Information We Request, Hold and Process
(The Group' hereinafter referred to is the Badham Family History Group)
The General Data Protection Regulation (GDPR) is an EU regulation that replaces the UK's Data Protection Act 1998 and the EU's 1995 Data Protection Directive. The GDPR became law on 25 May 2018 and most organisations that process the personal data of EU citizens will have to comply. Personal Data is any data that either itself or in conjunction with other data helps to identify a living individual.
If you reside in the European Union, you have the right under the GDPR to request from the Badham Family History Group details of, as well as rectification or erasure of, your personal data. You also have rights on data portability, the right to object to processing of your personal data, and the right to lodge a complaint with a supervisory authority. In the UK that authority is the Information Commissioner's Office (ICO), however we do ask you to approach us first for resolution of any problem (using the contact details that follow or available under the 'Group/Contact' menu link above). If you reside outside of the European Union, you may have similar rights under your local laws.
Our Website is not intended for children and we do not knowingly collect data relating to children.
The only information we require from users registering on the Website (and therefore joining the Badham Family History Group) is a full 'real' name (minimum Forename and Surname), a valid email address (essential to validate the registration process and to ward against unwarranted registrations and/or attacks, as well as enable access e.g. in the event of a lost password) and a nominated 'Username'. A member's username is the only identification used by (as well as seen by and available to) other members on the website.
At registration, there is an option to receive (via email) occasional notifications about new developments or other key points of interest affecting the Group or its website. This is via a subscription to to the 'Group Activity Update' Forum category and your email address is used for this purpose. Although encouraged, this is not required for registration/membership. However, if you choose to subscribe, you can easily withdraw your subscription at any time directly via your Profile or from within the Forum.
A requirement of the GDPR which is new to previous laws is to state the lawful basis that personal data is held and processed. The Group will rely on provided consent and the legitimate interests of the Group's activities. Since the introduction of the Regulation and in accordance with the permitted lawful bases, a member's consent must be provided for a registration for membership to proceed. Furthermore, we can confirm that the personal data held and processed is essential for the legitimate operation of the website, in that:
1. An email address is necessary to confirm the legitimacy of the registration application, complete the registration process, and facilitate any subsequent 'forgot login' process.
2. A 'real name' is necessary to help prevent bogus applications. It may also assist with confirming your identity in the event of a lost username or password.
As a result of changes to our procedures since the GDPR became law, a data subject's consent was requested at the registration stage to the holding and processing of an email address, within the very limited intended (and lawful) use.
With particular regard to the 'real name', it is a regrettable fact of life that genuine websites such as ours are under constant attack, with people either using fraudulent credentials to gain access through registration/membership, or by setting off automated programs ('bots') that try to achieve the same result without any human intervention. In order to help protect the integrity of the website as well as help preserve your privacy, we takes steps to moderate (i.e. 'vet') all applications to join the Group. Our experience is that it is not enough to ask prospective members to sign up to conditions and prove that they are not 'bots' (through what's known as a CAPTCHA device) so we ask you to provide your real name to help demonstrate you are genuine as well as offering some commitment to joining the Group. This does not appear anywhere on the website.
Data Subject Control
Another key requirement introduced by the GDPR is for the data subject (you) to have control over their personal data. Through the embedded facilities in the website, you have complete control over your personal data. You can see all the data held via your Profile. You can change your email address and 'real name'. You can also delete the data by using the 'Delete account and user profile' link after choosing to Edit your Profile. This will delete all data that's held that relates to you, but will also terminate your membership (so you will be 'forgotten'). However you can always re-join should you wish to at a later date by going through the registration process again. This process ensures that your personal data is only held for the time that you are a member of the Group.
We will never sell any of the above-mentioned information provided by any individual. Additionally, we will never share any of the above-mentioned information that has been provided without the explicit approval and agreement of that individual.
We will never send you any unsolicited material, e.g. in the way of advertising products or services. We may however send you occasional information directly or indirectly relating to any new features and updates to the information on the website. At registration you were asked whether you wished to receive these notifications via an occasional post being made to the Forum category 'Group Activity Update' – if you chose to agree you can withdraw your subscription to the Forum category at any time directly via your Profile or from within the Forum once you are logged into the site.
It should be noted that there are other ways in which personal data can be submitted to the website and therefore held in the website's database. This may be through entries in members' profiles or (e.g.) Forum posts or Private Messages. Through its standard procedures where they can operate (such as registration vetting and moderation of Forum posts), the Group will do everything in its power to protect members' personal data and identity. However, members will be expected to take care in this regard and must therefore ultimately be responsible for their own information. Members are advised to limit this information to ensure their identity is reasonably protected.
Once "joined" into the Group, we ask members to complete a brief "Member Profile" in order to provide any information they have on i) membership of (or interest or association with) Family Groups with the name Badham (or any of its variants), and ii) details of any intended, structured or ad hoc research they have undertaken (e.g. which could be of interest to others). This is not in any way intended to help identify the individual - members are advised to limit this information to ensure their identity is reasonably protected.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. This includes the operation of a 'Secure Sockets Layer' (with an appropriate Certificate) for most areas of the website. This effectively means that most communications between a user and the website (including all critical information, e.g. your logging-in details) are encrypted. This is signified by a 'closed padlock' (or equivalent) symbol that will show the presence of the encrypted state in most internet browser programs.
How we use "Cookies" etc
Cookie settings in Internet Explorer
Cookie settings in Firefox
Cookie settings in Chrome
Cookie settings in Safari web and iOS
You should be aware however that as with most other sites, if cookies are disabled some aspects of the site may not function and your overall experience may be affected or the site may operate unpredictably.
The Portal also makes use of "Google Analytics". Google use their own cookies, set when using their search engine, including to track where visitors originate from in terms of the country of origin (of their ISP) and how they "found" the site, including the search criteria used. This is very useful information for us as it allows us to improve aspects of the site, which we feel accords with the aims and objectives of the Badham Family History Group. Google Analytics cookies do not collect personal data. Google settings can also be changed and 'personalised' (including limited) by following links shown on the Google sites, although this may require registration. If you are unhappy about this aspect, Google provide an 'opt-out' browser plugin, of which details can be found HERE
Although a different aspect to cookies, once logged-in as a member a certain extent of "internal tracking" is undertaken, e.g. to identify most popular areas and articles, which is stored for a period within the website. However, this information is not used to identify an individual's use of the site and no information of this nature is written to a user’s computer.
If you want to know more about cookies and (specifically) the ones used on the website, click here: More About Cookies.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.