Privacy Policy - UBAS Association

Who we are

The University of Birmingham Squadron Association (UBAS Association) comprises members past and present of the University of Birmingham Air Squadron (UBAS). We are a community association with the aim of hosting events for our members, and mentoring students currently on the Squadron.

Our website is accessible via www.UBAS.club and www.UBAS.uk.

Privacy Notice & Data Protection

By filling out forms on our website, registering an account, or providing us with your personal information in any other way, you agree to our collection, storage, and use of your data in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

How We Use Your Data
We will only use your personal information for the specific purposes outlined in this form and in accordance with our privacy policy. Your data will not be shared with third parties unless required by law or with your explicit consent.

Your Rights
You have the following rights regarding your personal data:

Right to Access: You may request access to the personal data we hold about you.
Right to Rectification: You can request correction of any inaccurate or incomplete data we hold about you.
Right to Erasure: You can request the deletion of your data under certain circumstances.
Right to Restriction of Processing: You can ask us to restrict how your data is processed in certain situations.
Right to Data Portability: You can request that your data be transferred to another service or provided to you in a structured, commonly used, and machine-readable format.
Right to Object: You have the right to object to our processing of your data in certain scenarios.
Right to Withdraw Consent: If we process your data based on your consent, you have the right to withdraw this consent at any time.

Data Retention
We will retain your personal data for as long as necessary to fulfil the purposes outlined in this form or as required by law.

Contact Us
If you have any concerns or wish to exercise any of your rights under the GDPR or the Data Protection Act, please contact us: commitee [at] ubas [dot] club. If you believe we have not addressed your concerns satisfactorily, you also have the right to lodge a complaint with the UK’s Information Commissioner’s Office (ICO) at www.ico.org.uk.

Cookies

If you leave a comment on our site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

What data is stored?

If you are visiting the website and do not have a registered account, only basic data is stored to prevent malign activity (i.e. spam protection). This includes your IP address and browser type, and prevents malicious actors from causing disruption to our services.
If you have an account on our website, details as to what data we store and who we share this data with are found below.

Who we share your data with

On registering with the UBAS Association, your data will be shared internally for the purposes of website administration, membership, and finance.
You are able to change the privacy settings on all of the information you provide, except for your full name which is visible to other members by default.
If you request a password reset, your IP address will be included in the reset email.

How long we retain your data

If you post any content on our website, the content and its metadata are retained indefinitely. You can request this data to be removed by contacting the site administrator.
For users that register on our website, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time. the website administrator can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have created content, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us.
You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Some content may be checked through an automated spam detection service to prevent malign activity.

Your Profile

When you register for our website, you will be asked to provide certain personal data for display on your profile. The “Name” field is required as well as public, and user profiles are only visible to other logged-in users. Other profile information is designated either required or optional, and has specific visibility settings that you are able to change in most cases.
User information provided during account registration can be modified or removed on the Profile > Edit panel. In most cases, users also have control over who is able to view a particular piece of profile content, limiting visibility on a field-by-field basis to friends, logged-in users, or administrators only. The website administrator can read and edit all profile data for all users.

Site Activity

Our website records certain user actions for those who are logged in, in the form of “activity” data. Activity includes updates and comments posted directly to activity streams, as well as descriptions of other actions performed while using the site, such as new friendships, profile updates, and content created on our website.
The content of activity items obey the same privacy rules as the contexts in which the activity items are created. For example, activity updates created in a user’s profile are visible to all logged-in users. The website administrator can view all activity items, regardless of context.
Activity items may be deleted at any time by users who created them. The site administrator can edit all activity items.

Personal Messages

The content of private messages are visible only to the sender and the recipients of the message. Site administrators are able to read all private messages in extremis, but private message content is never visible to other users or site visitors. Site administrators are able to delete the content of any message.

Contact us form

Our “Contact Us” form captures the IP Address for each submission to a Form, to prevent malign activity. Other personal data such as your name and email address is captured, so that we can return your enquiry.
When visitors or users submit a form we retain the data for 30 days. This can be longer if your enquiry is being actively pursued.
All collected data may be shown publicly if appropriate, and we send it to the Committee or Association to perform necessary actions based on its content.

Images and location data

If you upload images to our website, you should avoid uploading images with embedded location data (EXIF GPS) included. It is possible for visitors to download and extract any location data from images on the website. Find out how to remove EXIF data by clicking here.

Cookies

Our website will prompt you to decide which cookies you are happy to accept on your first visit. Read our Cookie Policy for the full details.

Embedded content from other websites

Pages on this site may include embedded content hosted externally (e.g. videos, images, articles, etc.).
Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Third Party Tools

We use Google reCAPTCHA for spam protection. Their privacy policy can be found here: https://policies.google.com/privacy?hl=en.
We use Akismet Spam for spam protection. Their privacy policy can be found here: https://automattic.com/privacy/.

If you have any questions about this privacy policy, please contact us (click here).

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
wordpress_test_cookie	session	This cookie is used to check if the cookies are enabled on the users' browser.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_K2CP83XZJE	2 years	This cookie is installed by Google Analytics.