This privacy policy sets out how exmouthfreemasons.org uses and protects any information that you give to us when you use this website.
exmouthfreemasons.org is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.
Cookie Statement | Managing and Disabling Cookies
1.0 Our core beliefs regarding user privacy and data protection
- User privacy and data protection are human rights
- We have a duty of care to the people within our data
- Data is a liability, it should only be collected and processed when absolutely necessary
- We loathe spam as much as you do!
- We will never sell, rent or otherwise distribute or make public your personal information
2.0 Relevant legislation
Along with our website and internal computer systems, this website is designed to comply with the following national and international legislation with regards to data protection and user privacy:
This site’s compliance with the above legislation, all of which are stringent in nature, means that this site is likely compliant with the data protection and user privacy legislation set out by many other countries and territories as well.
3.0 Personal information that this website collects and why we collect it
This website collects and uses personal information for the following reasons:
3.1 Site visitation tracking
Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.
Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. We consider Google to be a third party data processor (see section 5.0 below).
GA makes use of cookies, details of which can be found on Google’s developer guides. Our website uses the gtag.js implementation of GA.
So we don’t know who you are; just that somebody visited our site.
Disabling cookies (see section 11.1 below) on your internet browser will stop GA from tracking any part of your visit to pages within this website.
Or you can opt out if you wish.
3.2 Contact forms and email links
Should you choose to contact us using the contact form on our Contact page or an email link, none of the data that you supply will be passed to / be processed by any of the third party data processors defined in section 5.0. Instead, the data will be collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the internet. The email content is then decrypted by our local computers and devices.
3.3 Contact forms and SPAM protection
3.31 reCAPTCHA
We use the reCAPTCHA service provided by Google Inc. (Google) to protect your submissions via internet submission forms on this site. We consider Google to be a third party data processor (see section 5.0 below).
reCAPTCHA is used to check whether the data entered on our website (such as on a contact form) has been entered by a human, or by an automated program, or being (ab)used by spam bots. reCAPTCHA from Google helps protect websites from spam and abuse. This test can tell human and bots apart. It is easy for humans to solve, but hard for “bots” and other malicious software to figure out.
To do this, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the visitor has been on the website, or mouse movements made by the user). The data collected during the analysis will be forwarded to Google.
For this purpose, your input will be communicated to and used by Google. However, your IP address is previously truncated by Google within member states of the European Union or in other states which are party to the agreement on the European Economic Area and is, as such, anonymised. Only in exceptional cases is a full IP address transmitted to a Google server in the United States and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of this service. The IP address provided by reCaptcha from your browser shall not be merged with any other data from Google. By using the reCAPTCHA service, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
3.32 Akismet
4.0 Security
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
All traffic (transferral of files) between this website and your browser is encrypted and delivered over HTTPS. This site uses 256 bit TLS1.2 SSL (Secure Socket Layer data encryption) to encrypt data sent over the internet.
4.1 Additional security features:
- HTTP Security Headers: A Rating
- Strong password enforcement
- Brute Force attack protection
- Malware scanning
- Blacklist referral for known scammers / hackers
5.0 Our third party data processors
We use a third party (where listed below) to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out in section 2.0. These third parties when based in the USA are EU-U.S Privacy Shield compliant.
- Google (Privacy policy)
- Akismet (Privacy policy)
- Sub6 (Web Server Host)
6.0 About this Website’s Server
This website is hosted by Sub6, who have ISO27001 (Information Security Management) accreditation, within a UK data centre based in Manchester.
Key components of their ISO27001 environment include:
- Assessment of Risk
- Organisation of information security
- Physical and environmental security
- Access control
- Information security incident management
- Compliance
6.1 Security & features provided by our web host includes:
- Carrier Neutral – lowers latency and points of failure
- Tier 3 data centre with several Tier 4 features
- High levels of resiliency and redundancy
- Manned 24/7/365 on site
- 3.5MW of UPS conditioned power at 2N
- Back-up diesel generation (60 hours plus) at N+1
- Fire detection and suppression
- Integrated digital video camera surveillance throughout the exterior and interior
- Unified security-breach alarm with access monitoring
6.2 Web server log files
Our systems automatically gather some anonymous information about visitors, including IP addresses, browser type and version, language, referrers, and the times and dates of webpage visits. The data collected does not include personally identifiable information. It is used, as described above, for statistical analysis, to understand user behaviour, to administer the site, purposes of detecting and preventing fraud and unauthorised access and maintaining server security, for the likes of the distribution of malicious code, denial of services attacks and other cyber-attacks, by detecting unusual or suspicious activity.
When using this general data and information, exmouthfreemasons.org does not draw any conclusions about the data subject. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimise the content of our website, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. Therefore, exmouthfreemasons.org analyses anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our website, and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.
7.0 Data Breaches
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
8.0 Data Controller
The data controller of this website is:
Data Controller – exmouthfreemasons.org
The Masonic Hall
3 St Andrews Road
Exmouth
Devon
United Kingdom
EX8 1AP
8.1 You can contact us via:
- post at the above address
- web site contact form
data.controller@hall.exmouthfreemasons.org
9.0 Changes to our privacy policy
This privacy policy may change from time to time inline with legislation or industry developments. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes. Specific policy changes and updates are mentioned in the change log below.
9.1 Change log
- 27th February 2018 – Privacy policy instigated
- 28th December 2020 – Transition from EU-GDPR to UK-GDPR following likely Brexit on 31st December 2020
- 30th December 2022 – Privacy policy rechecked – no changes
- 30th December 2023 – Privacy policy rechecked – no changes
10.0 Links to External Web Sites
Our website has included, or may include, links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the website content or protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question. These links are included solely for the convenience of users and their presence does not constitute any endorsement.
11.0 Cookie Statement
As almost all websites do, this website uses a limited number of cookies to help provide you with the best experience we can. Cookies are small text files that are placed on your computer or mobile phone when you browse websites.
How we use cookies:
- Improve the speed/security of the site.
- Make our website function correctly.
- Anonymously track the use of the website pages
We do not use cookies to:
- Collect any personally identifiable information.
- Collect any sensitive information.
- Pass personally identifiable data to any third parties.
- Pass data to advertising or affiliate networks.
11.1 Managing and disabling cookies
Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:
11.2 Can I withdraw my consent?
If you wish to withdraw your consent at any time, you will need to delete your cookies using your internet browser settings (see section 11.1).
11.3 Your consent
By continuing to use our website, you are agreeing to our placing cookies on your computer in order to analyse the way you use our website. Please read this cookie statement (section 11.0, section 3.1 and section 3.3) carefully for more details about the cookie information we collect when you use this site.
If you do not wish to accept cookies in connection with your use of this website, you must either stop using our site or turn off your cookies in your web browser (see section 11.1).
12.0 Web Fonts
For the uniform display of fonts, this website uses so-called web fonts that are provided by Google. On retrieving a website your browser downloads the necessary web fonts to your browser cache in order to correctly display texts and fonts. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. It makes the internet faster as you only need to load a font once, with any website. If your browser does not support web fonts, your computer uses a standard font. We consider Google to be a third party data processor (see section 5.0 above).
13.0 Embedded Content
Sometimes this website may use YouTube and Vimeo videos, contents from the social networks Twitter, Facebook, Google Maps and in general, if needed, contents that can be embedded from other platforms. This site is unable to control the potential cookies produced by these third party sites, that is why we advise you to ask information directly to each third party to obtain a better control on these cookies.
We do not pass any personally identifiable information to these services.
Some useful links to the cookie policies of the above-mentioned third parties are listed below:
This type of service allows you to view content hosted on external platforms directly from the pages of this website and interact with them.
Video embedded into this website will not play automatically.
