Any information you send us, whether by a form or this site or directly by email will be used only for the purpose intended and not given or sold to third parties.
Statistics are collected by placing a cookie on your computer for general demographic purposes (eg. 100 people from England, 20 from the USA) but this is not used to identify individual users.
Our policy for the collection and processing of personal data is as follows:
- Data to be lawfully and transparently processed.
- Data only used for specific, relevant, necessary and legitimate purposes.
- Data to be kept up to date.
- Data to be kept only for the period required for processing
FdE ensures consent for any contact we may make that is not clearly covered by a legitimate purpose.
FdE electronic data is protected by:
- password for internal use
- firewall and anti-virus software
All paperwork is retained within an office in a private building.
External Data Storage
FdE CIC also uses
- an external mailing system run to store contact details (name, email address) of customers and those who have expressed an interest in receiving news and given consent – in order to send offers, recipes and news about ventures, which may be of interest. This provider undertakes through their Data Protection policies to store data securely, either in the UK, or in the USA under the conditions of the EU-U.S. Privacy Shield Framework.
- Dropbox to back up its Contact Databases
- our logistics suppliers’ intranet systems for storage of minimium data required for deliveries.
The FdE CIC websites use traffic log cookies to identify which pages are being used to improve our websites to be most relevant to our customers. We only use this information for statistical analysis purposes. Website users can choose to accept or decline cookies. The FdE CIC websites do not collect any additional personal data, except information sent via the Contact Us form.
Recording of Requests for Information or Erasure/Responses
When a request is received to provide personal data held by FdE on a data subject, (‘subject access request’) FdE will respond as soon as possible – and at least within 30 days with the data held on that person, record on a list of such requests the request, the date received, the response and date of response.
When a request is received to erase someone’s personal data, FdE will note the request on a list of such requests, to include the date of request, name of organisation (if applicable), initials of the person, action(s) taken, date(s), to remove their data from all records.
When a request is received for FdE to no longer contact a person, FdE will note the request on a list of such requests, include the date of the request, name of the organisation (if applicable), name of the person concerned and action taken, with date, to remove them from contact lists, including the FdE mailing system if applicable.
The mailing system may retain their details in such a way as to ensure that the contact is not emailed again from the system.
Action in the Event of a Data Breach
Should FdE become aware of loss of or unauthorised access to Personal Data held:
- the incident will be investigated by the person responsible for data protection, who will shall conduct a risk assessment regarding the data breach
- the need to inform the data subject(s) and organisations affected will be assessed, and if appropriate they will be notified as soon as practical
- if a crime is suspected the police will be notified as soon as practical
- steps will be taken to prevent similar loss or unauthorised access in future.
Queries or Requests for Information
If you have any queries on the above, or wish to know what personal information FdE holds relating to you, please contact the the person responsible for data protection, Ruth Ballestas, on firstname.lastname@example.org