Data Protection and Privacy Policy

Who we are

We are Liverpool Astronomical Society, an organisation of amateur astronomers primarily based in and serving Liverpool, Merseyside (UK) and the surrounding areas. Our website address is: https://liverpoolas.org.


Some definitions

Member

“Member” in the context of this document means a person who pays a subscription fee to the Society, has been voted in as a Member according to the rules of the Society, etc.
People using the Society website are not necessarily Members of the Society.
Registering an account on the Society website does not make a person a Member of the Society.

Website Data

This refers to data supplied for the purposes of using the Society website – e.g. your username, e-mail address, IP address, etc.

Membership Data

This applies to data provided when you become a Member of the Society

Mailing List Data

This refers to data you provide when you sign up for our mailing list. Typically this will be your name and your e-mail address.

Anonymised Data

Anonymised data is data which has been stripped of any identifying features.

For example, a report stating that Mr. Rigsby, Miss Jones and Mr. Smith and Mr. Moore have joined the Society this week would not be anonymised, as those people can be identified.

Conversely, a report stating that four people had joined the Society this week would be anonymised.

Pseudonymised Data

Pseudonymised data is data which cannot be completely anonymised, or it would lose any meaning. Instead it is changed into a format which means it is still useful but is not immediately identifiable as belonging to any specific person.

For example, identifying data (such as a name) may be replaced with a pseudonym.


What personal data we collect and why we collect it

Website Data

Posts and Comments

When visitors make posts or leave comments on the site we collect the data provided and also meta-data such as the visitor’s IP address and browser user agent string, to help spam detection, DDOS prevention, etc.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

Data you provide on contact forms, e.g. your name and contact details, will be kept “in house” and will not be shared with anybody outside of the Society’s governing council without your express permission.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

For example, if a page contains an embedded YouTube video, it would be the same as if you had opened YouTube yourself.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Membership Data

If you are a member of the Society (rather than simply a registered user of the website) then your Membership data is used to manage and maintain your Society subscription, as well as to produce anonymised or pseudonymised reports at the end of the Session.

Mailing List Data

If you have signed up to our mailing list, we will use your data to inform you of Society news, interesting science related articles, upcoming events, etc. and for the purposes of producing anonymised or pseudonymised reports.

The Mailing List is operated via the MailChimp service and their privacy policy may be viewed at: https://mailchimp.com/legal/privacy/

Analytics

We use anonymised or pseudonymised versions of your data to produce reports such as:

  • How many people are Members of the Society.
  • How many visitors we have to pages on our website and which pages are more popular, etc.
  • Which mailings are more popular than others, and what percentage of people open them, etc.
  • To enable the Treasurer to determine the income from Membership subscription fees, expenditure on running costs (for example tea, coffee & milk at monthly meetings) etc.
  • To allow the Society council to make projections on expected membership numbers for the coming sessions, etc.

Who we share your data with

We do not share your personal data for any advertising purpose.
Your data will not be passed on to anybody who is not authorised to access it without your express permission in which case we will contact you first.
(See Your contact information below for an example of such a case.)


How long we retain your data

Website Data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

Other data (Membership, Mailing List, etc.)

We will not store your information for longer than necessary, unless obliged to do so for administrative, legal, or security purposes.


What rights you have over your data

You can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.


Where we send your data

Visitor posts, comments, IP addresses, e-mail addresses, etc. may be checked through one or more automated spam detection, anti-DDOS, etc. services.


Your contact information

Any contact information you provide to us will not be shared outside of the Society’s governing council without your express permission and even then it will be limited to the minimum number of people possible.

We would highly advise that you never share your contact information publicly (e.g. via a forum post) as we cannot protect it in this case.

If, for some reason, we wish to pass on your data to a third-party, we will contact you first – a real world example would be that on occasion, former Members of the Society wish to make contact with old friends who they have lost touch with, but who are still Members. In such a case, we would, on behalf of the person seeking to make contact, get in touch with the person/people they wish to contact, seeking permission to pass on the contact details. If this permission was not given, the contact details would not be passed along.


Additional information

How we protect your data

Electronic data is stored in password protected databases or files.
For data held online (e.g. Website Data) additional protection measures are in place such as anti-spam and anti-DDOS mechanisms.

Periodic backups of the electronic data are taken.

Data which is held on paper records is stored securely in a locked environment.

General Principles

As a registered charity and not-for-profit organisation that processes comparatively limited data it has been assessed that Liverpool Astronomical Society does not need to register with the Information Commissioner’s Office for Data Protection purposes. However, we accept our obligation to adhere to the principles of appropriate data protection. Having considered the stated criteria with respect to the possible requirement to appoint a Data Protection Officer it has been assessed that such an appointment is not required..

We process a comparatively limited a range of personal data and are committed to holding data in accordance with legal requirements. Our policy is to explain and be as transparent as possible about how we handle personal data.

What data breach procedures we have in place

If/when we become aware of a data breach, we will:

What third parties we receive data from

We may receive data from other services such as Social Media platforms (Facebook, Twitter, etc.) and from anti-spam, anti-DDOS, etc. services.

What automated decision making and/or profiling we do with user data

We may use your data to provide a better/customised visitor experience (e.g. location data for a local astronomical weather report, website profile data for customised colour schemes, etc.)


How to contact us

By e-mail: dataprotection@liverpoolas.org

By post:
Liverpool Astronomical Society
Leighton Observatory
Pex Hill,
Cronton,
WA8 5QW