Faulder Family Genealogy

16 December, 2018

Privacy Policy

Filed under: — David @ 1:54 pm

Who we are

Our website address is: https://www.faulder.org.uk/genealogy.

What personal data we collect and why we collect it

Personal data under GDPR relates to living people.

Comments

Comments are the main means by which visitors can submit information (including personal data) to the website

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

The information collected for span detection includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address…oh, and the comment itself, of course). How this is processed is summarised under “Automated Decision Making

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.  An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

Account Holders (very rare)

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Those with Access to Password Protected Resources

If you have been provided with a password and/or user name to access password protected resources (mainly the large family tree files and some research reports), these details are held on the server in an encrypted form. Issue of passwords and/or user names is managed by us and the details are known to us as well as you. If you have been provided with a password which you also use elsewhere, please request a replacement password.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Genealogical Data

The purpose of this site is to research and share genealogical data. This involves publishing data about people! This privacy policy relates to information about living people. Recital 27 of the EU General Data Protection Regulation (GDPR) – which has been incorporated into UK law – specifically states that the GDPR does not apply to the personal data of deceased persons.

Where people are known to be alive, genealogical data are restricted to data that are already in the public domain (such as reported in newspapers or on genealogical websites) or which has been volunteered by the individual for wider dissemination. Details relating to living individuals have been kept to a minimum.

Where possible branches of family trees have been truncated so as to not show the generation which still has living members.

Please let us know (with specific details) if you feel your privacy is adversely breached by any part of this site. If you wish to let us know on behalf of someone else, please make clear your relationship to them.

It should be noted that it is possible, using (often free) public access websites, to discover personal details such as peoples’ places of birth and mothers’ maiden names. Care should be exercised when using such details for passwords etc.

Aside: Not forming part of this policy:
When asked to provide “Your mother’s maiden name” or “Your date of Birth” etc. for “security purposes”, there is no need to provide truthful answers, just responses which you can remember.
So your mother’s maiden name could be “Tower of London”, and your date of birth could be “14 October 1066”; such answers cannot be looked up on genealogical sites and associated with you.
Please note, however, that some sites (such as financial ones) may use this information for identity validation, so saying you were born on the day of the Battle of Hastings is likely to fail validation! Other sites may ask for your date of birth (rather naively) to ensure that you are over the age of majority and accountable for your actions. The cleverer sites might doubt that you are accountable if you are over 1000 years old!

Analytics

This site does not collect any analytics data. However, the underlying web hosting accounts collect analytics data including the hostnames of sites that have accessed webpages on the server.

The “hostname” is usually in the form of an internet address corresponding to the ISP or hosting company concatenated with a string that is probably unique to a particular user at a point in time. Analysis of the raw underlying data may be able to associate a hostname with a specific commenter.

The analytics data is most used to identify usage patterns such as how many times specific pages are visited and to identify hosting errors (such as the dreaded 404 error). The raw data has been used before when the site was attacked in an attempt to take it off-line by using up the hosting bandwidth. As a result the hosting company as a whole was blocked.

Who we share your data with

Data is not shared in the sense of being bundled up and sold or transferred for monetary or in-kind gain.

Search engines indexing functions will “read” this site and incorporate data in their search indices. If you can see the data on the website, you can usually assume that it is visible to search engines.

Commenters’ details are passed to Gravitar and Comments are passed through Akismet anti-spam systems. See also Automated Decision Making and Comments for more details.

Genealogical data is “published” on this website and hence “shared” with any visitor. See the section on Genealogical Data.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

See “Who we share your data with“.

The third party systems referred to above are not necessarily within the EU or the UK.

Your contact information

Contact information is given on the main genealogy page. https://www.faulder.org.uk/genealogy/

Additional information

How we protect your data

“Your” data – as opposed to Genealogical Data is very restricted. All data is held on servers owned and managed by a UK based third party “hosting company”. These servers are subject to standard commercial level protections.

What data breach procedures we have in place

The hosting company above has a standard commercial duty to its customers to tell those customers of breaches that come to its attention. If a breach comes to our notice independently we would contact the hosting company and take their advice.

What third parties we receive data from

We don’t knowingly receive (as in voluntarily sent) personal data about living people through this website other than from those people or through information that they volunteer through comments.

The nature of Genealogical Research is to search for data about people. Data is therefore actively collated from a variety of sources, both on-line and off-line, public and private, free access and paid-for. This is done off-site.

This site is for publishing, sharing and soliciting such information.

What automated decision making and/or profiling we do with user data

This site uses spam detection services by Akismet which pre-process comments.

Akismet collect only the personal data needed to carry out its core function of protecting the site against comment spam. In the language of the GDPR, this is a “legitimate interest” use of that data.

The information collected includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address…oh, and the comment itself, of course).

We believe these operate by passing comments through software held on third party servers (possibly outside the UK or EU) before returning an indication of the spam status.

Akismet have short retention periods of between two weeks and ninety days for the vast majority of spam-related data, at which point it is automatically deleted from their databases. Anyone can opt-out of all long-term tracking for the very small subset of data they do keep longer by using their contact form.

Spam control plug-ins utilise software algorithms to automatically decide if a comment should be flagged as spam and stored in the “spam bin”.

The “spam bin” is periodically subject to a human review resulting in the spam being manually deleted or marked as not spam.

The plug-in silently discards the worst and most pervasive spam so it is never reviewed.

Industry regulatory disclosure requirements

Not applicable

No Comments »

No comments yet.

RSS feed for comments on this post.

Leave a comment

Powered by WordPress