Privacy Policy
1. Introduction
At South Wales Police RFC (“we”, “us”, or “our”), accessible at southwalespolicerfc.com, we are fully committed to protecting and respecting your privacy. This Privacy Policy describes how your personal data is collected, used, and safeguarded when you interact with our website and services. We uphold a privacy-first approach and are dedicated to complying with applicable data protection regulations, including the General Data Protection Regulation (GDPR) in the European Economic Area (EEA) and the California Consumer Privacy Act (CCPA) in the United States.
2. Scope of the Policy and Our Role as Data Controller
This Privacy Policy applies to all visitors, users, and others who access or use our website, services, or otherwise interact with us online through southwalespolicerfc.com. For the purposes of data protection law, we are the data controller with respect to the personal data that we collect and process.
3. Categories of Data We Process
We collect and process the following categories of personal data:
3.1. Usage Data
Information about how you use our website, such as your IP address, browser type and version, time zone setting, operating system, device information, and browsing patterns, including referral URLs and pages visited.
3.2. Account Data
If you create an account or register for a service or event, we may collect data such as your full name, postal address, email address, phone number, and login credentials.
3.3. Profile Data
Data derived from your preferences and behaviors on the site, including your interests, purchase history, interaction with site features, and event participation.
3.4. Communication Data
Information you provide when you correspond with us, including inquiries sent via forms or emails, as well as support-related correspondence and contact history.
3.5. Technical Data
Data related to the technology you use to access our services, such as device identifiers, technical diagnostics, error messages, and configuration settings.
3.6. Transaction Data
If you make purchases or donations, we may collect your payment card details (through a secure third-party processor), billing and shipping addresses, and transaction history.
3.7. Preference Data
Information regarding your preferences in receiving marketing from us and third parties, as well as your communication and product interest preferences.
4. Legal Bases for Processing
We process your personal data under the following legal bases, as permitted under GDPR and other applicable laws:
– Consent: Where you have explicitly given us permission (e.g., for marketing emails).
– Contract: Where processing is necessary for the performance of a contract with you or to take pre-contractual steps.
– Legal Obligation: Where processing is necessary for compliance with a legal or regulatory obligation.
– Legitimate Interests: Where it is in our legitimate interest to do so, provided that such interests are not overridden by your rights and interests (e.g., to monitor usage and improve our services).
5. Your Rights
Subject to applicable local laws, you have the following rights with respect to your personal data:
– Right of Access – Obtain confirmation of whether we process your data and receive a copy of the data we hold.
– Right to Rectification – Request correction of inaccurate or incomplete data.
– Right to Erasure – Request deletion of personal data where legally applicable.
– Right to Restrict Processing – Request temporary halting of data processing under certain circumstances.
– Right to Data Portability – Receive data in a structured, machine-readable format and transmit it to another controller.
– Right to Object – Object to processing based on our legitimate interests, including marketing profiling.
– Right to Withdraw Consent – Where processing is based on consent, you may withdraw this at any time.
You may exercise these rights by contacting us at [email protected].
6. Security Measures
We implement appropriate technical and organizational security measures to protect your personal data, including but not limited to:
– Encryption of data in transit and at rest;
– Secure access controls and authentication protocols;
– Regular data backups and secure storage;
– Ongoing staff data protection training and awareness;
– Internal incident response procedures.
7. International Data Transfers
Where we transfer your personal data outside the UK, EEA, or your jurisdiction, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission or other appropriate legal mechanisms. Any such transfers remain governed by this Privacy Policy and subject to legal protections.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
– Usage and Technical Data: up to 12 months for analytics and security purposes.
– Account, Profile, and Preference Data: retained while your account is active and for up to 6 years thereafter.
– Transaction and Communication Data: retained for up to 7 years to comply with tax, legal, and contractual obligations.
– Marketing Data: retained for as long as you remain subscribed and for an additional 12 months post-unsubscription.
Where legal obligations require longer retention periods, data may be retained accordingly.
9. Cookie Policy
Our website uses cookies and similar technologies to enhance your experience. Categories of cookies we use include:
– Essential Cookies – Necessary for website operations and core functionality.
– Functional Cookies – Enable enhanced features and personalization based on your preferences.
– Analytics Cookies – Help us understand user behavior and improve the site.
– Performance Cookies – Measure performance metrics to optimize site speed and responsiveness.
10. Cookie Management and Compliance
We provide a cookie consent banner for users visiting from GDPR and CCPA jurisdictions. You can manage cookie settings via your browser or by adjusting your preferences within the cookie banner. Under CCPA, California users may also exercise “Do Not Sell or Share My Personal Information” rights, which can be requested by contacting us.
11. Protection of Children’s Privacy
Our services are not directed to children under the age of 13. We do not knowingly collect or solicit personal data from anyone under 13. If we learn that a child under 13 has provided us with personal data, we will take steps to delete such information promptly. If you believe that a child may have provided us with personal data, please contact us at [email protected].
12. Policy Updates
We reserve the right to modify or update this Privacy Policy at any time. Material changes will be communicated prominently on southwalespolicerfc.com, and where applicable, via email. Your continued use of the site signifies agreement to the updated terms.
13. Contact Us
If you have any questions about this Privacy Policy, your personal data, or wish to exercise your rights, you may contact us at:
Email: [email protected]
Website: https://southwalespolicerfc.com
We are committed to ensuring your privacy rights are honored and protected at all times and strive to operate in full compliance with GDPR, CCPA, and all applicable data privacy legislation.