At Greater Cambridge Shared Planning, we take your privacy and the security of your personal data seriously. So, we want to transparently explain how and why we gather, store, share and use your personal data - as well as outline the controls and choices you have around when and how you choose to share your personal data.
About this Notice
This Notice sets out the essential details relating to your personal data. The Notice applies to all services and any associated services.
From time to time, we may develop new or offer additional services. If the introduction of these new or additional services results in any change to the way we collect or process your personal data we will provide you with updated information.
The aim of this Notice is to:
ensure that you understand what personal data we collect about you, the reasons why we collect and use it, and who we share it with
explain the way we use the personal data that you share with us in order to give you a great experience when you are using our service
explain your rights and choices in relation to the personal data we collect and process about you and how we will protect your privacy
You may be aware that a new European Union law called the General Data Protection Regulation (GDPR) gives certain rights to individuals in relation to their personal data. As available and except as limited under applicable law, the rights afforded to individuals are:
Right of Access - the right to be informed of and request access to the personal data we process about you
Right to Rectification - the right to request that we amend or update your personal data where it is inaccurate or incomplete
Right to Erasure - the right to request that we delete your personal data
Right to Restrict - the right to request that we temporarily or permanently stop processing all or some of your personal data
Right to Object - the right, at any time, to object to us processing your personal data on grounds relating to your particular situation
the right to object to your personal data being processed for direct marketing purposes;
Right to Data Portability - the right to request a copy of your personal data in electronic format and the right to transmit that personal data for use in another party’s service
Right not to be subject to Automated Decision-making - the right to not be subject to a decision based solely on automated decision making, including profiling, where the decision would have a legal effect on you or produce a similarly significant effect.
How do we collect your personal data?
We collect your personal data in the following ways:
When you sign up for the Service - when you sign up we collect certain personal data so you can use the service such as your email address, birth date, gender
Personal data collected that enables us to provide you with additional features/functionality - from time to time, you also may provide us with additional personal data or give us your permission to collect additional personal data e.g. to provide you with more features or functionality.
From third parties - we will receive personal data about you and your activity from third parties, including advertisers and partners we work with in order to provide you with a service.
We use anonymised and aggregated information for purposes that include testing our IT systems, research, data analysis, creating marketing and promotion models, improving services, and developing new features and functions.
Data retention and deletion
We keep your personal data only as long as necessary for legitimate business purposes, such as maintaining the performance of the service, making data-driven business decisions about new features and offerings, complying with our legal obligations, and resolving disputes. We keep some of your personal data for as long as you are using the service.
Transfer to other countries
The GDPR imposes restrictions on the transfer of personal data outside the European Union, to third-party countries or international organisations, to ensure that the level of protection of individuals afforded by the GDPR is not undermined. (As with much of the GDPR, this strengthens and codifies the UK’s existing Data Protection legislation). The GDPR limits an organisation’s ability to transfer personal data outside the EU where this is based only on that body’s assessment of the adequacy of the protection afforded to the personal data. Ideally, transfers may be made where the European authorities have decided that a third country, a territory in that third country or an international organisation ensures adequate safeguards for the protection of data.
We may display advertisements from third parties and other content that links to third-party websites. We cannot control or be held responsible for third parties’ privacy practices and content. If you click on a third-party advertisement or link, please understand that you are leaving 3C Shared Services and any personal data you provide will not be covered by this Privacy Notice. Please read their Privacy Notice to find out how they collect and process your personal data.
Keeping your personal data safe
We are committed to protecting our users’ personal data. We implement appropriate technical and organisational measures to help protect the security of your personal data; however, please note that no system is ever completely secure. We have implemented various policies including pseudonymisation, encryption, access, and retention policies to guard against unauthorised access and unnecessary retention of personal data in our systems.
Your password protects your user account, so we encourage you to use a unique and strong password, limit access to your computer and browser, and log out appropriately.
Services are not directed to children under the age of 13 years. However, in some countries, stricter age limits may apply under local law.
We do not knowingly collect personal data from children under 13 years or under the applicable age limit (the “Age Limit”). If you are under the Age Limit, please do not use this Service, and do not provide any personal data to us. If you are a parent of a child under the Age Limit and become aware that your child has provided personal data, please contact us. If we learn that we have collected the personal data of a child under the age of 13 years, we will take reasonable steps to delete the personal data.
We may occasionally make changes to this Policy.
When we make material changes to this Policy, we’ll provide you with prominent notice as appropriate under the circumstances, e.g. by displaying a prominent notice or by sending you an email. We may notify you in advance.
Please, therefore, make sure you read any such notice carefully.
How to contact us
Thank you for reading our Privacy Notice. If you have any questions about this Notice, please contact our Data Protection Officer firstname.lastname@example.org.
What are cookies
See our cookie notice for further information on the cookies we use on this website.