Privacy Policy

Privacy policy
1. Introduction
1.1 We are committed to safeguarding the privacy of our website visitors; in this policy we explain how we will treat your personal information.
1.2 By using our website and agreeing to this policy, you consent to our use of cookies in accordance with the terms of this policy.
2. Credit
2.1 This document was created using a template from SEQ Legal (http://www.seqlegal.com).
3. Collecting personal information
3.1 We may collect, store and use the following kinds of personal information:
(a) Information about your computer and about your visits to and use of this website (including [your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths]);] (b) [information that you provide to us when registering with our website (including [your email address]);] (c) [information that you provide when completing your profile on our website (including [your name, profile pictures, gender, date of birth,);] (d) [information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters (including [your name and email address]);] (e) [information that you provide to us when using the services on our website, or that is generated in the course of the use of those services (including [the timing, frequency and pattern of service use]);] (f) [information relating to any purchases you make of our [goods / services / goods and/or services] or any other transactions that you enter into through our website (including [your name, address, telephone number, email address);] (g) [information that you post to our website for publication on the internet (including [your user name, your profile pictures and the content of your posts]);] (h) [information contained in or relating to any communication that you send to us or send through our website (including [the communication content and metadata associated with the communication]);] (i) [any other personal information that you choose to send to us; and] (j) [[provide details of other personal information collected].] 3.2 Before you disclose to us the personal information of another person, you must obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with this policy.
4. Using personal information
4.1 Personal information submitted to us through our website will be used for the purposes specified in this policy or on the relevant pages of the website.
4.2 We may use your personal information to:
(a) [administer our website and business;] (b) [personalise our website for you;] (c) [enable your use of the services available on our website;] (d) [send you goods purchased through our website;] (e) [supply to you services purchased through our website;] (f) [send statements, invoices and payment reminders to you, and collect payments from you;] (g) [send you non-marketing commercial communications;] (h) [send you email notifications that you have specifically requested;] (i) [send you our email newsletter, if you have requested it (you can inform us at any time if you no longer require the newsletter);] (j) [send you marketing communications relating to our business [or the businesses of carefully-selected third parties] which we think may be of interest to you, by post or, where you have specifically agreed to this, by email or similar technology (you can inform us at any time if you no longer require marketing communications);] (k) [provide third parties with statistical information about our users (but those third parties will not be able to identify any individual user from that information);] (l) [deal with enquiries and complaints made by or about you relating to our website;] (m) [keep our website secure and prevent fraud;] (n) [verify compliance with the terms and conditions governing the use of our website [(including monitoring private messages sent through our website private messaging service)]; and] (o) [[other uses].] 4.3 If you submit personal information for publication on our website, we will publish and otherwise use that information in accordance with the licence you grant to us.
4.4 Your privacy settings can be used to limit the publication of your information on our website, and can be adjusted using privacy controls on the website.
4.5 We will not, without your express consent, supply your personal information to any third party for the purpose of their or any other third party’s direct marketing.
4.6 All our website financial transactions are handled through our payment services provider, paypal.com. You can review the provider’s privacy policy at paypal.com. We will share information with our payment services provider only to the extent necessary for the purposes of processing payments you make via our website, refunding such payments and dealing with complaints and queries relating to such payments and refunds.
5. Disclosing personal information
5.1 We may disclose your personal information to [any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors] insofar as reasonably necessary for the purposes set out in this policy.
5.2 We may disclose your personal information to any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes set out in this policy.
5.3 We may disclose your personal information:
(a) to the extent that we are required to do so by law;
(b) in connection with any ongoing or prospective legal proceedings;
(c) in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
(d) [to the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling; and] (e) [to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information.] 5.4 Except as provided in this policy, we will not provide your personal information to third parties.
6. International data transfers
6.1 Information that we collect may be stored and processed in and transferred between any of the countries in which we operate in order to enable us to use the information in accordance with this policy.
6.2 Information that we collect may be transferred to the following countries which do not have data protection laws equivalent to those in force in the European Economic Area: [the United States of America, Russia, Japan, China and India].
6.3 Personal information that you publish on our website or submit for publication on our website may be available, via the internet, around the world. We cannot prevent the use or misuse of such information by others.
6.4 You expressly agree to the transfers of personal information described in this Section 6.
7. Retaining personal information
7.1 This Section 7 sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal information.
7.2 Personal information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
7.3 Without prejudice to Section 7.2, we will usually delete personal data falling within the categories set out below at the date/time set out below:
(a) personal data type will be deleted 24 months after purchase.

7.4 Notwithstanding the other provisions of this Section 7, we will retain documents (including electronic documents) containing personal data:
(a) to the extent that we are required to do so by law;
(b) if we believe that the documents may be relevant to any ongoing or prospective legal proceedings; and
(c) in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
8. Security of personal information
8.1 We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
8.2 We will store all the personal information you provide on our secure (password- and firewall-protected) servers.
8.3 All electronic financial transactions entered into through our website will be protected by encryption technology.
8.4 You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
8.5 You are responsible for keeping the password you use for accessing our website confidential; we will not ask you for your password (except when you log in to our website).
9. Amendments
9.1 We may update this policy from time to time by publishing a new version on our website.
9.2 You should check this page occasionally to ensure you are happy with any changes to this policy.
9.3 We may notify you of changes to this policy [by email or through the private messaging system on our website].
10. Your rights
10.1 You may instruct us to provide you with any personal information we hold about you; provision of such information will be subject to:
(a) the payment of a fee (currently fixed at GBP 10); and
(b) the supply of appropriate evidence of your identity [(for this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address)].
10.2 We may withhold personal information that you request to the extent permitted by law.
10.3 You may instruct us at any time not to process your personal information for marketing purposes.
10.4 In practice, you will usually either expressly agree in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt out of the use of your personal information for marketing purposes.
11. Third party websites
11.1 Our website includes hyperlinks to, and details of, third party websites.
11.2 We have no control over, and are not responsible for, the privacy policies and practices of third parties.
12. Updating information
12.1 Please let us know if the personal information that we hold about you needs to be corrected or updated.
13. Cookies
13.1 Our website uses cookies.
13.2 A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
13.3 Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
13.4 Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
13.5 We use both session and persistent cookies on our website.
13.6 The names of the cookies that we use on our website, and the purposes for which they are used, are set out below:
(a) we use towncitycards.com on our website to [recognise a computer when a user visits the website / track users as they navigate the website / enable the use of a shopping cart on the website / improve the website’s usability / analyse the use of the website / administer the website / prevent fraud and improve the security of the website / personalise the website for each user / target advertisements which may be of particular interest to specific users
13.7 Most browsers allow you to refuse to accept cookies; for example:
(a) in Internet Explorer (version 11) you can block cookies using the cookie handling override settings available by clicking “Tools”, “Internet Options”, “Privacy” and then “Advanced”;
(b) in Firefox (version 39) you can block all cookies by clicking “Tools”, “Options”, “Privacy”, selecting “Use custom settings for history” from the drop-down menu, and unticking “Accept cookies from sites”; and
(c) in Chrome (version 44), you can block all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Content settings”, and then selecting “Block sites from setting any data” under the “Cookies” heading.
13.8 Blocking all cookies will have a negative impact upon the usability of many websites.
13.9 If you block cookies, you will not be able to use all the features on our website.
13.10 You can delete cookies already stored on your computer; for example:
(a) in Internet Explorer (version 11), you must manually delete cookie files (you can find instructions for doing so at http://windows.microsoft.com/en-gb/internet-explorer/delete-manage-cookies#ie=ie-11);
(b) in Firefox (version 39), you can delete cookies by clicking “Tools”, “Options” and “Privacy”, then selecting “Use custom settings for history” from the drop-down menu, clicking “Show Cookies”, and then clicking “Remove All Cookies”; and
(c) in Chrome (version 44), you can delete all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Clear browsing data”, and then selecting “Cookies and other site and plug-in data” before clicking “Clear browsing data”.
13.11 Deleting cookies will have a negative impact on the usability of many websites.
14.
15. Our details
15.1 This website is owned and operated by Town City Cards LTD.
15.2 We are registered in England and Wales under registration number [number], and our registered office is 74 London Road, Bexhill, East Sussex

15.3 Our principal place of business is at 74 London Road, Bexhill, East Sussex.
15.4 You can contact us by writing to the business address given above, by using our website contact form, by email to hello@tiowncitycards.com or by telephone on 07904 780 809.

GDPR

Nature of work – Membership Club (Commercial)

Description of processing
The following is a broad description of the way this organisation/data controller processes personal information. To understand how your own personal information is processed you may need to refer to any personal communications you have received, check any privacy notices the organisation has provided or contact the organisation to ask about your personal circumstances.

Reasons/purposes for processing information
We process personal information to enable us to provide a service to our members, to promote our services, to maintain our own accounts and records.

Type/classes of information processed
We process information relevant to the above reasons/purposes. This may include:
• personal details
• membership details

We are registered members with ICO.org.uk

Who the information is processed about
We process personal information about:
• members
• Featured businesses

Who the information may be shared with
We sometimes need to share the personal information we process with the individual them self and also with other organisations. Where this is necessary we are required to comply with all aspects of the Data Protection Act (DPA). What follows is a description of the types of organisations we may need to share some of the personal information we process with for one or more reasons.

Where necessary or required we share information with:
• family, associates and representatives of the person whose personal information we are processing
• members and shareholders
• suppliers
• complainants and enquirers
• financial organisations
• educators and examining bodies
• employment and recruitment agencies
• debt collection and tracing agencies
• credit reference agencies
• central government

Privacy policy
1. Introduction
1.1 We are committed to safeguarding the privacy of our website visitors; in this policy we explain how we will treat your personal information.
1.2 By using our website and agreeing to this policy, you consent to our use of cookies in accordance with the terms of this policy.
2. Credit
2.1 This document was created using a template from SEQ Legal (http://www.seqlegal.com).
3. Collecting personal information
3.1 We may collect, store and use the following kinds of personal information:
(a) Information about your computer and about your visits to and use of this website (including [your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths]);] (b) [information that you provide to us when registering with our website (including [your email address]);] (c) [information that you provide when completing your profile on our website (including [your name, profile pictures, gender, date of birth,);] (d) [information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters (including [your name and email address]);] (e) [information that you provide to us when using the services on our website, or that is generated in the course of the use of those services (including [the timing, frequency and pattern of service use]);] (f) [information relating to any purchases you make of our [goods / services / goods and/or services] or any other transactions that you enter into through our website (including [your name, address, telephone number, email address);] (g) [information that you post to our website for publication on the internet (including [your user name, your profile pictures and the content of your posts]);] (h) [information contained in or relating to any communication that you send to us or send through our website (including [the communication content and metadata associated with the communication]);] (i) [any other personal information that you choose to send to us; and] (j) [[provide details of other personal information collected].] 3.2 Before you disclose to us the personal information of another person, you must obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with this policy.
4. Using personal information
4.1 Personal information submitted to us through our website will be used for the purposes specified in this policy or on the relevant pages of the website.
4.2 We may use your personal information to:
(a) [administer our website and business;] (b) [personalise our website for you;] (c) [enable your use of the services available on our website;] (d) [send you goods purchased through our website;] (e) [supply to you services purchased through our website;] (f) [send statements, invoices and payment reminders to you, and collect payments from you;] (g) [send you non-marketing commercial communications;] (h) [send you email notifications that you have specifically requested;] (i) [send you our email newsletter, if you have requested it (you can inform us at any time if you no longer require the newsletter);] (j) [send you marketing communications relating to our business [or the businesses of carefully-selected third parties] which we think may be of interest to you, by post or, where you have specifically agreed to this, by email or similar technology (you can inform us at any time if you no longer require marketing communications);] (k) [provide third parties with statistical information about our users (but those third parties will not be able to identify any individual user from that information);] (l) [deal with enquiries and complaints made by or about you relating to our website;] (m) [keep our website secure and prevent fraud;] (n) [verify compliance with the terms and conditions governing the use of our website [(including monitoring private messages sent through our website private messaging service)]; and] (o) [[other uses].] 4.3 If you submit personal information for publication on our website, we will publish and otherwise use that information in accordance with the licence you grant to us.
4.4 Your privacy settings can be used to limit the publication of your information on our website, and can be adjusted using privacy controls on the website.
4.5 We will not, without your express consent, supply your personal information to any third party for the purpose of their or any other third party’s direct marketing.
4.6 All our website financial transactions are handled through our payment services provider, paypal.com. You can review the provider’s privacy policy at paypal.com. We will share information with our payment services provider only to the extent necessary for the purposes of processing payments you make via our website, refunding such payments and dealing with complaints and queries relating to such payments and refunds.
5. Disclosing personal information
5.1 We may disclose your personal information to [any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors] insofar as reasonably necessary for the purposes set out in this policy.
5.2 We may disclose your personal information to any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes set out in this policy.
5.3 We may disclose your personal information:
(a) to the extent that we are required to do so by law;
(b) in connection with any ongoing or prospective legal proceedings;
(c) in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
(d) [to the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling; and] (e) [to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information.] 5.4 Except as provided in this policy, we will not provide your personal information to third parties.
6. International data transfers
6.1 Information that we collect may be stored and processed in and transferred between any of the countries in which we operate in order to enable us to use the information in accordance with this policy.
6.2 Information that we collect may be transferred to the following countries which do not have data protection laws equivalent to those in force in the European Economic Area: [the United States of America, Russia, Japan, China and India].
6.3 Personal information that you publish on our website or submit for publication on our website may be available, via the internet, around the world. We cannot prevent the use or misuse of such information by others.
6.4 You expressly agree to the transfers of personal information described in this Section 6.
7. Retaining personal information
7.1 This Section 7 sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal information.
7.2 Personal information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
7.3 Without prejudice to Section 7.2, we will usually delete personal data falling within the categories set out below at the date/time set out below:
(a) personal data type will be deleted 24 months after purchase.

7.4 Notwithstanding the other provisions of this Section 7, we will retain documents (including electronic documents) containing personal data:
(a) to the extent that we are required to do so by law;
(b) if we believe that the documents may be relevant to any ongoing or prospective legal proceedings; and
(c) in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
8. Security of personal information
8.1 We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
8.2 We will store all the personal information you provide on our secure (password- and firewall-protected) servers.
8.3 All electronic financial transactions entered into through our website will be protected by encryption technology.
8.4 You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
8.5 You are responsible for keeping the password you use for accessing our website confidential; we will not ask you for your password (except when you log in to our website).
9. Amendments
9.1 We may update this policy from time to time by publishing a new version on our website.
9.2 You should check this page occasionally to ensure you are happy with any changes to this policy.
9.3 We may notify you of changes to this policy [by email or through the private messaging system on our website].
10. Your rights
10.1 You may instruct us to provide you with any personal information we hold about you; provision of such information will be subject to:
(a) the payment of a fee (currently fixed at GBP 10); and
(b) the supply of appropriate evidence of your identity [(for this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address)].
10.2 We may withhold personal information that you request to the extent permitted by law.
10.3 You may instruct us at any time not to process your personal information for marketing purposes.
10.4 In practice, you will usually either expressly agree in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt out of the use of your personal information for marketing purposes.
11. Third party websites
11.1 Our website includes hyperlinks to, and details of, third party websites.
11.2 We have no control over, and are not responsible for, the privacy policies and practices of third parties.
12. Updating information
12.1 Please let us know if the personal information that we hold about you needs to be corrected or updated.
13. Cookies
13.1 Our website uses cookies.
13.2 A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
13.3 Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
13.4 Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
13.5 We use both session and persistent cookies on our website.
13.6 The names of the cookies that we use on our website, and the purposes for which they are used, are set out below:
(a) we use towncitycards.com on our website to [recognise a computer when a user visits the website / track users as they navigate the website / enable the use of a shopping cart on the website / improve the website’s usability / analyse the use of the website / administer the website / prevent fraud and improve the security of the website / personalise the website for each user / target advertisements which may be of particular interest to specific users
13.7 Most browsers allow you to refuse to accept cookies; for example:
(a) in Internet Explorer (version 11) you can block cookies using the cookie handling override settings available by clicking “Tools”, “Internet Options”, “Privacy” and then “Advanced”;
(b) in Firefox (version 39) you can block all cookies by clicking “Tools”, “Options”, “Privacy”, selecting “Use custom settings for history” from the drop-down menu, and unticking “Accept cookies from sites”; and
(c) in Chrome (version 44), you can block all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Content settings”, and then selecting “Block sites from setting any data” under the “Cookies” heading.
13.8 Blocking all cookies will have a negative impact upon the usability of many websites.
13.9 If you block cookies, you will not be able to use all the features on our website.
13.10 You can delete cookies already stored on your computer; for example:
(a) in Internet Explorer (version 11), you must manually delete cookie files (you can find instructions for doing so at http://windows.microsoft.com/en-gb/internet-explorer/delete-manage-cookies#ie=ie-11);
(b) in Firefox (version 39), you can delete cookies by clicking “Tools”, “Options” and “Privacy”, then selecting “Use custom settings for history” from the drop-down menu, clicking “Show Cookies”, and then clicking “Remove All Cookies”; and
(c) in Chrome (version 44), you can delete all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Clear browsing data”, and then selecting “Cookies and other site and plug-in data” before clicking “Clear browsing data”.
13.11 Deleting cookies will have a negative impact on the usability of many websites.
14.
15. Our details
15.1 This website is owned and operated by Town City CardsLTD.
15.2 We are registered in England and Wales under registration number [number], and our registered office is at 74 London Road, Bexhill, East Sussex
15.3 Our principal place of business is at74 London Road, Bexhill, East Sussex.
15.4 You can contact us by writing to the business address given above, by using our website contact form, by email to hello@tiowncitycards.com or by telephone on 07904 780 809.

GDPR

Nature of work – Membership Club (Commercial)

Description of processing
The following is a broad description of the way this organisation/data controller processes personal information. To understand how your own personal information is processed you may need to refer to any personal communications you have received, check any privacy notices the organisation has provided or contact the organisation to ask about your personal circumstances.

Reasons/purposes for processing information
We process personal information to enable us to provide a service to our members, to promote our services, to maintain our own accounts and records.

Type/classes of information processed
We process information relevant to the above reasons/purposes. This may include:
• personal details
• membership details

We are registered members with ICO.org.uk

Who the information is processed about
We process personal information about:
• members
• Featured businesses

Who the information may be shared with
We sometimes need to share the personal information we process with the individual them self and also with other organisations. Where this is necessary we are required to comply with all aspects of the Data Protection Act (DPA). What follows is a description of the types of organisations we may need to share some of the personal information we process with for one or more reasons.

Where necessary or required we share information with:
• family, associates and representatives of the person whose personal information we are processing
• members and shareholders
• suppliers
• complainants and enquirers
• financial organisations
• educators and examining bodies
• employment and recruitment agencies
• debt collection and tracing agencies
• credit reference agencies
• central government

Privacy policy
1. Introduction
1.1 We are committed to safeguarding the privacy of our website visitors; in this policy we explain how we will treat your personal information.
1.2 By using our website and agreeing to this policy, you consent to our use of cookies in accordance with the terms of this policy.
2. Credit
2.1 This document was created using a template from SEQ Legal (http://www.seqlegal.com).
3. Collecting personal information
3.1 We may collect, store and use the following kinds of personal information:
(a) Information about your computer and about your visits to and use of this website (including [your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths]);] (b) [information that you provide to us when registering with our website (including [your email address]);] (c) [information that you provide when completing your profile on our website (including [your name, profile pictures, gender, date of birth,);] (d) [information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters (including [your name and email address]);] (e) [information that you provide to us when using the services on our website, or that is generated in the course of the use of those services (including [the timing, frequency and pattern of service use]);] (f) [information relating to any purchases you make of our [goods / services / goods and/or services] or any other transactions that you enter into through our website (including [your name, address, telephone number, email address);] (g) [information that you post to our website for publication on the internet (including [your user name, your profile pictures and the content of your posts]);] (h) [information contained in or relating to any communication that you send to us or send through our website (including [the communication content and metadata associated with the communication]);] (i) [any other personal information that you choose to send to us; and] (j) [[provide details of other personal information collected].] 3.2 Before you disclose to us the personal information of another person, you must obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with this policy.
4. Using personal information
4.1 Personal information submitted to us through our website will be used for the purposes specified in this policy or on the relevant pages of the website.
4.2 We may use your personal information to:
(a) [administer our website and business;] (b) [personalise our website for you;] (c) [enable your use of the services available on our website;] (d) [send you goods purchased through our website;] (e) [supply to you services purchased through our website;] (f) [send statements, invoices and payment reminders to you, and collect payments from you;] (g) [send you non-marketing commercial communications;] (h) [send you email notifications that you have specifically requested;] (i) [send you our email newsletter, if you have requested it (you can inform us at any time if you no longer require the newsletter);] (j) [send you marketing communications relating to our business [or the businesses of carefully-selected third parties] which we think may be of interest to you, by post or, where you have specifically agreed to this, by email or similar technology (you can inform us at any time if you no longer require marketing communications);] (k) [provide third parties with statistical information about our users (but those third parties will not be able to identify any individual user from that information);] (l) [deal with enquiries and complaints made by or about you relating to our website;] (m) [keep our website secure and prevent fraud;] (n) [verify compliance with the terms and conditions governing the use of our website [(including monitoring private messages sent through our website private messaging service)]; and] (o) [[other uses].] 4.3 If you submit personal information for publication on our website, we will publish and otherwise use that information in accordance with the licence you grant to us.
4.4 Your privacy settings can be used to limit the publication of your information on our website, and can be adjusted using privacy controls on the website.
4.5 We will not, without your express consent, supply your personal information to any third party for the purpose of their or any other third party’s direct marketing.
4.6 All our website financial transactions are handled through our payment services provider, paypal.com. You can review the provider’s privacy policy at paypal.com. We will share information with our payment services provider only to the extent necessary for the purposes of processing payments you make via our website, refunding such payments and dealing with complaints and queries relating to such payments and refunds.
5. Disclosing personal information
5.1 We may disclose your personal information to [any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors] insofar as reasonably necessary for the purposes set out in this policy.
5.2 We may disclose your personal information to any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes set out in this policy.
5.3 We may disclose your personal information:
(a) to the extent that we are required to do so by law;
(b) in connection with any ongoing or prospective legal proceedings;
(c) in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
(d) [to the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling; and] (e) [to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information.] 5.4 Except as provided in this policy, we will not provide your personal information to third parties.
6. International data transfers
6.1 Information that we collect may be stored and processed in and transferred between any of the countries in which we operate in order to enable us to use the information in accordance with this policy.
6.2 Information that we collect may be transferred to the following countries which do not have data protection laws equivalent to those in force in the European Economic Area: [the United States of America, Russia, Japan, China and India].
6.3 Personal information that you publish on our website or submit for publication on our website may be available, via the internet, around the world. We cannot prevent the use or misuse of such information by others.
6.4 You expressly agree to the transfers of personal information described in this Section 6.
7. Retaining personal information
7.1 This Section 7 sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal information.
7.2 Personal information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
7.3 Without prejudice to Section 7.2, we will usually delete personal data falling within the categories set out below at the date/time set out below:
(a) personal data type will be deleted 24 months after purchase.

7.4 Notwithstanding the other provisions of this Section 7, we will retain documents (including electronic documents) containing personal data:
(a) to the extent that we are required to do so by law;
(b) if we believe that the documents may be relevant to any ongoing or prospective legal proceedings; and
(c) in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
8. Security of personal information
8.1 We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
8.2 We will store all the personal information you provide on our secure (password- and firewall-protected) servers.
8.3 All electronic financial transactions entered into through our website will be protected by encryption technology.
8.4 You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
8.5 You are responsible for keeping the password you use for accessing our website confidential; we will not ask you for your password (except when you log in to our website).
9. Amendments
9.1 We may update this policy from time to time by publishing a new version on our website.
9.2 You should check this page occasionally to ensure you are happy with any changes to this policy.
9.3 We may notify you of changes to this policy [by email or through the private messaging system on our website].
10. Your rights
10.1 You may instruct us to provide you with any personal information we hold about you; provision of such information will be subject to:
(a) the payment of a fee (currently fixed at GBP 10); and
(b) the supply of appropriate evidence of your identity [(for this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address)].
10.2 We may withhold personal information that you request to the extent permitted by law.
10.3 You may instruct us at any time not to process your personal information for marketing purposes.
10.4 In practice, you will usually either expressly agree in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt out of the use of your personal information for marketing purposes.
11. Third party websites
11.1 Our website includes hyperlinks to, and details of, third party websites.
11.2 We have no control over, and are not responsible for, the privacy policies and practices of third parties.
12. Updating information
12.1 Please let us know if the personal information that we hold about you needs to be corrected or updated.
13. Cookies
13.1 Our website uses cookies.
13.2 A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
13.3 Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
13.4 Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
13.5 We use both session and persistent cookies on our website.
13.6 The names of the cookies that we use on our website, and the purposes for which they are used, are set out below:
(a) we use towncitycards.com on our website to [recognise a computer when a user visits the website / track users as they navigate the website / enable the use of a shopping cart on the website / improve the website’s usability / analyse the use of the website / administer the website / prevent fraud and improve the security of the website / personalise the website for each user / target advertisements which may be of particular interest to specific users
13.7 Most browsers allow you to refuse to accept cookies; for example:
(a) in Internet Explorer (version 11) you can block cookies using the cookie handling override settings available by clicking “Tools”, “Internet Options”, “Privacy” and then “Advanced”;
(b) in Firefox (version 39) you can block all cookies by clicking “Tools”, “Options”, “Privacy”, selecting “Use custom settings for history” from the drop-down menu, and unticking “Accept cookies from sites”; and
(c) in Chrome (version 44), you can block all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Content settings”, and then selecting “Block sites from setting any data” under the “Cookies” heading.
13.8 Blocking all cookies will have a negative impact upon the usability of many websites.
13.9 If you block cookies, you will not be able to use all the features on our website.
13.10 You can delete cookies already stored on your computer; for example:
(a) in Internet Explorer (version 11), you must manually delete cookie files (you can find instructions for doing so at http://windows.microsoft.com/en-gb/internet-explorer/delete-manage-cookies#ie=ie-11);
(b) in Firefox (version 39), you can delete cookies by clicking “Tools”, “Options” and “Privacy”, then selecting “Use custom settings for history” from the drop-down menu, clicking “Show Cookies”, and then clicking “Remove All Cookies”; and
(c) in Chrome (version 44), you can delete all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Clear browsing data”, and then selecting “Cookies and other site and plug-in data” before clicking “Clear browsing data”.
13.11 Deleting cookies will have a negative impact on the usability of many websites.
14.
15. Our details
15.1 This website is owned and operated by Hastings & St Leonards Cards LTD.
15.2 We are registered in England and Wales under registration number [number], and our registered office is at 20 Havelock Road, Hastings East Sussex..
15.3 Our principal place of business is at 20 Havelock Road, Hastings East Sussex.
15.4 You can contact us by writing to the business address given above, by using our website contact form, by email to hello@tiowncitycards.com or by telephone on 07904 780 809.

GDPR

Nature of work – Membership Club (Commercial)

Description of processing
The following is a broad description of the way this organisation/data controller processes personal information. To understand how your own personal information is processed you may need to refer to any personal communications you have received, check any privacy notices the organisation has provided or contact the organisation to ask about your personal circumstances.

Reasons/purposes for processing information
We process personal information to enable us to provide a service to our members, to promote our services, to maintain our own accounts and records.

Type/classes of information processed
We process information relevant to the above reasons/purposes. This may include:
• personal details
• membership details

We are registered members with ICO.org.uk

Who the information is processed about
We process personal information about:
• members
• Featured businesses

Who the information may be shared with
We sometimes need to share the personal information we process with the individual them self and also with other organisations. Where this is necessary we are required to comply with all aspects of the Data Protection Act (DPA). What follows is a description of the types of organisations we may need to share some of the personal information we process with for one or more reasons.

Where necessary or required we share information with:
• family, associates and representatives of the person whose personal information we are processing
• members and shareholders
• suppliers
• complainants and enquirers
• financial organisations
• educators and examining bodies
• employment and recruitment agencies
• debt collection and tracing agencies
• credit reference agencies
• central government

Privacy policy
Introduction

The UK Government recently introduced the EU’s General Data Protection Regulation (GDPR) and will be ensuring compliance from May 25th 2018.

This means that EU residents have a greater say over how, why, what, where and when their personal data is used, processed, or disposed of. GDPR clarifies how personal data laws apply, even beyond the borders of the EU. This means that any organization that works with your personal data, irrespective of their location, has an obligation to protect your data.

Town City Cards LTD is dedicated to meet these obligations and is aware of the liability we have to ensure that all our suppliers meet GDPR mandates, regardless of their location.

Our Commitment

Over the years, we have demonstrated our commitment to data privacy and protection by meeting the industry standards for ISO 2001 : 2015. We have had a Data Protection Policy since 2013 and all our staff have signed their agreement to demonstrate their commitment to your privacy.

We recognize that GDPR will help us move towards the highest standards of operations in protecting your data and we commit to be ready for the big day on May 25th 2018.

In the unfortunate event of a data breach we commit to advise you within 72 working hours of our discovering the breach.

Town City Cards LTD are deemed to have “legitimate interest” in the activities of our membership and so we will continue to communicate with them.

When a Member advises us that they relinquish their membership we will remove them from our communication channels within 72 working hours. Their data will be deleted from our records after seven years.

Business Partners and Suppliers

To run Town City Cards LTD we use software provided by suppliers from across the globe. At present these include Open Office, Page, iMovie, Photoshop CS,, Google, Mailchimp, Mobile Applications, Eventbrite, Facebook, LinkedIn, Twitter, Instagram, WooCommerce, Themepunch Revolution Slider, Google Play. Apple App Store, iTunes Conect, Google Play Developer, Instagram, YouTube, Vimeo, WordPress, Tsohost.com, Paypal, When you purchase a Town City Cards we use your name, address & telephone number to dispatch your card. This data is deleted after 12 months.

All these suppliers have committed not to use your data for any other reason and will not pass it on to a third party.

We will ensure that all our suppliers commit to GDPR before May 25th and, should the needs of the business dictate that we change or add a supplier, we will ensure that any new supplier is also committed to observe GDPR.

How are we preparing for GDPR?

As you know, we are the largest town-based discount directory in the South East and we exist to promote our featured businesses. To do this we already ask you how you would like your data presented on our website and in our directory / diary. We also ask you for permission to use your image when photographs are taken at Town City Card events.

If you featured on Town City Cards you have legitimate interest in the Town City Card and we will continue to communicate with you while you remain a Member.

We have analysed GDPR requirements with the help of advisers from within the Town City Card and have put in place this GDPR Statement and Policy. We have carried out an Impact Assessment and we are deleting any data that does not need to be retained. (Financial data is retained for six years as required by HMRC.)

All data will be deleted within seven years of a member lapsing, termination of a supply agreement or a member of staff leaving the Company).

New staff will be GDPR trained on induction and training will be repeated for existing staff annually.

Identifying personal data
We have identified the minimum personal data we should request and retain and we undertake to dispose of any unnecessary data before May 25th. Data is collected from you online via our website and App, in written format, verbally over the telephone and face to face.
Data is held in various places depending on how you interact with us. This includes data held on hard copy, on our websites managed by PRG and Switchplane, on the Town City Card App, in Google documents, in Mailchimp, in Surveymonkey, on Eventbrite, on our Xero accounting system, on our Barclays, HSBC and Natwest approved supplier listings, at the Bank of England, on PayPal, in Woo`commerce, in WordPress, on YouTube, on Facebook, on Twitter, on Instagram, on Linkedin.
Providing visibility and transparency
The most important aspect of GDPR is how the collected data is used. We commit not to pass any data to a third party, other than those suppliers detailed above, without your permission. As Town City Cards we will provide details of data retained to any member, supplier, customer or member of staff on request in order to provide visibility and transparency. Requests for details of data held should be emailed to business@TownCityCards.com
Enhancing data integrity and security
Data privacy and data security are equally important. Bank and payment details taken for payment purposes are deleted or shredded immediately after use. All data kept in hard copy is under lock and key. Cloud based data is controlled by our suppliers as above.

Portability and transferability of data
GDPR gives you the right to either receive all the data provided and processed by Town City Cards or transfer it to another company depending on technical feasibility. The Chamber can provide such data on request in basic Microsoft formats.

What does this mean for our members, suppliers and staff?

Before May 25th we will be contacting our clients and supplier to ask them to confirm how we may use their data. Members are deemed to have legitimate interest in the Town City Cards and we will continue to communicate with them while they remain members.

We will be encrypting emails we send which contain personal data.

We can provide access to details of data held about you. Just email your request to business@towncitycards.com. We will delete your data within 72 working hours of receiving a verified request, just email us at this address. (With the exception of financial data which must be kept for six years.) We will delete your data automatically if it has not been used for six years.

Hard copy data is held in our office which is not open to the public.

We will perform data audits annually as part of our ISO quality management process.

Your rights under GDPR

The right to be informed what data is held about you and how it is held.
The right of access. Let us know what you want to know about your data by email to business@towncitycards.com and we will provide you with the information within 72 working hours.
The right to rectification. If we have incorrect personal data about you, email business@towncitycards.com and we commit to put it right within 72 working hours.
The right to erasure. If you would like us to remove data about you we will remove it immediately on receipt of an email from you to business@towncitycards.com This will exclude any financial data we are required to keep by law for six years.
The right to restrict processing. If you object to any data held about you, you have the right to restrict any further processing of that data.
The right to portability. We will provide any personal data held electronically to any third party on receipt of a written request from you. This right is designed to allow you to change a supplier and take your data with you. For example, if an optician holds your eye test data you are entitled to get them to pass it on to another optician if you choose to move your business.
The right to object. You can object at any time to any personal data we hold about you. Just email us the details to business@towncitycards.com and we will amend it or delete it within 72 working hours (subject to financial regulations and legal considerations).
The right to understand any automated decision making. Town City Cards LTD use automated decision making but where “the computer says no” at a different organisation you are entitled to justification of this decision.

GDPR privacy statements from our suppliers

Microsoft GDPR Statement

Google GDPR Statement
SurveyMonkey GDPR Statement

Mailchimp GDPR Statement

Facebook

LinkedIn

The Bank of England

Barclays Bank

Natwest Privacy Statement

HSBC Privacy Statement

Paypal Privacy Policy

WordPress GDPR Statement
Eventbrite GDPR Statement

Woocommerce

Themepunch

Google Web Fonts
For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.

For this purpose your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our plugin. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.

If your browser does not support web fonts, a standard font is used by your computer.

Further information about handling user data, can be found at https://developers.google.com/fonts/faq and in Google\’s privacy policy at https://www.google.com/policies/privacy/.

YouTube
Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.

If you\’re logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

YouTube is used to help make our website and app appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.

Further information about handling user data, can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy.

Vimeo
Our website uses features provided by the Vimeo video portal. This service is provided by Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.

If you visit one of our pages featuring a Vimeo plugin, a connection to the Vimeo servers is established. Here the Vimeo server is informed about which of our pages you have visited. In addition, Vimeo will receive your IP address. This also applies if you are not logged in to Vimeo when you visit our plugin or do not have a Vimeo account. The information is transmitted to a Vimeo server in the US, where it is stored.

If you are logged in to your Vimeo account, Vimeo allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your Vimeo account.

For more information on how to handle user data, please refer to the Vimeo Privacy Policy at https://vimeo.com/privacy.

SoundCloud
On our pages, plugins of the SoundCloud social network (SoundCloud Limited, Berners House, 47-48 Berners Street, London W1T 3NF, UK) may be integrated. The SoundCloud plugins can be recognized by the SoundCloud logo on our site.

When you visit our site, a direct connection between your browser and the SoundCloud server is established via the plugin. This enables SoundCloud to receive information that you have visited our site from your IP address. If you click on the “Like” or “Share” buttons while you are logged into your SoundCloud account, you can link the content of our pages to your SoundCloud profile. This means that SoundCloud can associate visits to our pages with your user account. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the data transmitted or how it will be used by SoundCloud. For more information on SoundCloud’s privacy policy, please go to https://soundcloud.com/pages/privacy.

If you do not want SoundCloud to associate your visit to our site with your SoundCloud account, please log out of your SoundCloud account.

2. Essential Grid Cookies
In case you’re using the “Cookie” feature in Essential Grid, EU Law requires that a notice be shown when Cookies are used. Here are some free Cookie Notice WordPress plugins you can use for this: https://wordpress.org/plugins/tags/eu-cookie-law
GDPR statements will be available from May 25th
on request for:

TownCityCards.com and the Town City Cards App

What should you do to be GDPR-ready?
If you are just getting started with GDPR compliance in your business, here’s a quick to-do list to bear in mind.

Create a data privacy team to oversee GDPR activities and raise awareness. If you are a sole trader you should consult with a solicitor, IT company and/or marketing company who have researched GDPR in detail. We can signpost you to businesses who have displayed a good understanding of GDPR.
Review your current security and privacy processes
Assess any third parties with whom you disclose data (suppliers, shareholders , clients) and revise your contracts with them to meet the requirements of the GDPR
Identify the Personally Identifiable Information (PII)/Personal data that is being collected
Analyse how this information is being processed, stored, retained and deleted
Establish procedures to respond to data subjects when they exercise their rights
Establish & conduct a Privacy Impact Assessment (PIA)
Create processes for data breach notification activities
Continuous employee awareness is vital to ensure continual compliance to the GDPR so create an ongoing induction and training plan

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close