WHAT ARE COOKIES?
A ‘cookie’ is a small text file that is delivered by our website server onto your computer whilst you visit our website, which can be used at a later time by the website to identify particular devices and thereby remember your website preferences and log in details.
Most cookies won’t collect information that identifies you, and will instead collect more general information such as how users arrive at and use our websites, or a user’s general location.
HOW WE COLLECT COOKIES
We collect your data automatically via cookies when you visit our website, in line with cookie settings in your browser and your customised cookie settings.
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration. This is statistical data about our users’ browsing actions and patterns which does not identify any individual.
THESE ARE THE COOKIES WE COLLECT
We use Google Analytics cookies to collect information about how visitors use our website. These cookies collect information in the aggregate to give us insight on how our website is being used.
Third Party Cookies
You may notice on some pages of our websites that cookies have been set that are not related to YLCAN. When you visit a page with content embedded from, for example, YouTube or Facebook, these third-party service providers may set their own cookies on your device. YLCAN does not control the use of these third-party cookies and cannot access them due to the way that cookies work, as cookies can only be accessed by the party who originally set them. Please check the third-party websites for more information about these cookies.
CAN A USER BLOCK COOKIES?
HOW TO ENABLE AND DISABLE COOKIES USING YOUR BROWSER
- Click the wrench icon on the browser toolbar
- Select Settings
- Click ‘Show advanced settings’
- In the “Privacy” section, click the ‘Content settings’ button
- To enable cookies in the “Cookies” section, pick ‘Allow local data to be set’, this will enable both first-party and third-party cookies. To allow only first-party cookies pick ‘Block all third-party cookies without exception’
- To disable cookies, in the “Cookies” section, pick ‘Block sites from setting any data’
- Note there are various levels of cookie enablement and disablement in Chrome. For more information on other cookie settings offered in Chrome, refer to the following page from Google: http://support.google.com/chrome/bin/answer.py?hl=en&answer=95647
Microsoft Internet Explorer 6.0, 7.0, 8.0
- Click on ‘Tools’ at the top of your browser window and select ‘Internet Options’
- In the options window navigate to the ‘Privacy’ tab
- To enable cookies: Set the slider to ‘Medium’ or below
- To disable cookies: Move the slider to the top to block all cookies
- Note there are various levels of cookie enablement and disablement in Explorer. For more information on other cookie settings offered in Internet Explorer, refer to the following page from Microsoft:http://windows.Microsoft.com/en-GB/windows-vista/Block-or-allow-cookies
- Click on ‘Tools’ at the browser menu and select ‘Options’
- Select the Privacy panel
- To enable cookies: Check ‘Accept cookies for sites’
- To disable cookies: Uncheck ‘Accept cookies for sites’
- Note there are various levels of cookie enablement and disablement in Firefox. For more information, refer to the following page from Mozilla:http://support.mozilla.org/en-US/kb/Enabling%20and%20disabling%20cookies
- Click on ‘Setting’ at the browser menu and select ‘Settings’
- Select ‘Quick Preferences’
- To enable cookies: check “Enable Cookies”
- To disable cookies: uncheck “Enable Cookies”
- Note there are various levels of cookie enablement and disablement in Opera. For more information on other cookie settings offered in Opera, refer to the following page from Opera SoRACware:opera.com/browser/tutorials/security/privacy/.
Safari on OSX
- Click on ‘Safari’ at the menu bar and select the ‘Preferences’ option
- Click on ‘Security’
- To enable cookies: In the ‘Accept cookies’ section select ‘Only from site you navigate to’
- To disable cookies: In the ‘Accept cookies’ section select ‘Never’
- Note there are various levels of cookie enablement and disablement in Safari. For more information on other cookie settings offered in Safari, refer to the following page from Apple: http://docs.info.apple.com/article.html?path=Safari/3.0/en/9277.html
- All other browsers
- Please look for a “help” function in the browser or contact the browser provider.
Changes to our Cookie Statement
Any changes we may make to our Cookie Statement in the future will be posted on this page.
Address: YMCA London City and North, 10 Errol Street, London, EC1Y 8SE
Our website is www.ymcanlcan.org and is owned and operated by YMCA London City and North.
When you donate, register online, buy merchandise from us, take part in a sponsored event, contact us or interact with us in any other way, YMCA London City and North may receive personal information about you, such as your name, address, telephone number, email address, debit/credit card or direct debit details.
Under the Act and the GDPR, personal data is defined as ‘any information relating to an identified or identifiable natural person (‘data subject’), by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person’.
THE DATA CONTROLLER
A data controller is the individual or legal person who controls and is responsible to keep and use personal data in paper or electronic files. YMCA North London is the data controller as defined by relevant data protection laws and regulation.
The lawful bases for processing are set out in Article 6 of the GDPR. At least one of these must apply whenever personal data is to be processed:
(a) Consent: you have given your freely, specific, informed and unambiguous consent for your personal data to be processed for a specific purpose.
(b) Contract performance: the processing is necessary for the performance of a contract you have with YMCA London City and North, which had asked you to take specific steps before entering into a contract.
(c) Compliance with legal obligation: the processing is necessary for YMCA London City and North to comply with the law for tax, social security, employment purposes (not including contractual obligations).
(d) Protection of vital interests: the processing is vital to an individual’s survival.
(e) Public interest: the processing is necessary for YMCA London City and North to perform a task that is in the public interest or for its official functions, and the task or function has a clear basis in law.
(f) Legitimate interests: the processing is necessary for YMCA London City and North legitimate interests, or the legitimate interests of a third-party, unless there is a good reason to protect the individual’s personal data that overrides those legitimate interests.
Your data subject rights are listed below:
- the right of access.
- the right to rectification.
- the right to erasure or right to be forgotten.
- the right to restriction of processing.
- the right to be informed.
- the right to data portability.
- the right to object.
- the right not to be subject to a decision based solely on automated processing.
Under the Act and the GDPR, you may ask for a copy of the information we hold about you and you may request rectifications be made to this information if it is inaccurate or not up to date. Please contact us here.
PERSONAL DATA WE COLLECT
We collect data from our tenants, including name, date of birth, and the reference numbers given to us by the local authority.
We also collect children’s data, such as name, date of birth, details of their family members.
We may also collect Special Categories Data, as defined by Article 9 of the GDPR, including health data related to individuals using our fitness centres and the children who enrol in gymnastics and ballet classes.
We also collect employment related data from our employees together with their Disclosure and Barring Service Certificate which is described as Criminal Offence related data under Article 10 of the GDPR.
If you contact us, we may keep a record of that correspondence.
We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
HOW WE COLLECT YOUR PERSONAL DATA
There are a few ways in which we collect your data:
- When you interact with any of our website functions;
- When the local authority passes data to us;
- When you take part in a sponsored event;
- When you contact us; and
- When you apply to work with us.
HOW WE USE YOUR PERSONAL DATA
We will use your information in a number of ways, such as:
- processing a donation that you have made;
- processing an order for merchandise;
- sending you information about YMCA;
- sending you communication you have subscribed to; or
- responding to correspondence you have sent to us.
We will not contact you for marketing purposes unless you have given your express consent. You also have the right to advise us at any time if you no longer wish to receive any further communications from us that you might have consented to.
SHARING YOUR PERSONAL DATA
We may disclose your personal information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply any agreements, or to protect the rights, property, or safety of the organisation, or other individuals. This includes exchanging information with other companies and organisations for the purposes of safeguarding or other statutory regulations we have to comply with as well as those organisations with whom you and we have reciprocal agreements for providing services for education or professional development.
THIRD PARTY WEBSITES
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
PROTECTING YOUR PERSONAL DATA
The data that we collect from you will be processed at our servers in the UK. It may also be processed by organisations operating in the EEA that YMCA London City and North has instructed.
If personal data is transferred outside the UK or EEA to a country without a designated adequacy rating, YMCA London City and North will request the data subject’s consent before processing the data. Consent will not be sought where the processor’s Binding Corporate Rules, Standard Contractual Clauses or adhoc contractual clauses stipulate that the data will be processed in accordance with the GDPR.
SECURITY OF YOUR INFORMATION
To help protect the privacy of data and personally identifiable information you transmit through use of this our website, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees who need to know that information to provide benefits or services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information. We commit to taking appropriate disciplinary measures to enforce our employees’ privacy responsibilities.
HOW LONG WE STORE YOUR PERSONAL DATA FOR
We store your personal data in accordance with our data retention policy. This policy is reviewed and updated internally to ensure we do not store your data for longer than is necessary. We also review how and where we store any data to ensure that we meet our obligation to store data securely.
In addition, some of the data we hold may be subject to certain legal and regulatory obligations, which provide a minimum retention period for different types of data. The retention period varies depending on the data we hold.
For DSAR requests and employee email correspondence, we hold mailbox data for a period of 12 months after the departure of an employee, volunteer or other engagement. The data is then expunged.
Human Resource data on an employee, volunteer or contractor is held for 6 years from the end of employment, volunteering or other engagement, and is then expunged unless we are required by law to keep it for longer, or it is necessary for the individual or us in the context of any legal claim.
For further information on your rights and how to complain to the ICO, please refer to the ICO website https://ico.org.uk/concerns
Information Commissioner’s Office
Tel: 0303 123 1113 (local rate)