Privacy Policy
Leicester & Leicestershire (“we,” “us,” or “our”) is committed to protecting and respecting your privacy. This Privacy Policy outlines how we collect, use, process, and protect your personal data when you interact with our website leicesterandleicestershire.com (the “Site”), in accordance with applicable data protection laws including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Commitment to Your Privacy and Data Protection
At Leicester & Leicestershire, your privacy is of paramount importance. We are dedicated to safeguarding the personal information entrusted to us and ensuring transparency around how your data is processed. We adopt industry best practices to protect your data and uphold your rights as provided under GDPR, CCPA, and other relevant legislation.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of leicesterandleicestershire.com and sets out how we handle personal data in our capacity as the data controller — that is, the entity responsible for determining the purposes and means of the processing of your personal data. This Policy applies when you visit our Site, submit information to us, or otherwise interact with our services.
If you have any questions relating to our processing activities or this policy, you can reach us at [email protected].
3. Categories of Data We Process
We collect and process various categories of personal data, either directly from you or automatically when you interact with our Site.
3.1 Usage Data
Includes information about how you use the Site, such as IP addresses, browser type and version, time-zone settings and location, pages visited, session information, and other diagnostic data.
3.2 Account Data
Includes identifying information that you provide when creating an account or subscribing to our services, such as your full name, email address, phone number, and postal address.
3.3 Profile Data
Includes your preferences, interests, behavior on the Site, past purchases, and user feedback or survey responses.
3.4 Communication Data
Includes any correspondence you send us, including support requests, inquiries, feedback, and interaction history with our teams.
3.5 Technical Data
Includes technical information such as device identifiers, system configuration data, operating system, network type, device model, and other device or platform-related information.
3.6 Transaction Data
Includes payment and transaction details, such as billing address, service history, order summaries, delivery instructions, and related financial data.
3.7 Preference Data
Includes your settings, consent preferences, opt-in/opt-out choices for newsletters and marketing communications, and details about your product and content interests.
4. Legal Bases for Data Processing
Under GDPR and similar frameworks, we rely on the following legal bases for processing your personal data:
– Performance of a Contract: When processing is necessary to fulfill a service or contract with you (e.g., account registration, transactions).
– Legitimate Interest: When we process your data to pursue our legitimate business interests provided these are not overridden by your rights.
– Consent: Where you have explicitly consented to certain uses of your data (e.g., for receiving marketing emails).
– Legal Obligation: When we are required to process data to comply with applicable legal or regulatory requirements.
5. Your Rights and How to Exercise Them
As a data subject under applicable legislation, you have the following rights:
– Right of Access: You may request access to personal data we hold about you.
– Right to Rectification: You can request correction of inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your data where legal or business bases for retaining it no longer exist.
– Right to Restrict Processing: You can ask us to suspend processing of your personal data in certain circumstances.
– Right to Data Portability: You may request to receive your personal data in a structured, commonly used, machine-readable format and to transfer it to another controller.
To exercise any of these rights, please contact us at [email protected]. We will respond in accordance with applicable law.
6. Security Measures
We implement comprehensive technical and organizational security protocols to safeguard your personal data, including:
– Encryption of data both in transit and at rest.
– Role-based access controls to safeguard internal data access.
– Multi-layered network and application security measures.
– Routine data backups with secure redundancy.
– Staff education and confidentiality agreements to promote data awareness and protection.
7. International Data Transfers
In cases where your personal data must be transferred beyond the European Economic Area (EEA) or outside your jurisdiction, we ensure compliance with applicable international data transfer rules. Such safeguards include the use of European Commission-approved Standard Contractual Clauses and compliance with regional adequacy decisions where relevant.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including any legal, accounting, or reporting obligations.
– Usage and Technical Data: Retained for up to 12 months for diagnostic and analytical purposes.
– Account and Profile Data: Retained for up to 6 years following account inactivity.
– Transaction Data: Held for 7 years to satisfy tax and financial record obligations.
– Communication and Preference Data: Held for as long as necessary to support service-related communication, not exceeding 2 years after the last interaction.
9. Cookie Policy
Leicester & Leicestershire uses cookies and similar tracking technologies to deliver optimal user experience and measure web traffic. These include:
– Essential Cookies: Required for basic functionality and Site security.
– Functional Cookies: Enhance user preferences (e.g., remembering login sessions).
– Performance & Analytics Cookies: Collect anonymized usage data for platform improvement.
– Advertising & Marketing Cookies: Track engagement with our content and support targeted communication (only if consented to).
10. Cookie Management and Compliance
You may manage your cookie preferences via your browser settings or through the cookie consent banner provided on leicesterandleicestershire.com. Where GDPR or CCPA applies, we will only load non-essential cookies after appropriate opt-in consent. You may withdraw consent at any time by updating your preferences through the Site’s cookie management feature.
11. Children’s Data Protection
leicesterandleicestershire.com is not intended for children under the age of 13. We do not knowingly collect or solicit personal data from anyone under this age. If we become aware that a child under 13 has submitted personal information, we will promptly delete such data and take appropriate steps to ensure no further collection occurs.
12. Policy Updates and Notification
We may revise this Privacy Policy from time to time to reflect legal, operational, or technological changes. Where significant changes affect your rights or the manner in which we process your data, we will provide direct notice when appropriate — for example, via email or prominently on the Site — and give you reasonable time to review such updates.
We encourage you to review this Privacy Policy periodically to remain informed of how your data is handled.
13. Contact Us
For questions, concerns, or to exercise your data rights, please contact us at:
Email: [email protected]
Website: leicesterandleicestershire.com
We take privacy matters seriously and are committed to ensuring your personal data is protected in accordance with applicable data protection legislation.
This Privacy Policy reflects Leicester & Leicestershire’s ongoing commitment to full compliance with the GDPR, CCPA, and related privacy frameworks. If you have any questions about this policy, or how your personal data is used, please do not hesitate to contact us at [email protected].
