This policy explains how we, Ghost Fishing UK collect and use your information.
Who we are
When we say “we” or “us”, we mean the charity, Ghost Fishing UK, and all of it’s representatives. The data controller of Ghost Fishing UK is responsible for deciding how your data is used and ensuring it is private and secure.
The information we collect and why
We collect data from you from different places. We’ll only collect your information in line with relevant regulations and law and this may relate to any interaction you have with us , currently , or momin the past.
You are responsible for making sure you give accurate and up-to-date information. If you provide information on behalf of another person, you need to tell them how to find this privacy notice and make sure they agree to us using their information for the purposes set out in it.
From the contact forms on this website
If you send us a message via one of the contact forms on the website, this will send an email to one of us. The information you include in that message is considered to be information that you have directly given to us, and we will process it as outlined below.
From publicly available sources
We will sometimes try to find information about you via publically available sources. An example of this would be to look up your telephone number in order to contact you regarding something we considered very urgent.
From Paypal should you make purchases via the web shop
When you make purchases via the online store and you elect to pay using Paypal, then they will also collect details from you.
How we’ll use your information
We will use your data to respond to any enquiries you may make about our work, or to process your order for any product or services that you’ve requested.
If you’ve opted to join our newsletter we’ll contact you from time to time to keep you up to date on our work. You may opt out any time.
We use your information collected from the website to personalise your repeat visits to our website.
We will not share any of your information with any 3rd parties for marketing purposes.
In processing your order, we may send your details to, and also use information from credit reference agencies and fraud prevention agencies.
We’ll only use your information where we’re allowed to by law e.g. carrying out an agreement we have with you, fulfilling a legal obligation , because we have a legitimate business interest or where you agree to it.
Who we can share your information with
If you buy merchandise from us, for example a t-shirts, then your details may be given to the manufacturer in order to produce and ship your item.
Any website visitor comments you make may be checked through an automated spam detection service.
We will not share or sell your data with any other parties unless you agree to it.
How long we’ll keep your information
We’ll keep your information for as long as you have a relationship with us. After the relationship ends, we will keep it where we may need it for our legitimate purposes e.g. to help us respond to queries, complaints, legal matters or enquiries from regulatory bodies. This period will not be longer than seven years.
Transferring your information overseas
Your information may be transferred and stored overseas in countries outside the European Economic Area including some that may not have laws that provide the same level protection for personal information. When we do this, we’ll ensure it has an appropriate level of protection.
How we protect your data
Your data is stored in a number of ways.
Computers and hard drives
The majority of your data will be stored on computers, both laptop and desktop. All of these machines are password protected, and have encrypted drives to ensure that in the event of the machines being lost or stolen, the data is significantly more difficult to access. Portable hard drives that we use are password protected and encrypted.
Cloud based systems
Some of your data will be stored on cloud services such as Dropbox and iCloud. We are satisfied that the security of these systems meets suitable levels.
What data breach procedures we have in place
In the event of a data breach, we will write to you to inform you of the breach. The information will include the following:
- A summary of your breached data
- The time at which it was breached
- Our best understanding of how it was breached
We will also take steps to mitigate the effects of the breach. Should a computer be lost or stolen, for example, we are able to remotely delete the hard drives as soon as they appear on a computer network. Should criminal activity be the reason for the breach, then we will work with law enforcement bodies as appropriate. Should the breach occur through an online or cloud service (e.g. Dropbox, Shopify) then we will work with the relevant parties to reduce the effects as much as possible.
Your rights over your information
You have a number of rights relating to your information e.g. to see what we hold, to ask us to share it with another party, ask us to update incorrect or incomplete details, to object to or restrict processing of it, to make a complaint etc. You may also request that we delete any personal data that we may hold about you, but this does not include any data that we are obliged to keep for administrative, legal or security purposes.
How to Contact Us