and email address within his business email accounts to reply to any messages sent to him by email. Other than this he does not process any of your personal data. No personal data is stored on this site.
10. Your Rights As A Data Subject
GDPR and DPA give you the following rights to do with any of your personal data that is stored.
The right to be informed.
Put simply you can ask Robin why he stores your information and what he uses it for. However, that is discussed in detail above.
The right of access
You have a right of access to that data to look at it.
The right to rectification
If any of the information Robin holds about you is incorrect you have the right to have it amended.
The right to erasure (right to be forgotten)
You have the right to have all data Robin has on you erased. If you wish for your name and email account to be erased from Robin's business contacts please contact Robin and ask him to remove you. No personal data of any kind is stored on this website.
The right to restrict processing
If you want to restrict Robin from processing information that is incorrect until it is corrected. When processing is unlawful and you oppose erasure and request restriction instead. If Robin no longer needs your personal data but you require the data to establish, exercise or defend a legal claim.
The right to data portability
The right to data portability allows you to obtain and reuse your personal data for your own purposes across different services.
It allows you to move, copy or transfer personal data easily from robinhowiehillwalker.co.uk to another company in a safe and secure way, without hindrance to usability.
The right to object
You have the right to object to the processing of your data for the following purposes;
Processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
Direct marketing (including profiling); and
Processing for purposes of scientific/historical research and statistics.
robinhowiehillwalker.co.uk does not currently process data in any of these ways.
Rights in relation to automated decision making and profiling.
robinhowiehillwalker.co.uk does NOT employ automated profiling in any way.
11. Changes to this policy