1. What we collect.
We collect certain information or data about you when you use the Environmental Law Foundation website. Our storage of your personal data is governed by UK and EU laws, including the General Data Protection Regulation (GDPR).
- questions, queries or feedback you leave, including your email address if you contact us via this website;
- your email address and subscription preferences when you sign up to our email alerts, and how you use our emails – for example whether you open them and which links you click on;
- your IP address*, and details of which version of web browser you used;
*Your IP address is a number allocated to your computer (or group of computers in a house or office) by your internet service provider. It is unique but can change because your ISP allocates it to enable interaction between your computer and the internet. It will be different when, for example, you use the same computer to access the internet via different ISPs, such as when you use a laptop at home and then in a cafe.
2. Who can see your data
The data about you which we collect can be seen by authorised people at [name of your company] and at our website company, Blue Moon Creative (acting on our behalf). We and they use the data to:
- improve the site by monitoring how you use it
- gather feedback to improve our services, for example our email alerts
- respond to any feedback you send us, if you’ve asked us to
- send email alerts to you if you have requested them
- allow you to access our services and, where relevant, make transactions
- provide you with information about our services, if you want it.
Some information in the form of cookies (see ‘What we collect’ above) is shared with Google for the purposes of Google Analytics. This information is essentially anonymous, i.e. it is impossible for us or Blue Moon Creative to link Google Analytics data to identifiable individuals. If you have simultaneously volunteered additional information to Google (e.g. via its Chrome browser), it might be technically possible for Google to identify you, but we are not aware of this ever happening in relation to any user of our website.
3. Where your data is stored
Almost all of the data we hold about you is stored on secure servers within the European Economic Area (EEA). The one exception is information derived from cookies shared with Google and used for Google Analytics, which can be held by Google on servers with the EEA or the USA. All actions by Google in relation to the data of persons in the UK are subject to the GDPR. We use Google Analytics to see, in aggregate, how visitors use our website and thus how we might improve it. Google Analytics does not show any names, postal addresses or other information showing us, in itself, who individual visitors are.
By submitting your personal data, you agree to this.
4. When you sign up to our email alerts
We use the Mailchimp and Sharpspring delivery platform, managed by our in-house team, for our email alerts.
As a subscriber to our email alerts, we may contact you from time to time to ask for your feedback on how to improve our email alert service.
Sharpspring users only
For European customers, SharpSpring does transfer data outside of the EU. Data is mainly stored in U.S. data centers, and could be accessed by both U.S. and international resources working for SharpSpring during the course of the customer relationship. Each of these SharpSpring subsidiaries supporting our global customer base have entered into Standard Contractual Clause agreements with the EU subsidiary, which allows for the transfer of data to these counterparties under the Data Protection Directive.
Mailchimp users only – to be updated when Mailchimp provides further information
Mailchimp is part of the US company, The Rocket Science Group. All of its actions in relation to the personal data of persons with the EEA are governed by the GDPR and Mailchimp has confirmed to all UK customers that its storage of personal data complies with the GDPR.
5. Keeping your data secure
Sending information over the internet is generally not completely secure, and we cannot guarantee the security of your data while it is in transit.
Any data you send is at your own risk. We have procedures and security features in place to keep your data secure once we receive it.
6. Disclosing your information to others
We do not share your information with any other organisations for their marketing, market research or commercial purposes, and we do not pass on your details to other websites.
We do share, only for as long as necessary, some of your personal data with our website developers and operators, Blue Moon Creative. Blue Moon Creative does not share your data with others and only uses it when acting on our behalf. In the main, the only information which Blue Moon Creative holds for longer than 24 hours relates to cookies (please see previous sections).
7. How long we keep your data
We keep your data only for so long as it helps us to serve you and store it in as few places as possible. Thus, for example, if you sign up to an email news service, and later decide to unsubscribe, we transfer your email address to a list of those who specifically do not want to receive our news emails in future.
Should you enter a formal contract with us, necessary information about you will be securely stored within our accounts system and kept for so long as tax regulations require.
8. Deleting your data
You can instruct us to delete your personal information at any time, by emailing our Data Protection Officer here: [email address of your designated Data Protection Officer].
This will erase any identifiable personal information (such as your name and email address) that we have about you. And it will mean any data about how you’ve used our website (collected via cookies) will be made anonymous.
9. Seeing what information we have about you
You can get in touch to ask for a copy of that information. It costs £10 and – to reduce the likelihood of identify fraud – you will need to provide proof of identity.
To get in touch, please email [email address of your designated Data Protection Officer] or write to us at:
The Data Protection Officer [company name & physical address]
10. Zoom video conferences and webinars
ELF uses the Zoom platform for video conferences, one-to-one meetings and webinars. To register for and subsequently join an event, participants supply their name, organisation name and email address to Zoom. These are used to generate and send automated joining instructions. ELF will have access to registration data and attendee data. It will be used by Zoom to send reminders to you about the webinars you have signed up to. It will also be used by ELF to follow up with you after each event for which you either sign up and or attended. This data will be deleted by ELF from the Zoom platform within 30 days of the relevant event. Zoom’s legal and privacy notices can be found here. [https://zoom.us/privacy-and-legal]
11. Links to other websites
Our website, Environmental Law Foundation, may contain links to other websites.
Following a link to another website
Following a link to Environmental Law Foundation from another website
12. More information
To read more info on the General Protection Act please go here: