Who we are
All references to ‘we’, ‘our’, ‘us’, ‘the Society’ etc refer to the Leyton Orient Fans’ Society Ltd (trading as the Leyton Orient Fans’ Trust, or LOFT). Our website address is: https://leytonorientfanstrust.com.
Introduction
There are six data protection principles that we must, and do, comply with. The personal information we hold about you must be:
- Processed lawfully, fairly and in a transparent manner.
- Collected only for legitimate purposes that have been clearly explained to you and not further processed in a way that is incompatible with those purposes.
- Adequate, relevant and limited to what is necessary in relation to those purposes.
- Accurate and, where necessary, kept up to date.
- Kept in a form that permits your identification for no longer than is necessary for those purposes.
- Processed in a way that ensures appropriate security of the data.
The General Data Protection Regulation (GDPR) on data protection sets out a number of different reasons we may collect and process your personal data, including:
Consent
In specific situations, we can collect and process your data with your consent; for example, when you join the Society or sign up to receive email notifications. Where relevant, when collecting your personal data, we’ll make it clear to you which data is necessary in connection with a particular service.
We also need your personal data to comply with obligations imposed on the Society by its Rules (available on this website). For example, we need your postal address so that we can send you your membership card, and email address so that we can send you details of our Annual General Meeting, or other general meetings required for the functioning of the Society within its rules.
Legal compliance
We may be legally bound to collect and process your data. For example, if someone is involved in criminal activity or fraud, we may need to pass details to law enforcement.
Legitimate interest
We require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running the Society.
How we collect your personal data
There are a number of ways in which we may collect information about you, including, but not limited to:
- When you sign up as a member and provide your postal address, email address, telephone numbers and other contact information.
- When you email us/contact us through social media.
- When you sign up for email notification of website updates.
The type of personal data we collect
The data we may collect includes your name, your age, your email address, phone number, postal address, date of birth.
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
How, why and for how long we use your personal data
We use your data to provide you with appropriate information about the Society and our activities.
The data privacy law allows this as part of our constitutional obligations and legitimate interest in understanding our members and providing the highest levels of service.
We only keep your data for as long as is necessary for the purpose it was collected. In the case of data collected as part of your membership application, this means for a reasonable period beyond the length of time you remain a member in case of query.
Each of our email newsletters has a link to unsubscribe at the bottom should you wish to opt out.
Protection of your personal data
The security of your personal data is important, and we take care to handle and store it as best we can.
We do not store any bank or card details, no matter by which method you pay your membership.
We also regularly assess the safety of our electronic storage in line with industry standards.
Data processor
Data is processed by, or under the direction of, the secretary of the Society and by other, relevant, board members.
We will never share your data with third parties without your written consent.
Cookies
Our Site may place and access certain first-party cookies on your computer or device. First-party cookies are those placed directly by us and are used only by us. We use cookies to facilitate and improve your experience of our site, and to provide and improve our services.
You may view our full cookie policy by clicking on the ‘Your consent preferences for tracking technologies’ button, which overlays on all pages on this website.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Who we share your data with
If you request a password reset, your IP address will be included in the reset email.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where your data is sent
Visitor comments may be checked through an automated spam detection service.
Complaints
If you are at all unhappy about the handling of your data, initially please advise the Secretary of the Society. If they are unable to resolve your query or complaint, then you can send a complaint to the Information Commissioner’s Office by calling 0303 123 1113 or go online to www.ico.org.uk/concerns.
If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.