We take Data Protection seriously
The aims of Cyber Wales are:-
* To create an easily recognisable Brand that encapsulates all aspects of cyber security in Wales and acts as a mark of expertise, quality and clarity in a complex and rapidly changing area of life.
* To provide a single Portal where interested parties can find information about the plethora of cyber related activities that make up the Cyber Wales Ecosystem.
In order to achieve these aims, serve our members and run productive, enjoyable and safe events, we (the members involved in the organisation of Cyber Wales) need to gather, process and store some of your personal data as defined in the General Data Protection Regulation (GDPR).
We will take all reasonable measures to handle that information with respect, process and store it securely and be open and honest when we communicate with you about how we protect your rights to data protection.
What information do we collect about you?
We collect information about you when you join Cyber Wales, including:-
• Phone Number
• Email Address
What do we use the information for?
We use the information for the following purposes:-
• Administration of membership
• Distribution of email bulletins
• Co-ordination of events
Given that members of Cyber Wales and participants at Cyber Wales events will have provided their personal data for the purpose of being informed about and possibly being involved in Cyber Wales' activities, we believe that we have the right to process the personal data previously provided to satisfy those purposes and will rely on this “legitimate interest” as the legal basis for processing personal data until you ask us to stop. We will not process the personal data for any other purpose and we further believe that members reasonably expect us to process their data and communicate with them in this way.
We may share information about you with:-
• Staff at the venues we use (for security, dietary requirements, audio visual requirements etc.)
• Partners who may be co-organising an event
• Welsh Government (when communicating expressions of interest for Government events or initiatives)
Staff from these organisations may be in the UK or abroad. It is not possible to confirm who these 3rd parties will be in advance of collecting your data, however we will endeavor to inform you of all data sharing with service providers as soon as possible.
Your data may be processed by the following 3rd party Data Processors:-
• Mail Chimp (processing may take place in the USA)
• Eventbrite (processing may take place in the USA)
• Unlimited Web/Email Hosting (all processing takes place in the UK)
We will not knowingly share your information with anyone else or any other organisations unless of course we are required to do so by law. How will we handle your data?
Unless otherwise stated, we will be what’s known as the ‘Controller’ of the personal data you provide to us, this means we control what happens to the data in our possession.
We will treat your information with the same care and attention as we would expect our own personal data to be treated. This will include taking appropriate organisational and technical measures to protect your information while we are holding and processing it.
We will continue to hold and process your information until (unless we are legally required to continue):-
• You cancel your membership
• You ask us to stop processing your data
• You ask us to delete your data
We will protect your rights which, depending on the legal basis for the processing of the information, may include:-
• Your right to access your information – to ask what data we hold about you and provide you with a copy of that data
• Your right to object to the processing your some or all of your data for some or all of our purposes
• Your right to withdraw your consent to processing easily at any time
• Your right to have the your information deleted
• Your right to rectification of inaccuracies in the information we process
• Your right to be told about any automated decision making using your data
• Your right to have a human intervention in automated decision making
• Your right to complain to the ICO
Who should you talk to about the way we protect your information?
The person within the Clusters who is responsible for co-ordinating our data protection efforts and communicating with you and other organisations about data protection is:-
+44 (0)7753 573999
What functionality on our websites may also process your personal data?
The type of cookies used on most websites including www.cyberwales.net, www.southwalescyber.net and www.northwalescyber.net and can generally be put into 1 of 4 categories, based on the International Chamber of Commerce guide to cookie categories;
Strictly Necessary Cookies
These cookies are essential, as they enable you to move around the website and use its features, such as accessing secure areas. Without these cookies, services you've asked for can't be provided. These cookies don’t gather information about you that is used for marketing or remembering where you've been on the internet.
These cookies collect information about how you use a website, for example which pages you go to most often and if you get error messages from certain pages. These cookies don’t gather information that identifies you. All information these cookies collect is anonymous and is only used to improve how a website works. These cookies are not used to target you with online marketing. Without these cookies we can't learn how our website is performing and make relevant improvements that could better your browsing experience.
These cookies allow a website to remember choices you make (such as your user name, language or the region you're in) and tailor the website to provide enhanced features and content for you. For instance, a website may be able to provide you with local weather reports or traffic news. These cookies can also be used to remember changes you've made to text size, font and other parts of pages that you can customise. They may also be used to provide services you've asked for such as watching a video or commenting on a blog. The information these cookies collect may be anonymous and they cannot track your browsing activity on other websites. Without these cookies, a website cannot remember choices you've previously made or personalise your browsing experience.
These cookies are used to tailor marketing to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They remember that you have visited a website and this information may be shared with other organisations such as advertisers. Although these cookies can track your visits to other websites, they don’t usually know who you are. Without these cookies, online advertisements you encounter will be less relevant to you and your interests.
When you visit our websites, we collect web statistics concerning your visit which are stored in a log file. Log files allow us to record visitors’ use of the site as well as monitor site performance and address any errors. The web teams use analytics to record visitors’ use of the site and use this information to make changes to the layout of the website and to the information provided on the website. Log files do not contain any personal information and they are not used to identify any individual patterns of use of the site.
This statement only covers websites and data maintained by Cyber Wales and does not cover other data or websites linked to or associated with our websites.
CHANGES TO OUR PRIVACY STATEMENT
We may change our Privacy Statement from time to time in line with legislation and industry standards. We will not be explicitly notifying all website users about these changes and therefore recommend that you check this statement occasionally for any policy changes. Below is a change log of all revisions made.
25/05/2018 – Privacy Statement Created
29/02/2019 – Privacy Statement Reviewed
01/02/2020 – Privacy Statement Reviewed